(self)
| 653 | self.help_fuzz() |
| 654 | |
| 655 | def fuzz_path(self): |
| 656 | output().raw("Checking base paths first.") |
| 657 | # get a cup of coffee, fuzzing will take some time |
| 658 | output().fuzzed("PATH", "", ("", "EXISTS", "DIRLIST")) |
| 659 | output().hline() |
| 660 | found = {} # paths found |
| 661 | # try base paths first |
| 662 | for path in self.vol_exists() + fuzzer().path: |
| 663 | self.verify_path(path, found) |
| 664 | output().raw("Checking filesystem hierarchy standard.") |
| 665 | # try direct access to fhs dirs |
| 666 | for path in fuzzer().fhs: |
| 667 | self.verify_path(path) |
| 668 | # try path traversal strategies |
| 669 | if found: |
| 670 | output().raw("Now checking traversal strategies.") |
| 671 | output().fuzzed("PATH", "", ("", "EXISTS", "DIRLIST")) |
| 672 | output().hline() |
| 673 | # only check found volumes |
| 674 | for vol in found: |
| 675 | sep = "" if vol[-1:] in ["", "/", "\\"] else "/" |
| 676 | sep2 = vol[-1:] if vol[-1:] in ["/", "\\"] else "/" |
| 677 | # 1st level traversal |
| 678 | for dir in fuzzer().dir: |
| 679 | path = vol + sep + dir + sep2 |
| 680 | self.verify_path(path) |
| 681 | # 2nd level traversal |
| 682 | for dir2 in fuzzer().dir: |
| 683 | path = vol + sep + dir + sep2 + dir2 + sep2 |
| 684 | self.verify_path(path) |
| 685 | |
| 686 | def fuzz_write(self): |
| 687 | output().raw("Writing temporary files.") |
no test coverage detected