Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- # 5-line fuzzer below is from Charlie Miller's
- # "Babysitting an Army of Monkeys":
- # Part 1 - http://www.youtube.com/watch?v=Xnwodi2CBws
- # Part 2 - http://www.youtube.com/watch?v=lk5fgCvS2N4
- # List of files to use as initial seed
- file_list=[
- "fuzz_test.kdenlive"
- ]
- # List of applications to test
- apps = [
- "kdenlive"
- ]
- fuzz_output = "fuzz.kdenlive"
- FuzzFactor = 250
- num_tests = 10000
- ########### end configuration ##########
- import math
- import random
- import string
- import subprocess
- import time
- failures = 0
- dir="/home/tomkent/src/kdenlive"
- for i in range(num_tests):
- file_choice = random.choice(file_list)
- app = random.choice(apps)
- buf = bytearray(open(dir + "/" + file_choice, 'rb').read())
- # start Charlie Miller code
- numwrites=random.randrange(math.ceil((float(len(buf)) / FuzzFactor)))+1
- for j in range(numwrites):
- rbyte = random.randrange(256)
- rn = random.randrange(len(buf))
- buf[rn] = "%c"%(rbyte)
- #end Charlie Miller code
- open(dir + "/" + fuzz_output, 'wb').write(buf)
- process = subprocess.Popen([app, fuzz_output], cwd=dir)
- time.sleep(2)
- crashed = process.poll()
- if crashed:
- # Save the failing file to disk
- failures += 1
- open("fuzz_failure"+str(failures) , 'wb').write(buf)
- else:
- process.terminate()
- process.kill()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
