Fuzz the framer.

ioquatix · ioquatix · commit 55eeab6529d2 · 2020-04-20T01:03:26.000+12:00
diff --git a/fuzz/framer/bake.rb b/fuzz/framer/bake.rb
@@ -0,0 +1,16 @@
+
+# Run the fuzz test.
+def run
+	system("AFL_SKIP_BIN_CHECK=1 afl-fuzz -i input/ -o output/ -t 1000  -m 1000 -- ruby script.rb")
+end
+
+def generate
+	require_relative '../../lib/protocol/http2/framer'
+	
+	framer = Protocol::HTTP2::Framer.new($stdout)
+	
+	frame = Protocol::HTTP2::DataFrame.new
+	frame.pack("Hello World")
+	
+	framer.write_frame(frame)
+end
diff --git a/fuzz/framer/input/data.txt b/fuzz/framer/input/data.txt
diff --git a/fuzz/framer/script.rb b/fuzz/framer/script.rb
@@ -0,0 +1,26 @@
+#!/usr/bin/env ruby
+
+require 'socket'
+require_relative '../../lib/protocol/http2/framer'
+
+def test
+	framer = Protocol::HTTP2::Framer.new($stdin)
+	
+	while frame = framer.read_frame
+		pp frame
+	end
+rescue EOFError
+	# Ignore.
+end
+
+if ENV["_"] =~ /afl/
+	require 'kisaten'
+	
+	Kisaten.crash_at [Exception], [EOFError, Protocol::HTTP2::FrameSizeError], Signal.list['USR1']
+	
+	while Kisaten.loop 10_000
+		test
+	end
+else
+	test
+end
