Update test-fuzzed-cap.sh:
- support testing multiple files at once - use tools/test-common.sh to make sure we have the most up-to-date environment variables set (the old version was missing the WMEM_ one for example) - rename to test-captures.sh since it works just fine on non-fuzzed files svn path=/trunk/; revision=49412
This commit is contained in:
parent
d560c14cae
commit
7d63573632
|
@ -0,0 +1,66 @@
|
|||
#!/bin/bash
|
||||
|
||||
# A little script to run tshark on capture file[s] (potentially ones that
|
||||
# failed fuzz testing). Useful because it sets up ulimits and other environment
|
||||
# variables for you to ensure things like misused ephemeral memory are caught.
|
||||
# (I'm writing this after having my machine hang up for like 15 minutes because
|
||||
# I wasn't paying attention while tshark was running on a fuzzed capture and
|
||||
# it used all my RAM + swap--which was pretty painful.)
|
||||
#
|
||||
# Copyright 2012 Jeff Morriss <jeff.morriss.ws [AT] gmail.com>
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
# Wireshark - Network traffic analyzer
|
||||
# By Gerald Combs <gerald@wireshark.org>
|
||||
# Copyright 1998 Gerald Combs
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License
|
||||
# as published by the Free Software Foundation; either version 2
|
||||
# of the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
|
||||
if [ $# -lt 1 ]
|
||||
then
|
||||
printf "Usage: $0 /path/to/file[s].pcap\n"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
TEST_TYPE="manual"
|
||||
. `dirname $0`/test-common.sh
|
||||
|
||||
# set some limits to the child processes, e.g. stop it if it's running longer then MAX_CPU_TIME seconds
|
||||
# (ulimit is not supported well on cygwin and probably other platforms, e.g. cygwin shows some warnings)
|
||||
ulimit -S -t $MAX_CPU_TIME -v $MAX_VMEM
|
||||
# Allow core files to be generated
|
||||
ulimit -c unlimited
|
||||
|
||||
for file in "$@"
|
||||
do
|
||||
echo "Testing file $file..."
|
||||
echo -n " - with tree... "
|
||||
if $BIN_DIR/tshark -nVxr $file > /dev/null
|
||||
then
|
||||
echo "OK"
|
||||
echo -n " - without tree... "
|
||||
if $BIN_DIR/tshark -nr $file > /dev/null
|
||||
then
|
||||
echo "OK"
|
||||
else
|
||||
echo "Failed"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo "Failed"
|
||||
exit 1
|
||||
fi
|
||||
done
|
|
@ -1,104 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# A little script to run tshark on a capture file that failed fuzz testing.
|
||||
# Useful because it sets up ulimits for you. (I'm writing this after having
|
||||
# my machine hang up for like 15 minutes because I wasn't paying attention
|
||||
# while tshark was running on a fuzzed capture and it used all my RAM +
|
||||
# swap--which was pretty painful.)
|
||||
#
|
||||
# Copyright 2012 Jeff Morriss <jeff.morriss.ws [AT] gmail.com>
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
# Wireshark - Network traffic analyzer
|
||||
# By Gerald Combs <gerald@wireshark.org>
|
||||
# Copyright 1998 Gerald Combs
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License
|
||||
# as published by the Free Software Foundation; either version 2
|
||||
# of the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
|
||||
if [ $# -ne 1 ]
|
||||
then
|
||||
printf "Usage: $0 /path/to/file.pcap\n"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Directory containing tshark. Default current directory.
|
||||
BIN_DIR=.
|
||||
|
||||
# These may be set to your liking
|
||||
# Stop the child process, if it's running longer than x seconds
|
||||
MAX_CPU_TIME=900
|
||||
# Stop the child process, if it's using more than y * 1024 bytes
|
||||
MAX_VMEM=500000
|
||||
|
||||
# set some limits to the child processes, e.g. stop it if it's running longer then MAX_CPU_TIME seconds
|
||||
# (ulimit is not supported well on cygwin and probably other platforms, e.g. cygwin shows some warnings)
|
||||
ulimit -S -t $MAX_CPU_TIME -v $MAX_VMEM
|
||||
# Allow core files to be generated
|
||||
ulimit -c unlimited
|
||||
|
||||
if [ "$BIN_DIR" = "." ]; then
|
||||
export WIRESHARK_RUN_FROM_BUILD_DIRECTORY=
|
||||
fi
|
||||
|
||||
##############################################################################
|
||||
### Set up environment variables for fuzz testing ###
|
||||
##############################################################################
|
||||
# Initialize (ep_ and se_) allocated memory to 0xBADDCAFE and freed memory
|
||||
# to 0xDEADBEEF
|
||||
export WIRESHARK_DEBUG_SCRUB_MEMORY=
|
||||
# Use canaries in se_ allocations (off by default due to the memory usage)
|
||||
export WIRESHARK_DEBUG_SE_USE_CANARY=
|
||||
# Verify that ep_ and se_ allocated memory is not passed to certain routines
|
||||
# which need the memory to be persistent.
|
||||
export WIRESHARK_EP_VERIFY_POINTERS=
|
||||
export WIRESHARK_SE_VERIFY_POINTERS=
|
||||
|
||||
# abort instead of giving a nice error message
|
||||
export WIRESHARK_ABORT_ON_OUT_OF_MEMORY=
|
||||
|
||||
# Call abort() on dissector bugs to make it easier to get a stack trace
|
||||
export WIRESHARK_ABORT_ON_DISSECTOR_BUG=
|
||||
|
||||
# Turn on GLib memory debugging (since 2.13)
|
||||
export G_SLICE=debug-blocks
|
||||
# Cause glibc (Linux) to abort() if some memory errors are found
|
||||
export MALLOC_CHECK_=3
|
||||
# Cause FreeBSD (and other BSDs) to abort() on allocator warnings and
|
||||
# initialize allocated memory (to 0xa5) and freed memory (to 0x5a). see:
|
||||
# http://www.freebsd.org/cgi/man.cgi?query=malloc&apropos=0&sektion=0&manpath=FreeBSD+8.2-RELEASE&format=html
|
||||
export MALLOC_OPTIONS=AJ
|
||||
|
||||
# MacOS options; see http://developer.apple.com/library/mac/releasenotes/DeveloperTools/RN-MallocOptions/_index.html
|
||||
# Initialize allocated memory to 0xAA and freed memory to 0x55
|
||||
export MallocPreScribble=1
|
||||
export MallocScribble=1
|
||||
# Add guard pages before and after large allocations
|
||||
export MallocGuardEdges=1
|
||||
# Call abort() if heap corruption is detected. Heap is checked every 1000
|
||||
# allocations (may need to be tuned!)
|
||||
export MallocCheckHeapStart=1000
|
||||
export MallocCheckHeapEach=1000
|
||||
export MallocCheckHeapAbort=1
|
||||
# Call abort() if an illegal free() call is made
|
||||
export MallocBadFreeAbort=1
|
||||
|
||||
if $BIN_DIR/tshark -nVxr $1 > /dev/null
|
||||
then
|
||||
echo
|
||||
echo "* * Trying again without building tree * *"
|
||||
echo
|
||||
$BIN_DIR/tshark -nr $1 > /dev/null
|
||||
fi
|
Loading…
Reference in New Issue