I had a thought in this direction a while back. It was in the context of randpkt, not fuzzing but I think the same principle applies:
https://www.wireshark.org/lists/wireshark-dev/201304/msg00109.html Basically it should be pretty easy to script such that it forces decoding for every protocol over TCP/UDP/etc on a given capture. There is certainly a lot of code that fuzz-testing currently doesn't cover. On Tue, Oct 8, 2013 at 9:57 AM, Anders Broman <anders.bro...@ericsson.com> wrote: > > > > > From: wireshark-dev-boun...@wireshark.org > [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of > mman...@netscape.net > Sent: den 8 oktober 2013 15:23 > To: wireshark-dev@wireshark.org > Subject: [Wireshark-dev] fuzzing UDP/TCP dissectors with no port assignment > > > >>Anders brought up a question in bug 9241 that I've always been curious >> about (and I think the discussion is better served on -dev than the bug). >> We have many >TCP/UDP dissectors that don't have an IANA assigned port >> number or are not setup as heuristic dissectors. In these cases their port >> number = 0 and it's up to >a user preference to set it to a value >> corresponding to their trace. If that step is required to invoke the >> dissector, how are the fuzzbots handling it? Are all of >these dissectors >> just not getting fuzzed? > > > > Yes I’m pretty sure that’s the case, and I also think we have the case of > user DLT etc. The best would be if it was possible to add pseudo information > to the trace files setting the needed preferences. It would be possible to > have tags in the SHB of pcap-ng files but I’m not sure we want to go that > route. > > A new Wireshark specific block would be much better. Another possibility > would be to have a template file with the file name and the required tshark > parameters or indicating a profile to be used together with the file in > question but it would require a bit of work to set up I suppose. > > > > Regards > > Anders > > > > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe