[Google] session socket read fuzzing #18
Labels
Comments
|
I'm running on too little sleep, but I think I see what he's saying. I think he's trying to break up the state machine, so that after sending a "HELO" you close the connection and then try just a straight "MAIL FROM". I may be mis-reading though, I'm running on little to no sleep XD. |
|
You can already do this, but he's defining the blocks improperly. The pgraph stuff really helps with this, because you get to see what the order of connections will be. Invalid. |
jtpereyda
pushed a commit
to jtpereyda/sulley
that referenced
this issue
Nov 24, 2015
…-sel:udp-checksum-fuzz to develop UTs passing; seems to be basically working. * commit '600f05e7a2b6458ecd03488cba04ad4e1782cb22': FUZZ-5 Fixed pull request fix comments. FUZZ-5 Bug fixes for UDP checksum fuzzing. FUZZ-5 Checksum field is now mutating! FUZZ-5 after merging Size/Checksum fixes, the UDP checksum is a lot simpler. Working now! FUZZ-5 UDP work in progress. The recursion+callback method in Checksum is getting too convoluted. We may need to step back and refactor. FUZZ-5 Wrote design for UDP Checksum in Sulley.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Just learning sulley, so if this is already taken care of I apologize.
When defining a session it would be nice to have the option to specify if a
socket read should occur.
Example:
sess.connect(s_get("helo"))
sess.connect(s_get("helo"), s_get("mail from"))
When moving between the 'helo' request and 'mail from' request we should
try not reading from the socket and closing the connection.
From my understanding by reading the documentation a session is always
followed from start to end of the request graph. Part of this socket read
fuzzing would be to stop the session between requests and close the socket
without reading.
This would catch sig pipe issues in server processes.
The text was updated successfully, but these errors were encountered: