* Added the -i flag (for stdin fuzzing).

2006-12-29 17:22:11 +00:00 · 2006-12-29 17:22:11 +00:00 · b8d4118de5
commit b8d4118de5
parent 03abccd656
4 changed files with 38 additions and 16 deletions
--- a/doc/zzuf.1
+++ b/doc/zzuf.1
@ -4,7 +4,7 @@ zzuf \- multiple purpose fuzzer
 .SH SYNOPSIS
 .B zzuf
 [
-.B \-vqdh
+.B \-vqdhi
 ] [
 .B \-r
 .I ratio
@ -111,6 +111,11 @@ situations.
 Hide the output of the fuzzed application. This is useful if the application
 is very verbose but only its exit code is really useful to you.
 .TP
+.B \-i, \-\-stdin
+Fuzz the application's standard input. By default
+.B zzuf
+only fuzzes files.
+.TP
 .B \-I, \-\-include <regex>
 Only fuzz files whose name matches the
 .B <regex>
--- a/src/libzzuf.c
+++ b/src/libzzuf.c
@ -82,6 +82,10 @@ void _zz_init(void)

    _zz_fd_init();

+    tmp = getenv("ZZUF_STDIN");
+    if(tmp && *tmp == '1')
+        _zz_register(0);
+
    _zz_load_fd();
    _zz_load_stream();

--- a/src/zzuf.c
+++ b/src/zzuf.c
@ -97,6 +97,7 @@ int main(int argc, char *argv[])
            /* Long option, needs arg, flag, short option */
            { "include",   1, NULL, 'I' },
            { "exclude",   1, NULL, 'E' },
+            { "stdin",     0, NULL, 'i' },
            { "seed",      1, NULL, 's' },
            { "ratio",     1, NULL, 'r' },
            { "fork",      1, NULL, 'F' },
@ -107,11 +108,11 @@ int main(int argc, char *argv[])
            { "help",      0, NULL, 'h' },
            { "version",   0, NULL, 'v' },
        };
-        int c = getopt_long(argc, argv, "I:E:s:r:F:B:T:qdhv",
+        int c = getopt_long(argc, argv, "I:E:is:r:F:B:T:qdhv",
                            long_options, &option_index);
 #   else
 #       define MOREINFO "Try `%s -h' for more information.\n"
-        int c = getopt(argc, argv, "I:E:s:r:F:B:T:qdhv");
+        int c = getopt(argc, argv, "I:E:is:r:F:B:T:qdhv");
 #   endif
        if(c == -1)
            break;
@ -124,6 +125,9 @@ int main(int argc, char *argv[])
        case 'E': /* --exclude */
            setenv("ZZUF_EXCLUDE", optarg, 1);
            break;
+        case 'i': /* --stdin */
+            setenv("ZZUF_STDIN", "1", 1);
+            break;
        case 's': /* --seed */
            parser = strchr(optarg, ':');
            seed = atoi(optarg);
@ -425,10 +429,10 @@ static void version(void)
 #if defined(HAVE_GETOPT_H)
 static void usage(void)
 {
-    printf("Usage: zzuf [ -vqdh ] [ -r ratio ] [ -s seed | -s start:stop]\n");
+    printf("Usage: zzuf [ -vqdhi ] [ -r ratio ] [ -s seed | -s start:stop]\n");
    printf("                       [ -F children ] [ -B bytes ] [ -T seconds ]\n");
    printf("                       [ -I include ] [ -E exclude ] COMMAND [ARGS]...\n");
-    printf("Run COMMAND and randomly fuzz its input files.\n");
+    printf("Run COMMAND and randomly fuzz its input.\n");
    printf("\n");
    printf("Mandatory arguments to long options are mandatory for short options too.\n");
 #   ifdef HAVE_GETOPT_LONG
@ -439,6 +443,7 @@ static void usage(void)
    printf("  -B, --max-bytes <n>      kill children that output more than <n> bytes\n");
    printf("  -T, --max-time <n>       kill children that run for more than <n> seconds\n");
    printf("  -q, --quiet              do not print children's messages\n");
+    printf("  -i, --stdin              fuzz standard input\n");
    printf("  -I, --include <regex>    only fuzz files matching <regex>\n");
    printf("  -E, --exclude <regex>    do not fuzz files matching <regex>\n");
    printf("  -d, --debug              print debug messages\n");
@ -452,6 +457,7 @@ static void usage(void)
    printf("  -B <n>           kill children that output more than <n> bytes\n");
    printf("  -T <n>           kill children that run for more than <n> seconds\n");
    printf("  -q               do not print the fuzzed application's messages\n");
+    printf("  -i               fuzz standard input\n");
    printf("  -I <regex>       only fuzz files matching <regex>\n");
    printf("  -E <regex>       do not fuzz files matching <regex>\n");
    printf("  -d               print debug messages\n");
--- a/test/testsuite.sh
+++ b/test/testsuite.sh
@ -34,10 +34,16 @@ cleanup() {
        rm -f /tmp/zzuf-zero-$$
        rm -f /tmp/zzuf-random-$$
        rm -f /tmp/zzuf-text-$$
+        echo "Temporary files removed."
+    else
+        echo "Files preserved:"
+        echo "  /tmp/zzuf-zero-$$"
+        echo "  /tmp/zzuf-random-$$"
+        echo "  /tmp/zzuf-text-$$"
    fi
 }

-trap "echo ''; echo 'Aborted.'; cleanup; exit 0" 1 2 15
+trap "echo ''; echo ''; echo 'Aborted.'; cleanup; exit 0" 1 2 15

 seed=$(($RANDOM * $$))
 ZZUF="$(dirname "$0")/../src/zzuf"
@ -52,12 +58,14 @@ echo "Using seed $seed"
 echo ""

 for file in /tmp/zzuf-text-$$ /tmp/zzuf-zero-$$ /tmp/zzuf-random-$$; do
-    for r in 0.0 0.00001 0.0001 0.001 0.01 0.1 1.0 10.0; do
+    for r in 0.000000 0.00001 0.0001 0.001 0.01 0.1 1.0 10.0; do
        echo "Testing zzuf on $file, ratio $r:"
        OK=1
        MD5=""
        check $seed $r "cat $file" "cat"
-# don't do grep, it adds a newline at EOF!
+        check $seed $r "cat < $file" "cat stdin"
+        # We don't include grep in the testsuite because it puts a newline
+        # at the end of its input if it was not there initially.
        #check $seed $r "grep -- -a \\'\\' $file" "grep -a"
        check $seed $r "sed n $file" "sed n"
        check $seed $r "dd bs=65536 if=$file" "dd(bs=65536)"
@ -74,15 +82,14 @@ for file in /tmp/zzuf-text-$$ /tmp/zzuf-zero-$$ /tmp/zzuf-random-$$; do
        echo ""
    done
 done
-cleanup

 if [ "$FAILED" != 0 ]; then
-    echo "$FAILED tests failed out of $TESTED. Files preserved:"
-    echo "  /tmp/zzuf-zero-$$"
-    echo "  /tmp/zzuf-random-$$"
-    echo "  /tmp/zzuf-text-$$"
+    echo "$FAILED tests failed out of $TESTED."
+    cleanup
    exit 1
 fi
 echo "All $TESTED tests OK."
+
+cleanup
 exit 0