From owner-p4-projects@FreeBSD.ORG Fri Jul 16 12:27:33 2010 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 6FC331065678; Fri, 16 Jul 2010 12:27:33 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 33F611065674 for ; Fri, 16 Jul 2010 12:27:33 +0000 (UTC) (envelope-from gsilva@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 21F778FC18 for ; Fri, 16 Jul 2010 12:27:33 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o6GCRXsD029878 for ; Fri, 16 Jul 2010 12:27:33 GMT (envelope-from gsilva@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o6GCRWDn029876 for perforce@freebsd.org; Fri, 16 Jul 2010 12:27:33 GMT (envelope-from gsilva@FreeBSD.org) Date: Fri, 16 Jul 2010 12:27:33 GMT Message-Id: <201007161227.o6GCRWDn029876@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to gsilva@FreeBSD.org using -f From: Gabriel Silva To: Perforce Change Reviews Precedence: bulk Cc: Subject: PERFORCE change 181048 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jul 2010 12:27:33 -0000 http://p4web.freebsd.org/@@181048?ac=10 Change 181048 by gsilva@gsilva on 2010/07/16 12:27:10 Moved the field generation methods from Fuzzer to Generator class. Created a Frame class that knows how to generate itself. Affected files ... .. //depot/projects/soc2010/gsilva_80211fuzz/src/tools/tools/net80211/80211fuzz/fuzzer.py#5 edit Differences ... ==== //depot/projects/soc2010/gsilva_80211fuzz/src/tools/tools/net80211/80211fuzz/fuzzer.py#5 (text+ko) ==== @@ -12,36 +12,18 @@ from pcs.packets import ieee80211 from optparse import OptionParser -class Fuzzer: +class Generator: """ - The main fuzzer class + The Generator class """ - def __init__(self, interface, channel, state, type, dump): - """initialize the fuzzer""" - self.interface = interface - self.channel = channel - self. state = state - self.type = type - self.frame_number = 0 - self.dump = dump - - self.output = PcapConnector(self.interface, wireless = True) - - if self.dump: - self.dumpfile = self.generate_dump_filename() - self.output_dump = PcapDumpConnector(self.dumpfile) - - def generate_dump_filename(self): - """generate a dump filename based on current time""" - filename = strftime("%Y-%m-%d_%H-%M-%S") + ".dump" - return filename - - def generate_int(self, bits): + @staticmethod + def generate_int(bits): """generate an integer with given size""" return random.getrandbits(bits) - def generate_string(self, size, restrict_chars = None): + @staticmethod + def generate_string(size, restrict_chars = None): """generate a string with given size and alphabet""" if restrict_chars: string = "".join(random.sample(restrict_chars, size)) @@ -50,40 +32,87 @@ return string - def generate_addr(self): + @staticmethod + def generate_addr(): """generate a valid 802.11 address""" - addr = self.generate_string(2, string.hexdigits[:16]) + addr = Generator.generate_string(2, string.hexdigits[:16]) for i in range(0,5): addr += ":" - addr += self.generate_string(2, string.hexdigits[:16]) + addr += Generator.generate_string(2, string.hexdigits[:16]) return ieee80211.ieee80211_atob(addr) - def generate_frame(self): - """generate a frame to inject""" - radio = radiotap.radiotap() - radio.version = 0; - radio.pad = 0; - radio.length = 0; + +class Frame: + """ + The Frame class + """ + + def __init__(self, state, mode): + """initialize the Frame""" + self.radio = radiotap.radiotap() + self.frame = ieee80211.frame() + self.chain = None + + self.generate(state, mode) + + def __getattr__(self, name): + if name == 'frame': + return self._chain + + def generate(self, state, mode): + """generate a frame of given state using one of the generation modes""" + self.radio.version = 0; + self.radio.pad = 0; + self.radio.length = 0; + + self.frame = ieee80211.frame() + self.frame.fc0 = Generator.generate_int(8); + self.frame.fc1 = Generator.generate_int(8); + self.frame.dur = Generator.generate_int(16); + self.frame.addr1 = Generator.generate_addr(); + self.frame.addr2 = Generator.generate_addr(); + self.frame.addr3 = Generator.generate_addr(); + self.frame.seq = Generator.generate_int(16); + + self.chain = Chain([self.radio, self.frame]) + + +class Fuzzer: + """ + The main fuzzer class + """ + + def __init__(self, interface, channel, state, mode, dump): + """initialize the fuzzer""" + self.interface = interface + self.channel = channel + self.state = state + self.mode = mode + self.frame_number = 0 + self.dump = dump + + self.output = PcapConnector(self.interface, wireless = True) - frame = ieee80211.frame() - frame.fc0 = self.generate_int(8); - frame.fc1 = self.generate_int(8); - frame.dur = self.generate_int(16); - frame.addr1 = self.generate_addr(); - frame.addr2 = self.generate_addr(); - frame.addr3 = self.generate_addr(); - frame.seq = self.generate_int(16); + if self.dump: + self.dumpfile = self.create_dump_filename() + self.output_dump = PcapDumpConnector(self.dumpfile) - chain = Chain([radio, frame]) + def create_dump_filename(self): + """create a dump filename based on current time""" + filename = strftime("%Y-%m-%d_%H-%M-%S") + ".dump" + return filename - return chain + def generate_frame(self): + """generate a frame to inject""" + frame = Frame(self.state, self.mode) + return frame.frame def send_frame(self, frame): """send a generated frame, dumping if requested""" if self.dump: - self.output_dump.write(frame.__repr__()) + self.output_dump.write(frame) out = self.output.write(frame.bytes, len(frame.bytes)) self.frame_number += 1 @@ -111,9 +140,9 @@ dest="state", default=1, help="Which state to fuzz: 1, 2 or 3. [default %default]") - parser.add_option("-t", "--type", - dest="type", default="random", - help="Which fuzzer type: random, corner-cases. [default %default]") + parser.add_option("-m", "--mode", + dest="mode", default="random", + help="Which fuzzer mode: random, corner-cases. [default %default]") parser.add_option("-d", "--dump", dest="dump", default=False, action="store_true", @@ -124,7 +153,7 @@ if len(args) != 1: parser.error("Must provide at least the interface to inject the frames.") - fuzzer = Fuzzer(args[0], options.channel, options.state, options.type, options.dump) + fuzzer = Fuzzer(args[0], options.channel, options.state, options.mode, options.dump) fuzzer.start() if __name__ == "__main__":