Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(75)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/fuzzed_socket.h

Issue 1854813004: Add SOCKS4 and SOCKS5 fuzzers. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Response to comments Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/BUILD.gn ('k') | net/socket/fuzzed_socket.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef NET_SOCKET_FUZZED_SOCKET_H
6 #define NET_SOCKET_FUZZED_SOCKET_H
7
8 #include <stdint.h>
9
10 #include "base/macros.h"
11 #include "base/memory/weak_ptr.h"
12 #include "base/strings/string_piece.h"
13 #include "net/base/completion_callback.h"
14 #include "net/base/net_errors.h"
15 #include "net/log/net_log.h"
16 #include "net/socket/stream_socket.h"
17
18 namespace net {
19
20 class IOBuffer;
21
22 // A StreamSocket that uses a single block of data to generate responses for use
23 // with fuzzers. Writes can succeed synchronously or asynchronously, can write
24 // some or all of the provided data, and can fail with several different errors.
25 // Reads can do the same, but the read data is also generated from the initial
26 // input data. The number of bytes written/read from a single call is currently
27 // capped at 127 bytes.
28 //
29 // Reads and writes are executed independently of one another, so to guarantee
30 // the fuzzer behaves the same across repeated runs with the same input, the
31 // reads and writes must be done in a deterministic order and for a
32 // deterministic number of bytes, every time the fuzzer is run with the same
33 // data.
34 class FuzzedSocket : public StreamSocket {
35 public:
36 // |data| must be of length |data_size| and is used as to determine behavior
37 // of the FuzzedSocket. It must remain valid until the FuzzedSocket is
38 // destroyed.
39 FuzzedSocket(const uint8_t* data,
40 size_t data_size,
41 const BoundNetLog& bound_net_log);
42 ~FuzzedSocket() override;
43
44 // Socket implementation:
45 int Read(IOBuffer* buf,
46 int buf_len,
47 const CompletionCallback& callback) override;
48 int Write(IOBuffer* buf,
49 int buf_len,
50 const CompletionCallback& callback) override;
51 int SetReceiveBufferSize(int32_t size) override;
52 int SetSendBufferSize(int32_t size) override;
53
54 // StreamSocket implementation:
55 int Connect(const CompletionCallback& callback) override;
56 void Disconnect() override;
57 bool IsConnected() const override;
58 bool IsConnectedAndIdle() const override;
59 int GetPeerAddress(IPEndPoint* address) const override;
60 int GetLocalAddress(IPEndPoint* address) const override;
61 const BoundNetLog& NetLog() const override;
62 void SetSubresourceSpeculation() override;
63 void SetOmniboxSpeculation() override;
64 bool WasEverUsed() const override;
65 void EnableTCPFastOpenIfSupported() override;
66 bool WasNpnNegotiated() const override;
67 NextProto GetNegotiatedProtocol() const override;
68 bool GetSSLInfo(SSLInfo* ssl_info) override;
69 void GetConnectionAttempts(ConnectionAttempts* out) const override;
70 void ClearConnectionAttempts() override;
71 void AddConnectionAttempts(const ConnectionAttempts& attempts) override;
72 int64_t GetTotalReceivedBytes() const override;
73
74 private:
75 // Returns a uint8_t removed from the back of |data_|. Bytes read from the
76 // socket are taken from the front of the stream, so this will keep read bytes
77 // more consistent between test runs. If no data is left, returns 0.
78 uint8_t ConsumeUint8FromData();
79
80 // Returns a net::Error that can be returned by a read or a write. Reads and
81 // writes return basically the same set of errors, at the TCP socket layer.
82 // Which error is determined by a call to ConsumeUint8FromData().
83 Error ConsumeReadWriteErrorFromData();
84
85 void OnReadComplete(const CompletionCallback& callback, int result);
86 void OnWriteComplete(const CompletionCallback& callback, int result);
87
88 // The unconsumed portion of the input data that |this| was created with.
89 base::StringPiece data_;
90
91 bool read_pending_ = false;
92 bool write_pending_ = false;
93
94 // This is true when the first callback returning an error is pending in the
95 // message queue. If true, the socket acts like it's connected until that task
96 // is run (Or Disconnect() is called), and reads / writes will return the same
97 // error asynchronously, until it becomes false, at which point they'll return
98 // it synchronously.
99 bool error_pending_ = false;
100 // If this is not OK, all reads/writes will fail with this error.
101 int net_error_ = ERR_CONNECTION_CLOSED;
102
103 int64_t total_bytes_read_ = 0;
104 int64_t total_bytes_written_ = 0;
105
106 BoundNetLog bound_net_log_;
107
108 base::WeakPtrFactory<FuzzedSocket> weak_factory_;
109
110 DISALLOW_COPY_AND_ASSIGN(FuzzedSocket);
111 };
112
113 } // namespace net
114
115 #endif // NET_SOCKET_FUZZED_SOCKET_H
OLDNEW
« no previous file with comments | « net/BUILD.gn ('k') | net/socket/fuzzed_socket.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698