From 16b3dff93e5d1096174749e1b809728f585d95fb Mon Sep 17 00:00:00 2001
From: Louis Burda <quent.burda@gmail.com>
Date: Wed, 19 May 2021 13:48:31 +0200
Subject: refactored service structure and added do.sh for automation

---
 service/tests/test.sh | 119 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 119 insertions(+)
 create mode 100644 service/tests/test.sh

(limited to 'service/tests/test.sh')

diff --git a/service/tests/test.sh b/service/tests/test.sh
new file mode 100644
index 0000000..69e3ea1
--- /dev/null
+++ b/service/tests/test.sh
@@ -0,0 +1,119 @@
+#!/bin/sh
+
+set -e
+
+# RUNTYPE=1
+
+SCRIPTPATH="$(dirname $(readlink -f "$0"))"
+cd "$SCRIPTPATH"
+
+export RESULTDIR="../data/scans"
+export ECHO_INPUT=1
+
+announce() {
+	count=$(echo "$1" | wc -c)
+	python3 -c "
+import math
+s = '$1'
+c = 80
+print()
+print('#'*c)
+print('#' + ' '*math.floor((c - len(s))/2-1) + s + ' '*math.ceil((c - len(s))/2-1) + '#')
+print('#'*c)
+print()
+	"
+}
+
+checkleaks() {
+	valgrind --leak-check=full ./stldoctor 2>&1 | tee /tmp/testlog
+	if [ -z "$(grep "no leaks are possible" /tmp/testlog)" ]; then
+		echo "Valgrind exited with errors!"
+		exit 1
+	fi
+}
+
+connect() {
+	if [ "$RUNTYPE" == "remote" ]; then
+		nc localhost 9000
+	elif [ "$RUNTYPE" == "debug" ]; then
+		checkleaks
+	else
+		./stldoctor
+	fi
+}
+
+if [ "$1" == "stl" ]; then
+
+	announce "Testing ASCII STL Parsing"
+	(
+		echo "echo"
+		echo "submit"
+		cat tests/sample-ascii.stl | wc -c
+		cat tests/sample-ascii.stl
+		echo "ASCII-testname"
+	) | checkleaks
+
+	announce "Testing BIN STL Parsing"
+	(
+		echo "echo"
+		echo "submit"
+		cat tests/sample-binary.stl | wc -c
+		cat tests/sample-binary.stl
+		echo "BIN-testname"
+	) | checkleaks
+
+elif [ "$1" == "poc" ]; then
+
+	announce "Testing Proof-Of-Concept"
+
+	[ ! -z "$RESULTDIR" ] && rm -rf "$RESULTDIR"/*
+
+	echo -e "\n--- Uploading target STL ---\n" 1>&2
+	(
+		echo "echo"
+		echo "submit"
+		cat tests/flag1.stl | wc -c
+		cat tests/flag1.stl
+		echo "N0TaFL4G"
+		echo "exit"
+	) | connect
+
+	echo -e "\n--- Uploading evil STL ---\n" 1>&2
+	(
+		echo "echo"
+		echo "submit"
+		cat tests/evil1.stl | wc -c
+		cat tests/evil1.stl
+		echo "EV1L"
+		echo "exit"
+	) | connect
+
+	echo -e "\n--- Testing Exploit ---\n" 1>&2
+	(
+		echo "echo"
+
+		# try index 0
+		echo "query"
+		echo "EV1L"
+		echo "0"
+		echo "n"
+
+		echo "query last"
+		echo "0"
+		echo "n"
+
+		# try index 1
+		echo "query"
+		echo -e "EV1L"
+		echo "0"
+		echo "n"
+
+		echo "query last"
+		echo "1"
+		echo "n"
+		echo "exit"
+	) | connect
+
+else
+	connect
+fi
-- 
cgit v1.2.3-71-gd317