require 'spec_helper'
require 'ronin/exploits/mixins/seh'

require 'ronin/exploits/exploit'
require 'ronin/exploits/metadata/arch'
require 'ronin/exploits/metadata/os'

describe Ronin::Exploits::Mixins::SEH do
  module TestSEHMixin
    class TestExploit < Ronin::Exploits::Exploit
      include Ronin::Exploits::Metadata::Arch
      include Ronin::Exploits::Metadata::OS
      include Ronin::Exploits::Mixins::SEH

      arch :x86
      os :windows
    end
  end

  let(:exploit_class) { TestSEHMixin::TestExploit }

  it "must include Ronin::Exploits::Mixins::Text" do
    expect(exploit_class).to include(Ronin::Exploits::Mixins::Text)
  end

  it "must include Ronin::Exploits::Mixins::Binary" do
    expect(exploit_class).to include(Ronin::Exploits::Mixins::Binary)
  end

  it "must include Ronin::Exploits::Mixins::NOPS" do
    expect(exploit_class).to include(Ronin::Exploits::Mixins::NOPS)
  end

  subject { exploit_class.new }

  let(:nseh) { 0x06eb9090 }
  let(:seh)  { 0x1001ae86 }

  describe "#seh_record" do
    it "must pack the nseh and seh arguments as machine words" do
      expect(subject.seh_record(nseh,seh)).to eq(
        [nseh, seh].pack('L<2')
      )
    end
  end

  describe "#seh_buffer_overflow" do
    let(:length)  { 1024 }
    let(:payload) { 'shellcode here'.b }

    it "must return a buffer of the given size, containing junk data, the payload, nseh, and seh addresses" do
      buffer = subject.seh_buffer_overflow(
        length: length, payload: payload, nseh: nseh, seh: seh
      )

      expect(buffer.length).to eq(length)

      junk = subject.junk(length - payload.bytesize - (subject.platform[:machine_word].size * 2))

      packed_nseh = subject.pack(:machine_word,nseh)
      packed_seh  = subject.pack(:machine_word,seh)

      expect(buffer).to eq(junk + payload + packed_nseh + packed_seh)
    end

    context "when the nops: keyword argument is given" do
      let(:nops) { 16 }

      it "must add additional NOP padding to the beginning of the payload" do
        buffer = subject.seh_buffer_overflow(
          length: length, nops: nops, payload: payload, nseh: nseh, seh: seh
        )

        expect(buffer.length).to eq(length)

        junk = subject.junk(length - (subject.nop.bytesize * nops) - payload.bytesize - (subject.platform[:machine_word].size * 2))

        nop_pad = subject.nops(nops)

        packed_nseh = subject.pack(:machine_word,nseh)
        packed_seh  = subject.pack(:machine_word,seh)

        expect(buffer).to eq(
          junk + nop_pad + payload + packed_nseh + packed_seh
        )
      end
    end
  end
end