Due Date: Tu February 27, 2018 at 11:59pm.
In this project, you will test and harden the server that you constructed in Project #1. This project will also be tested on machines in the CSE Linux Lab - cse-p204instXX.cse.psu.edu, which XX is a 2-digit number from 01 to at least 40.
Test: First, you will run a fuzz tester over your submission for Project #1. You will install and run American Fuzzy Lop (AFL) fuzz tester and build under your user account on the Linux Lab machines. AFL is pretty easy to build and does not require root access to run. See the Feb 15 course slides for guidance on using AFL as well as the AFL web page.
As described in the Feb 15 slides, you will fuzz the "set" command only in this project. In particular, you will fuzz handling of the input file using afl-fuzz as specified in those slides.
You will run a fuzzing campaign that tests at least 120 unique paths in your submitted program. This should take between 2 and 3 hours. If it is going slower, you should look at your crashes - may be a bug you need to fix that is preventing it from executing paths.
Provide a copy of "fuzzer_stats" file produced by AFL with your submission. AFL collects the inputs that produce unique crashes (and hangs) into a "crashes" (and hangs) directory. Run each of the crash and hang inputs on your program manually to record the cause of the crash or hang, which you will provide with your project submission. Also, if AFL is not trying new unique paths very quickly, you should check the crashes and hangs to see if an error in the program is preventing it from search as much as desired.
Fix: You must fix the crashes caused by segmentation faults and any hangs, up to a maximum of 10 unique fixes (if you have more, you don't have to fix them all). Some of the problems may be caused by the same error, so one fix may cover multiple errors. Please record a mapping between segmentation faults and the fix required to prevent the fault with your submission Some fixes also may be addressed by the hardening requirements below.
Harden: Based on the Feb 13 lecture please harden your Project #1 code in the following ways.
File Input: Apply getline to obtain file input without truncation or buffer overflow.
File Input: Apply sscanf using options to parse strings to obtain structure values without truncation or buffer overflow.
Numeric Values: Ensure that numeric inputs are legal values and within range of the numbers that can be represented. See this for guidance.
String Copies: Use the safest and most flexible string copy function available in the Linux Lab per the Feb 13 lecture slides.
String Comparison: Perform string comparison that prevents buffer overflow and truncation.
KVS Buffer Operations: Should all be perform using memory operations (mem*), not string operations, with the exception of operations that find the length of argv inputs.
Since string and numeric value checking will get more complex, you probably want to create functions to do those that are called from the upload functions. I created an inline function for each.
Ensure that your code runs correctly on machines in the in the CSE Linux Lab. Any one of these machines will be sufficient - cse-p204instXX.cse.psu.edu, which XX is a 2-digit number from 01 to at least 40.
As described above, please submit the following
Tarball of your project source code built with "make tar".
Provide a copy of the "fuzzer_stats" file produced by AFL with your submission.
Provide the entries from the "crashes" directory in a tar file, along with a trace of your program executing these crashes.
A mapping between segmentation faults caused by the "crashes" AFL inputs and your fixes of up to 10 of those segmentation faults.
A brief description of the hardening changes for each category. If you had already hardened the code in Project #1, please state that.
There will be a dropbox created on Canvas to submit your project code. Please use "make tar" to construct a tarball containing your project code and submit this tarball to the Canvas dropbox by 11:59pm on Tu February 27, 2018.
You are to complete this on your own. Any sharing of text in the project is expressly forbidden. We will create a Piazza forum, and the only allowed sharing of project information is through that forum. Do not discuss this project with anyone outside of Piazza.