WIP: Contribution of Adversarial Packet Testing Functionality to PacketDrill #78
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Grammar extensions
Grammar ext
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request shows the changes we made to PacketDrill to support adversarial testing of Network Stacks.
Here are the significant files where changes were made
lexer.l, parser.y - Updated the Packetdrill grammer to support addition of mutation instructions (eg "{mut tcp data_offset 0x60}" says mutate the TCP data_offset field to 0x60)
fuzz_options.h, fuzz_options.c - Handles the creation of the fuzz_option struct that holds the mutation instruction defined in the Packetdrill script.
udp_packet.c, tcp_packet.c - Included the defined mutation instruction (if present) in the packet when creating a new packet struct.
fm_testing.c - Handles the mutation of the packet, following the defined mutation instruction. The actual mutation is implemented in a separate library that is loaded dynamically as a shared object file.
run.c - Added a perform_termination_handshake() function that sends a termination signal to the test target after each test, and waits for a response. This was necessary so the fuzzer can only start a new packetdrill test after it ensures the target has finished processing all packets of the current test.
run_packet.c - Added a send_test_complete_signal() function that generates and sends the termination signal.
logging.c - Created a die_free_so() function that frees the so_instance object before terminating a test. This is called when a test fails and informs the available so_instance to perform any cleanup operation it needs.
mutation-scripts directory - Contains sample Packetdrill with mutation instructions added.