Thomas Anders wrote:
> The current randpkt/fuzz testing, although already *very* useful,
> probably always runs tethereal with default options. However, a
> significant amount of dissector code is only executed if some
> corresponding preference settings are enabled/disabled or have a certain
> value. Thus, AFAICS, those parts of the code are currently not covered
> at all by the fuzz/randpkt testing.
>
> Can this be improved? My initial idea was to
> - add a test scenario that also adds some sort of fuzz to the preference
> settings (i.e. always changes them slightly)?
> - have more people run randpkt/fuzz testing themselves with *their*
> current (non-default) preference settings
It shouldn't be too difficult to fuzz the preference settings
automatically. The comments in the preferences file contain hints about
the valid values for each preference, e.g.
# Decode packets on this TCP port as HTTP
# A decimal number.
http.tcp_alternate_port: 0
# The iSCSI protocol version
# One of: Draft 08, Draft 09, Draft 11, Draft 12, Draft 13
# (case-insensitive).
iscsi.protocol_version: Draft 13
# Make the TCP dissector use relative sequence numbers instead of
# absolute ones. To use this option you must also enable "Analyze TCP
# sequence numbers". This option will also try to track and adjust the
# window field according to any TCP window scaling options seen.
# TRUE or FALSE (case-insensitive).
tcp.relative_sequence_numbers: TRUE
If we were to make the hints more easily parsed (e.g. by quoting any
enum options), we could pick a preference at random and feed a fuzzed
value to tethereal using the "-o" flag. To make parsing easier we could
provide a method (e.g. "-G preferences") to dump the default preferences
to stdout.
Does this sound like a reasonable approach?