- Fuzz for restconf and cli updated
This commit is contained in:
Olof hagsand
parent
965cce5e5d
commit
af88b974fd
11 changed files with 172 additions and 62 deletions
|
|
@ -7,7 +7,39 @@ So far the backend and cli can be fuzzed.
|
|||
Some issues are as follows:
|
||||
- Static linking. Fuzzing requires static linking. You can statically link clixon using: `LINKAGE=static ./configure` but that does not work with Clixon plugins (at least yet). Therefore fuzzing has been made with no plugins using the hello example only.
|
||||
- Multiple processes. Only the backend can run stand-alone, cli/netconf/restconf requires a backend. When you fuzz eg clixon_cli, the backend must be running and it will be slow due to IPC. Possibly one could link them together and run as a monolith by making a threaded image.
|
||||
- Internal protocol 1: The internal protocol uses XML but deviates from netconf by using a (binary) header where the length is encoded, instead of ']]>]]>' as a terminating string. AFL does not like that. By setting CLIXON_PROTO_PLAIN the internal protocol uses pure netconf (with some limitations).
|
||||
- Internal protocol 2: The internal protocol uses TCP unix sockets while AFL requires stdio. One can use a package called "preeny" to translate stdio into sockets. But it is slow.
|
||||
|
||||
Restconf also has the extra problem of running TLS sockets.
|
||||
Restconf also has the extra problem of running TLS sockets.
|
||||
|
||||
## Prereqs
|
||||
|
||||
See [AFL docs](https://afl-1.readthedocs.io/en/latest) for installing afl.
|
||||
On ubuntu this may be enough:
|
||||
```
|
||||
sudo apt install afl
|
||||
```
|
||||
|
||||
You may have to change cpu frequency:
|
||||
```
|
||||
cd /sys/devices/system/cpu
|
||||
echo performance | tee cpu?/cpufreq/scaling_governor
|
||||
```
|
||||
|
||||
And possibly change core behaviour:
|
||||
```
|
||||
echo core >/proc/sys/kernel/core_pattern
|
||||
```
|
||||
|
||||
### backend/restconf
|
||||
|
||||
Backend and restconf requires the preeny package to change sockets to stdio.
|
||||
|
||||
Preeny has a "desocketizing" module necessary to map stdio to the internal sockets that the backend uses. Install preeny example:
|
||||
```
|
||||
sudo apt install libini-config-dev # debian/ubuntu
|
||||
sudo apt install libseccomp-dev # debian/ubuntu
|
||||
git clone https://github.com/zardus/preeny.git
|
||||
cd preeny
|
||||
make
|
||||
sudo cp x86_64-linux-gnu/desock.so /usr/local/lib/ # install
|
||||
```
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue