Flood user input, may reveal buffer overflows: flood
(self, arg)
| 889 | |
| 890 | # ------------------------[ flood <size> ]---------------------------- |
| 891 | def do_flood(self, arg): |
| 892 | "Flood user input, may reveal buffer overflows: flood <size>" |
| 893 | size = conv().int(arg) or 10000 # buffer size |
| 894 | char = "0" # character to fill the user input |
| 895 | # get a list of printer-specific variables to set |
| 896 | self.chitchat("Receiving PJL variables.", "") |
| 897 | lines = self.cmd("@PJL INFO VARIABLES").splitlines() |
| 898 | variables = [var.split("=", 1)[0] for var in lines if "=" in var] |
| 899 | self.chitchat(" Found " + str(len(variables)) + " variables.") |
| 900 | # user input to flood = custom pjl variables and command parameters |
| 901 | inputs = ["@PJL SET " + var + "=[buffer]" for var in variables] + [ |
| 902 | ### environment commands ### |
| 903 | "@PJL SET [buffer]", |
| 904 | ### generic parsing ### |
| 905 | "@PJL [buffer]", |
| 906 | ### kernel commands ### |
| 907 | "@PJL COMMENT [buffer]", |
| 908 | "@PJL ENTER LANGUAGE=[buffer]", |
| 909 | ### job separation commands ### |
| 910 | '@PJL JOB NAME="[buffer]"', |
| 911 | '@PJL EOJ NAME="[buffer]"', |
| 912 | ### status readback commands ### |
| 913 | "@PJL INFO [buffer]", |
| 914 | "@PJL ECHO [buffer]", |
| 915 | "@PJL INQUIRE [buffer]", |
| 916 | "@PJL DINQUIRE [buffer]", |
| 917 | "@PJL USTATUS [buffer]", |
| 918 | ### device attendance commands ### |
| 919 | '@PJL RDYMSG DISPLAY="[buffer]"', |
| 920 | ### file system commands ### |
| 921 | '@PJL FSQUERY NAME="[buffer]"', |
| 922 | '@PJL FSDIRLIST NAME="[buffer]"', |
| 923 | '@PJL FSINIT VOLUME="[buffer]"', |
| 924 | '@PJL FSMKDIR NAME="[buffer]"', |
| 925 | '@PJL FSUPLOAD NAME="[buffer]"', |
| 926 | ] |
| 927 | for val in inputs: |
| 928 | output().raw("Buffer size: " + str(size) + ", Sending: ", val + os.linesep) |
| 929 | self.timeoutcmd( |
| 930 | val.replace("[buffer]", char * size), self.timeout * 10, False |
| 931 | ) |
| 932 | self.cmd("@PJL ECHO") # check if device is still reachable |