Hello,
Today, I will start to look into fuzz black box testing on RTP. I will
try to provide ASAP a list with what I have found back to you.
Because I still have problems creating encrypt or crypt system commands
in RTP I will start as well to see what I can do regarding this fuzz
tool. I think nobody else is working on this ?
stefan
Hello,
Last weekend I’ve been cold. Anyway part of the /bin has been tested and
it looks ok. I didn’t produce any docs yet about this but I will soon.
Brielfy fuzz is a random number generator. snip from man:
DESCRIPTION
The main purpose of _f_u_z_z is to test the robustness of
system
utilities. We use _f_u_z_z to generate random characters.
These
are then piped to a system utility (using
_p_t_y_j_i_g(_1) if
necessary.) If the utility crashes, the saved input and out-
put streams can then be analyzed to decide what sorts of
input cause problems.
_L_e_n_g_t_h is taken to be the length of the output stream,
usu-
ally in bytes, When -l is selected it the length is in
number of strings.
The following options can be specified.
-0 Include NULL (ASCII 0) characters
-a Include all ASCII characters except NULL (default)
-d _d_e_l_a_y
Specify a delay in seconds between each character.
-e _s_t_r_i_n_g
Send _s_t_r_i_n_g after all the characters. This
feature can
be used to send termination strings to the test pro-
grams. Standard C escape sequences can be used.
-l [_l_e_n]
Generate random length strings. If _l_e_n is specified, it
is taken to be the maximum length of each string
(default = 255). Strings are terminated with the ASCII
newline character.
-o _f_i_l_e
Store the output stream to _f_i_l_e as well as sending
them
to _s_t_d_o_u_t.
-p Generate printable ASCII characters only
-r _f_i_l_e
Replay characters stored in _f_i_l_e.
-s _s_e_e_d
Use _s_e_e_d as the seed to the random number generator.
-x Print the seed as the first line of stdout.
Sun Release 4.0 Last change: December 1, 1988 1
FUZZ(1) USER COMMANDS FUZZ(1)
AUTHORS
Lars Fredriksen, Bryan So.
I tested part of /bin directory with no problems.
stefan
Stefan Parvu wrote:
Hello,
Today, I will start to look into fuzz black box testing on RTP. I will
try to provide ASAP a list with what I have found back to you.Because I still have problems creating encrypt or crypt system commands
in RTP I will start as well to see what I can do regarding this fuzz
tool. I think nobody else is working on this ?stefan
excellent please keep us posted, this sounds like an excellent testing tool
Previously, Stefan Parvu wrote in qdn.public.porting:
{ Hello,
{
{ Last weekend I’ve been cold. Anyway part of the /bin has been tested and
{ it looks ok. I didn’t produce any docs yet about this but I will soon.
{ Brielfy fuzz is a random number generator. snip from man:
{
{ DESCRIPTION
{ The main purpose of _f_u_z_z is to test the robustness of
{ system
{ utilities. We use _f_u_z_z to generate random characters.
{ These
{ are then piped to a system utility (using
{ _p_t_y_j_i_g(_1) if
{ necessary.) If the utility crashes, the saved input and out-
{ put streams can then be analyzed to decide what sorts of
{ input cause problems.
{
{ _L_e_n_g_t_h is taken to be the length of the output stream,
{ usu-
{ ally in bytes, When -l is selected it the length is in
{ number of strings.
{
{ The following options can be specified.
{
{ -0 Include NULL (ASCII 0) characters
{
{ -a Include all ASCII characters except NULL (default)
{
{ -d _d_e_l_a_y
{ Specify a delay in seconds between each character.
{
{ -e _s_t_r_i_n_g
{ Send _s_t_r_i_n_g after all the characters. This
{ feature can
{ be used to send termination strings to the test pro-
{ grams. Standard C escape sequences can be used.
{
{ -l [_l_e_n]
{ Generate random length strings. If _l_e_n is specified, it
{ is taken to be the maximum length of each string
{ (default = 255). Strings are terminated with the ASCII
{ newline character.
{
{ -o _f_i_l_e
{ Store the output stream to _f_i_l_e as well as sending
{ them
{ to _s_t_d_o_u_t.
{
{ -p Generate printable ASCII characters only
{
{ -r _f_i_l_e
{ Replay characters stored in _f_i_l_e.
{
{ -s _s_e_e_d
{ Use _s_e_e_d as the seed to the random number generator.
{
{ -x Print the seed as the first line of stdout.
{
{
{
{
{ Sun Release 4.0 Last change: December 1, 1988 1
{
{ FUZZ(1) USER COMMANDS FUZZ(1)
{ AUTHORS
{ Lars Fredriksen, Bryan So.
{
{
{ I tested part of /bin directory with no problems.
{
{ stefan
{
{
{
{
{ Stefan Parvu wrote:
{ >
{ > Hello,
{ >
{ > Today, I will start to look into fuzz black box testing on RTP. I will
{ > try to provide ASAP a list with what I have found back to you.
{ >
{ > Because I still have problems creating encrypt or crypt system commands
{ > in RTP I will start as well to see what I can do regarding this fuzz
{ > tool. I think nobody else is working on this ?
{ >
{ > stefan
{
–
Pat Ford email: pford@qnx.com
QNX Software Systems, Ltd. WWW: http://www.qnx.com
(613) 591-0931 (voice) mail: 175 Terence Matthews
(613) 591-3579 (fax) Kanata, Ontario, Canada K2M 1W8
Hello,
Fuzz random generator number is ready as a beta version for QNXRTP.
I wrote a small ksh script which is controlling fuzz and it’s
parameters.
The syntax is: run [master_file] ,
where master file is a text file where you will define what bins you are
looking for to test.
run is the name of the ksh script.
E.g you can define a master file:
/bin/ls -lrt
/bin/date
/bin/cp master master.backup
…
And then run against “run” script as $1. After execution 2 files are
generated in the current directory,
where you have installed fuzz: report.ok and report.error
These are the reports files. In ok you should see only all the
succesesfully files tested when in .error you can find all the errors
which occured during running fuzz. Here must be increased the support
for core files and the reason why …
There are still errors related with fuzz but I did not have time yet to
fix all of them. Plus if you really need ptty then I should port another
tool which is using pttys.
the file is attached here:
Regards,
Stefan
Stefan Parvu wrote:
Hello,
Today, I will start to look into fuzz black box testing on RTP. I will
try to provide ASAP a list with what I have found back to you.Because I still have problems creating encrypt or crypt system commands
in RTP I will start as well to see what I can do regarding this fuzz
tool. I think nobody else is working on this ?stefan