2 * wpa_supplicant - WNM fuzzer
3 * Copyright (c) 2015, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
9 #include "utils/includes.h"
11 #include "utils/common.h"
12 #include "utils/eloop.h"
13 #include "common/ieee802_11_defs.h"
14 #include "rsn_supp/wpa.h"
15 #include "rsn_supp/wpa_i.h"
16 #include "../../wpa_supplicant/wpa_supplicant_i.h"
17 #include "../../wpa_supplicant/bss.h"
18 #include "../../wpa_supplicant/wnm_sta.h"
23 struct wpa_supplicant wpa_s;
25 struct wpa_driver_ops driver;
30 static void test_send_wnm(void *eloop_data, void *user_ctx)
32 struct arg_ctx *ctx = eloop_data;
35 struct ieee80211_mgmt *mgmt;
37 wpa_printf(MSG_INFO, "wnm-fuzzer: Send '%s'", ctx->fname);
39 data = os_readfile(ctx->fname, &len);
41 wpa_printf(MSG_ERROR, "Could not read '%s'", ctx->fname);
45 wpa_hexdump(MSG_MSGDUMP, "fuzzer - WNM", data, len);
47 mgmt = (struct ieee80211_mgmt *) data;
48 ieee802_11_rx_wnm_action(&ctx->wpa_s, mgmt, len);
56 static int init_wpa(struct arg_ctx *ctx)
58 ctx->wpa_s.wpa_state = WPA_COMPLETED;
59 os_memcpy(ctx->wpa_s.bssid, "\x02\x00\x00\x00\x03\x00", ETH_ALEN);
60 ctx->wpa_s.current_bss = &ctx->bss;
61 ctx->wpa_s.driver = &ctx->driver;
62 ctx->wpa_s.wpa = &ctx->wpa;
68 int main(int argc, char *argv[])
74 printf("usage: %s <file>\n", argv[0]);
78 if (os_program_init())
82 wpa_debug_show_keys = 1;
85 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
89 os_memset(&ctx, 0, sizeof(ctx));
94 eloop_register_timeout(0, 0, test_send_wnm, &ctx, NULL);
96 wpa_printf(MSG_DEBUG, "Starting eloop");
98 wpa_printf(MSG_DEBUG, "eloop done");