mirrors/IronRDP
1
0
Fork 0
mirror of https://github.com/Devolutions/IronRDP.git synced 2025-12-23 12:26:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
IronRDP/fuzz
History
Isaiah Becker-Mayer 6aa3f3e63b
feat(rdpdr): SetInformation* handling (#312) 
- Extend ReadCursor with methods to read and try reading i64 values in both little and big endian formats.
- Update RdpdrPdu to handle ClientDriveSetInformationResponse, reflecting the addition of ServerDriveSetInformationRequest handling in the RDPDR (Remote Desktop Protocol: Device Redirection) protocol.
- Implement decoding and encoding of various FileInformationClass types such as FileEndOfFileInformation, FileDispositionInformation, FileRenameInformation, and FileAllocationInformation.
- Refactor the existing code to improve the handling of different FileInformationClassLevels and FileSystemInformationClassLevels.
- Add handling for ServerDriveNotifyChangeDirectoryRequest in ServerDriveIoRequest, supporting the specific case when MinorFunction is set to IRP_MN_NOTIFY_CHANGE_DIRECTORY.
2023-11-29 17:38:01 +00:00
..
fuzz_targets feat: clipboard support for web client (#259) 2023-11-08 13:57:21 +02:00
.gitignore fix(graphics): harden RLE implementation (#86) 2023-03-07 07:01:22 -05:00
Cargo.lock feat(rdpdr): SetInformation* handling (#312) 2023-11-29 17:38:01 +00:00
Cargo.toml test: extract fuzzing oracles into another crate 2023-05-11 19:41:11 -04:00
README.md refactor: clarify project architecture (#123) 2023-05-09 21:00:07 +00:00
rust-toolchain.toml fix(graphics): harden RLE implementation (#86) 2023-03-07 07:01:22 -05:00

README.md

IronRDP fuzzing

Difference between fuzzing and property testing

ironrdp correctness is validated in various ways. Two of these are fuzzing and property testing. Both of these methods involve feeding random inputs to the API in order to check if the program is behaving as expected or not.

However,

  • Fuzzing is well suited for black-box-like testing. Inputs are typically guided by instrumentalizing the code (coverage…) rather than manually informed.

  • Property testing requires the developer to describe the interesting inputs and properties to test.

  • When fuzzing, some properties are tested as well, but those are typically simple (absence of crash, round-trip…).

  • In contrast, property testing is well suited when testing more complex properties.

  • With fuzzing, we are actively trying to show that something is (unexpectedly) broken.

  • With property testing, we are actively trying to show that the properties are holding (as expected).

Targets

pdu_decoding

Feeds random inputs to PDU decoding code.

bitmap_stream

Feeds random inputs to the RDP6 bitmap decoder.

rle_decompression

Feeds random inputs to the interleaved Run-Length Encoding (RLE) bitmap decoder.