char * corrupt_zeros(char * data, size_t * dataSz) { // Choose between zero corruption methods // 0. Insert zeros in to the bitstream // 1. Replace random bytes with zeros int choice = randomInt(0, 1); size_t corruptLoc = random_offset(*dataSz); size_t corruptSize = randomInt(1, 0x100); // we can't corrupt this crap TODO fix this if(*dataSz < CORRUPT_START_MIN) return data; char * replacement = calloc(corruptSize, sizeof(char)); if(!replacement) return data; memset(replacement, 0x0, corruptSize); if(choice == 0) { data = insertBytes(data, dataSz, replacement, corruptSize, corruptLoc); } else if(choice == 1) { data = replaceBytes(data, dataSz, replacement, corruptSize, corruptLoc); } return data; }
char * corrupt_edgenum(char * data, size_t * dataSz) { /* Corruptor: Edgenum * * Goal: tries to add values determined to be the 'edges' * of the common data types. Think 0, -1, MAX_INT, MAX_INT-1, * etc. * * This corruptor should only replace, never insert. We want * to mess up length fields. */ size_t corruptLoc = random_offset(*dataSz); uint32_t corruptVal = randomInt(0, sizeof(corruptVals32) / sizeof(corruptVals32[0])-1); data = insertBytes(data, dataSz, (char *)&corruptVal, sizeof(uint32_t), corruptLoc); return data; }
/********************************************************************** *%FUNCTION: addTag *%ARGUMENTS: * packet -- a PPPoE packet * tag -- tag to add *%RETURNS: * -1 if no room in packet; number of bytes added otherwise. *%DESCRIPTION: * Inserts a tag as the first tag in a PPPoE packet. ***********************************************************************/ int addTag(PPPoEPacket *packet, PPPoETag const *tag) { return insertBytes(packet, packet->payload, tag, ntohs(tag->length) + TAG_HDR_SIZE); }