boofuzz issue with big s_bytes value

Question

I am using boofuzz in an application to fuzz specific functions. The block I create for my fuzzing vector is as shown below:

with s_block("getPasswd"):
    s_byte(0, name="usID", fuzzable=False)
    s_bytes(value=bytes([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]), name="dataChoose", size=16, max_len=16, fuzzable=False) # THIS IS 16 BYTES
    s_byte(0,name="paswd", fuzzable=False)
    s_byte(0,name="2fA", fuzzable=False)
    s_byte(0,name="status", fuzzable=False)
    s_word(0x0000, name="subData",fuzzable=False)
    s_byte(0,name="adminUsr", fuzzable=True)
    s_bytes(value=bytes([0x00]*170),name="hashOfPswd", size=170, max_len=170, fuzzable=False)

My fuzzing code worked perfectly until I changed the size of hashOfPswd to 170 ( as you can see ). Initially it was 50 and there was no issue, but after looking at the function I wanted to fuzz this is the size and therefore I had to do it 170. When I did that, I got the following error:

[2021-05-21 15:47:54,825]       Check Failed: Target connection reset.
[2021-05-21 15:47:54,836]     Error!!!! A custom post_send callback function raised an uncought error.
                              Traceback (most recent call last):
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\connections\tcp_socket_connection.py", line 98, in recv
                                  data = self._sock.recv(max_bytes)
                              TimeoutError: [WinError 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond

                              During handling of the above exception, another exception occurred:

                              Traceback (most recent call last):
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\sessions.py", line 1272, in transmit_fuzz
                                  self.last_recv = self.targets[0].recv()
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\sessions.py", line 172, in recv
                                  data = self._target_connection.recv(max_bytes=max_bytes)
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\connections\tcp_socket_connection.py", line 109, in recv
                                  raise_(exception.BoofuzzTargetConnectionReset(), None, sys.exc_info()[2])
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\future\utils\__init__.py", line 440, in raise_
                                  raise exc.with_traceback(tb)
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\connections\tcp_socket_connection.py", line 98, in recv
                                  data = self._sock.recv(max_bytes)
                              boofuzz.exception.BoofuzzTargetConnectionReset

                              During handling of the above exception, another exception occurred:

                              Traceback (most recent call last):
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\sessions.py", line 1568, in _fuzz_current_case
                                  self.transmit_fuzz(target, self.fuzz_node, path[-1], callback_data=callback_data)
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\sessions.py", line 1275, in transmit_fuzz
                                  raise BoofuzzFailure(message=constants.ERR_CONN_RESET)
                              boofuzz.exception.BoofuzzFailure

                              During handling of the above exception, another exception occurred:

                              Traceback (most recent call last):
                                File "C:\Users\chxenofo\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0\LocalCache\local-packages\Python38\site-packages\boofuzz\monitors\callback_monitor.py", line 67, in post_send
                                  f(target=target, fuzz_data_logger=fuzz_data_logger, session=session, sock=target)
                                File "C:\Users/chxenofo/common/py_tests\Fuzzer.py", line 169, in postCallback
                                  if returnCode.hex() != "55":
                              AttributeError: 'NoneType' object has no attribute 'hex'

Which is a series of exceptions in the boofuzz library.I am suspecting tcp_socket_connection.py but it's a bit strange since usually tcp sockets are allowed up to 1GB of data.

Does anyone know how to create such block with this size of fuzzing vectors and run it properly? Or maybe what I should change to it so it is able to run properly ? Thank you in advance

Answer 1

It looks like a NoneType check is missing in your custom postCallback function.

Find the full answer at https://github.com/jtpereyda/boofuzz/issues/519#issuecomment-849074553