diff options
-rw-r--r-- | socketfuzzer.c | 6 | ||||
-rwxr-xr-x | socketfuzzer/honggfuzz_socketclient.py | 38 | ||||
-rw-r--r-- | socketfuzzer/unittest.sh | 2 |
3 files changed, 29 insertions, 17 deletions
diff --git a/socketfuzzer.c b/socketfuzzer.c index b039077a..14a5f246 100644 --- a/socketfuzzer.c +++ b/socketfuzzer.c @@ -124,8 +124,7 @@ bool setupSocketFuzzer(honggfuzz_t* run) { socklen_t t; struct sockaddr_un local, remote; char socketPath[512]; - // snprintf(socketPath, sizeof(socketPath), "/tmp/honggfuzz_socket.%i", getpid()); - snprintf(socketPath, sizeof(socketPath), "/tmp/honggfuzz_socket"); + snprintf(socketPath, sizeof(socketPath), "/tmp/honggfuzz_socket.%i", getpid()); if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) { perror("socket"); @@ -161,7 +160,6 @@ bool setupSocketFuzzer(honggfuzz_t* run) { void cleanupSocketFuzzer() { char socketPath[512]; - // snprintf(socketPath, sizeof(socketPath), "/tmp/honggfuzz_socket.%i", getpid()); - snprintf(socketPath, sizeof(socketPath), "/tmp/honggfuzz_socket"); + snprintf(socketPath, sizeof(socketPath), "/tmp/honggfuzz_socket.%i", getpid()); unlink(socketPath); } diff --git a/socketfuzzer/honggfuzz_socketclient.py b/socketfuzzer/honggfuzz_socketclient.py index 9c37b23e..8a7bf4bc 100755 --- a/socketfuzzer/honggfuzz_socketclient.py +++ b/socketfuzzer/honggfuzz_socketclient.py @@ -8,14 +8,17 @@ import random class HonggfuzzSocket: - def __init__(self): + def __init__(self, pid): self.sock = None + self.pid = pid - def connect(self, file): + def connect(self): self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) - server_address = file + server_address = "/tmp/honggfuzz_socket" + if self.pid is not None: + server_address += "." + str(self.pid) print( 'connecting to %s' % server_address) try: @@ -119,13 +122,13 @@ def sendResp(targetSocketRes, hfSocket): -def auto(): +def auto(pid): print "Auto" - hfSocket = HonggfuzzSocket() + hfSocket = HonggfuzzSocket(pid) targetSocket = TargetSocket() - hfSocket.connect("/tmp/honggfuzz_socket") + hfSocket.connect() print "" @@ -261,8 +264,8 @@ def auto(): return -def interactive(): - hfSocket = HonggfuzzSocket() +def interactive(pid): + hfSocket = HonggfuzzSocket(pid) targetSocket = TargetSocket() hfSocket.connect("/tmp/honggfuzz_socket") @@ -305,13 +308,24 @@ def interactive(): def main(): - if len(sys.argv) == 2: + mode = None + pid = None + + if len(sys.argv) >= 2: if sys.argv[1] == "auto": - auto() + mode = "auto" elif sys.argv[1] == "interactive": - interactive() + mode = "interactive" + + if len(sys.argv) >= 3: + pid = int(sys.argv[2]) else: - print "honggfuzz_socketclient.py [auto/interactive]" + print "honggfuzz_socketclient.py [auto/interactive] <pid>" + + if mode is "auto": + auto(pid) + elif mode is "interactive": + interactive(pid) main() diff --git a/socketfuzzer/unittest.sh b/socketfuzzer/unittest.sh index 8bd57ec5..9546d173 100644 --- a/socketfuzzer/unittest.sh +++ b/socketfuzzer/unittest.sh @@ -4,4 +4,4 @@ rm -rf HF_SANCOV/ HONGGFUZZ.REPORT.TXT SIGABR* HF.san* ../honggfuzz --keep_output --debug --sanitizers --sancov --stdin_input --threads 1 --verbose --logfile log.txt --socket_fuzzer -- ./vulnserver_cov & -python ./honggfuzz_socketclient.py auto +python ./honggfuzz_socketclient.py auto $! |