diff options
| author | Marcus Meissner <marcus@linux-n4oc.site> | 2016-09-24 11:22:48 +0200 |
|---|---|---|
| committer | Marcus Meissner <marcus@linux-n4oc.site> | 2016-09-24 11:22:48 +0200 |
| commit | 1bdf84653c0d495113dea8f3aa54173c9f495334 (patch) | |
| tree | e75669702d4baa83c3f96371333509e951a3c46c /libgphoto2_port/vusb | |
| parent | b97ab7684e81415f32e52370aecfb4ecf9ee653c (diff) | |
| download | libgphoto2-1bdf84653c0d495113dea8f3aa54173c9f495334.tar.gz | |
take input directly from the fuzzer, no xor
also add method to record the data from a regular call as seed
Diffstat (limited to 'libgphoto2_port/vusb')
| -rw-r--r-- | libgphoto2_port/vusb/vcamera.c | 38 | ||||
| -rw-r--r-- | libgphoto2_port/vusb/vcamera.h | 7 |
2 files changed, 33 insertions, 12 deletions
diff --git a/libgphoto2_port/vusb/vcamera.c b/libgphoto2_port/vusb/vcamera.c index 12c8259d9..0114ec61f 100644 --- a/libgphoto2_port/vusb/vcamera.c +++ b/libgphoto2_port/vusb/vcamera.c @@ -1653,16 +1653,22 @@ static int vcam_open(vcamera* cam, const char *port) { char *s = strchr(port,':'); if (s) { - cam->fuzzfd = open(s+1,O_RDONLY); - if (cam->fuzzfd == -1) perror(s+1); + if (s[1] == '>') { /* record mode */ + cam->fuzzf = fopen(s+2,"wb"); + cam->fuzzmode = FUZZMODE_PROTOCOL; + } else { + cam->fuzzf = fopen(s+1,"rb"); + cam->fuzzmode = FUZZMODE_NORMAL; + } + if (cam->fuzzf == NULL) perror(s+1); } return GP_OK; } static int vcam_close(vcamera* cam) { - if (cam->fuzzfd) { - close (cam->fuzzfd); - cam->fuzzfd = 0; + if (cam->fuzzf) { + fclose (cam->fuzzf); + cam->fuzzf = NULL; } return GP_OK; } @@ -1766,14 +1772,24 @@ vcam_read(vcamera*cam, int ep, char *data, int bytes) { if (toread > cam->nrinbulk) toread = cam->nrinbulk; - if (cam->fuzzfd) { - int i; + if (cam->fuzzf) { + int i, hasread; memset(data,0,toread); - read(cam->fuzzfd, data, toread); - for (i=0;i<toread;i++) - data[i] ^= cam->inbulk[i]; - } else { + if (cam->fuzzmode == FUZZMODE_PROTOCOL) { + fwrite(cam->inbulk[i], 1, toread, cam->fuzzf); + } else { + hasread = fread(data, 1, toread, cam->fuzzf); + +#if 0 + for (i=0;i<toread;i++) + data[i] ^= cam->inbulk[i]; +#endif + toread = hasread; + } + } + else + { memcpy (data, cam->inbulk, toread); } memmove (cam->inbulk, cam->inbulk + toread, (cam->nrinbulk - toread)); diff --git a/libgphoto2_port/vusb/vcamera.h b/libgphoto2_port/vusb/vcamera.h index 2f097c1d4..5d387ef30 100644 --- a/libgphoto2_port/vusb/vcamera.h +++ b/libgphoto2_port/vusb/vcamera.h @@ -22,6 +22,8 @@ #ifndef __VCAMERA_H__ #define __VCAMERA_H__ +#include <stdio.h> + typedef struct ptpcontainer { unsigned int size; unsigned int type; @@ -57,7 +59,10 @@ typedef struct vcamera { unsigned int session; ptpcontainer ptpcmd; - int fuzzfd; + int fuzzmode; +#define FUZZMODE_PROTOCOL 0 +#define FUZZMODE_NORMAL 1 + FILE* fuzzf; } vcamera; vcamera *vcamera_new(vcameratype); |