Searched +hist:7784140 +hist:f (Results 1 - 20 of 20) sorted by relevance

/vpp/src/plugins/unittest/
H A Dapi_fuzz_test.c7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
H A DCMakeLists.txtdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
/vpp/src/vnet/pg/
H A Dpg_api.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
/vpp/src/plugins/dhcp/
H A Ddhcp_api.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
/vpp/src/plugins/ioam/lib-pot/
H A Dpot_api.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
/vpp/src/vnet/lldp/
H A Dlldp_api.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
/vpp/src/vnet/ip/
H A Dpunt_api.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
H A Dip_api.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
/vpp/src/vlibapi/
H A Dapi.hdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
H A Dapi_types.hdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
H A Dapi_shared.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
/vpp/test/ext/
H A Dvapi_c_test.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
/vpp/src/vnet/devices/tap/
H A Dtapv2_api.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 9e635696 Thu Mar 01 17:36:01 UTC 2018 Steven <sluong@cisco.com> tapv2: CLI and binary API fixes

1. When interface create encouners an error (see test below),
the same id cannot be used again.
This is due to hash_set is called too early in the function. After the
hash entry is set, there are different errors may cause the interface
create to be aborted. But we didn't remove the hash entry when error is
encountered. The fix is to move the hash_set call near the end which has
no more "goto error"

DBGvpp# create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap: ring size must be power of 2
DBGvpp# create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap: interface already exists
DBGvpp#

2. multiple issues exist with api_format.c with the below command

binary-api tap_create_v2 id 4 hw-addr 90:e2:ba:76:cf:2f rx-ring-size 1024 tx-ring-size 1024

- hw_addr is not taken due to the test for random mac is inverted
- id is an integer, not a string
- integer values were not converted to network format

Change-Id: I5a669d702a80ad158517df46f0ab089e4d0d692e
Signed-off-by: Steven <sluong@cisco.com>
/vpp/src/vnet/
H A Dinterface_api.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
/vpp/src/vnet/session/
H A Dsession_api.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 1553197f Mon Aug 13 06:50:53 UTC 2018 Florin Coras <fcoras@cisco.com> session: add support for multiple app workers

Refactor session layer to support multiple workers per application.

Change-Id: Ie67354688d396449d14bbbb8c56050206e307cd8
Signed-off-by: Florin Coras <fcoras@cisco.com>
/vpp/src/vpp/api/
H A Dapi.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
H A Dcustom_dump.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 9e635696 Thu Mar 01 17:36:01 UTC 2018 Steven <sluong@cisco.com> tapv2: CLI and binary API fixes

1. When interface create encouners an error (see test below),
the same id cannot be used again.
This is due to hash_set is called too early in the function. After the
hash entry is set, there are different errors may cause the interface
create to be aborted. But we didn't remove the hash entry when error is
encountered. The fix is to move the hash_set call near the end which has
no more "goto error"

DBGvpp# create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap: ring size must be power of 2
DBGvpp# create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap: interface already exists
DBGvpp#

2. multiple issues exist with api_format.c with the below command

binary-api tap_create_v2 id 4 hw-addr 90:e2:ba:76:cf:2f rx-ring-size 1024 tx-ring-size 1024

- hw_addr is not taken due to the test for random mac is inverted
- id is an integer, not a string
- integer values were not converted to network format

Change-Id: I5a669d702a80ad158517df46f0ab089e4d0d692e
Signed-off-by: Steven <sluong@cisco.com>
H A Dapi_format.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 9e635696 Thu Mar 01 17:36:01 UTC 2018 Steven <sluong@cisco.com> tapv2: CLI and binary API fixes

1. When interface create encouners an error (see test below),
the same id cannot be used again.
This is due to hash_set is called too early in the function. After the
hash entry is set, there are different errors may cause the interface
create to be aborted. But we didn't remove the hash entry when error is
encountered. The fix is to move the hash_set call near the end which has
no more "goto error"

DBGvpp# create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap: ring size must be power of 2
DBGvpp# create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap: interface already exists
DBGvpp#

2. multiple issues exist with api_format.c with the below command

binary-api tap_create_v2 id 4 hw-addr 90:e2:ba:76:cf:2f rx-ring-size 1024 tx-ring-size 1024

- hw_addr is not taken due to the test for random mac is inverted
- id is an integer, not a string
- integer values were not converted to network format

Change-Id: I5a669d702a80ad158517df46f0ab089e4d0d692e
Signed-off-by: Steven <sluong@cisco.com>
/vpp/test/
H A Dframework.pydiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 499ea648 Fri Mar 15 16:39:19 UTC 2019 Paul Vinciguerra <pvinci@vinciconsulting.com> tests: framework gracefully handle 'VppTransportShmemIOError'

Catches:
----
Traceback (most recent call last):
File "/vpp/test/framework.py", line 593, in tearDown
self.logger.info(self.vapi.ppcli("api trace save %s" % api_trace))
File "/vpp/test/vpp_papi_provider.py", line 413, in ppcli
return cli + "\n" + str(self.cli(cli))
File "/vpp/test/vpp_papi_provider.py", line 402, in cli
r = self.papi.cli_inband(cmd=cli)
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 100, in __call__
return self._func(**kwargs)
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 414, in f
return self._call_vpp(i, msg, multipart, **kwargs)
File "/vpp/src/vpp-api/python/vpp_papi/vpp_papi.py", line 634, in _call_vpp
msg = self.transport.read()
File "/vpp/src/vpp-api/python/vpp_papi/vpp_transport_shmem.py", line 120, in read
raise VppTransportShmemIOError(rv, 'vac_read failed')
VppTransportShmemIOError: [Errno -1] vac_read failed
----

Change-Id: I767e48c4d03081eb5df6a8aa67da7e192d25e4cc
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
/vpp/src/vat/
H A Dapi_format.cdiff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 7784140f Wed Apr 29 21:04:10 UTC 2020 Dave Barach <dave@barachs.net> misc: binary api fuzz test fixes

Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.

The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.

Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.

Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".

Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).

Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
diff 9e635696 Thu Mar 01 17:36:01 UTC 2018 Steven <sluong@cisco.com> tapv2: CLI and binary API fixes

1. When interface create encouners an error (see test below),
the same id cannot be used again.
This is due to hash_set is called too early in the function. After the
hash entry is set, there are different errors may cause the interface
create to be aborted. But we didn't remove the hash entry when error is
encountered. The fix is to move the hash_set call near the end which has
no more "goto error"

DBGvpp# create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap: ring size must be power of 2
DBGvpp# create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap: interface already exists
DBGvpp#

2. multiple issues exist with api_format.c with the below command

binary-api tap_create_v2 id 4 hw-addr 90:e2:ba:76:cf:2f rx-ring-size 1024 tx-ring-size 1024

- hw_addr is not taken due to the test for random mac is inverted
- id is an integer, not a string
- integer values were not converted to network format

Change-Id: I5a669d702a80ad158517df46f0ab089e4d0d692e
Signed-off-by: Steven <sluong@cisco.com>

Completed in 134 milliseconds