-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
fuzz.go
61 lines (53 loc) · 1.31 KB
/
fuzz.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package sevaluator
import (
"context"
"github.com/mtnmunuklu/logen/sigma"
)
const testRule = `
id: TEST_RULE
detection:
a:
Foo|contains: bar
b:
Bar|endswith: baz
condition: a and b
`
const testConfig = `
title: Test
logsources:
test:
product: test
fieldmappings:
Foo: $.foo
Bar: $.foobar.baz
`
// Declare variables for the rule and configuration
var rule sigma.Rule
var config sigma.Config
// Initialization function that parses the test rule and configuration
func init() {
// Parse the test rule
var err error
rule, err = sigma.ParseRule([]byte(testRule))
if err != nil {
panic(err)
}
// Parse the test configuration
config, err = sigma.ParseConfig([]byte(testConfig))
if err != nil {
panic(err)
}
}
// Fuzz function that checks if a given input byte slice can trigger an alteration to the system
func FuzzRuleMatches(data []byte) int {
// Create a rule object and pass in the parsed rule and configuration
r := ForRule(rule, WithConfig(config))
// Call the Alters() method on the rule object with a background context
_, err := r.Alters(context.Background())
// If an error occurs, return 0 to indicate that the input did not trigger an alteration
if err != nil {
return 0
}
// If no error occurs, return 1 to indicate that the input did trigger an alteration
return 1
}