具有较大s_bytes值的boofuzz问题

Question

我在应用程序中使用fuzz来处理特定的函数。我为我的模糊向量创建的块如下所示：

with s_block("getPasswd"):
    s_byte(0, name="usID", fuzzable=False)
    s_bytes(value=bytes([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]), name="dataChoose", size=16, max_len=16, fuzzable=False) # THIS IS 16 BYTES
    s_byte(0,name="paswd", fuzzable=False)
    s_byte(0,name="2fA", fuzzable=False)
    s_byte(0,name="status", fuzzable=False)
    s_word(0x0000, name="subData",fuzzable=False)
    s_byte(0,name="adminUsr", fuzzable=True)
    s_bytes(value=bytes([0x00]*170),name="hashOfPswd", size=170, max_len=170, fuzzable=False)

我的模糊代码工作得很好，直到我将hashOfPswd的大小更改为170 (如您所见)。最初它是50，没有问题，但是在看了这个函数之后，我想弄清楚它的大小，所以我不得不做170。当我这样做时，我得到了以下错误：

[2021-05-21 15:47:54,825]       Check Failed: Target connection reset.
[2021-05-21 15:47:54,836]     Error!!!! A custom post_send callback function raised an uncought error.
                              Traceback (most recent call last):
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\connections\tcp_socket_connection.py", line 98, in recv
                                  data = self._sock.recv(max_bytes)
                              TimeoutError: [WinError 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond

                              During handling of the above exception, another exception occurred:

                              Traceback (most recent call last):
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\sessions.py", line 1272, in transmit_fuzz
                                  self.last_recv = self.targets[0].recv()
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\sessions.py", line 172, in recv
                                  data = self._target_connection.recv(max_bytes=max_bytes)
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\connections\tcp_socket_connection.py", line 109, in recv
                                  raise_(exception.BoofuzzTargetConnectionReset(), None, sys.exc_info()[2])
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\future\utils\__init__.py", line 440, in raise_
                                  raise exc.with_traceback(tb)
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\connections\tcp_socket_connection.py", line 98, in recv
                                  data = self._sock.recv(max_bytes)
                              boofuzz.exception.BoofuzzTargetConnectionReset

                              During handling of the above exception, another exception occurred:

                              Traceback (most recent call last):
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\sessions.py", line 1568, in _fuzz_current_case
                                  self.transmit_fuzz(target, self.fuzz_node, path[-1], callback_data=callback_data)
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\sessions.py", line 1275, in transmit_fuzz
                                  raise BoofuzzFailure(message=constants.ERR_CONN_RESET)
                              boofuzz.exception.BoofuzzFailure

                              During handling of the above exception, another exception occurred:

                              Traceback (most recent call last):
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\monitors\callback_monitor.py", line 67, in post_send
                                  f(target=target, fuzz_data_logger=fuzz_data_logger, session=session, sock=target)
                                File "C:\Users/chxenofo/common/py_tests\Fuzzer.py", line 169, in postCallback
                                  if returnCode.hex() != "55":
                              AttributeError: 'NoneType' object has no attribute 'hex'

这是模糊库中的一系列异常，我怀疑tcp_socket_connection.py，但这有点奇怪，因为通常tcp最多允许1GB的数据。

有人知道如何用这种大小的模糊向量创建这样的块并正确运行吗？或者我该换什么才能正常运行？提前谢谢你

Answer 1

您的自定义NoneType函数中似乎缺少了一个postCallback检查。

在https://github.com/jtpereyda/boofuzz/issues/519#issuecomment-849074553找到完整答案