require 'spec_helper'
require 'ronin/exploits/mixins/stack_overflow'

require 'ronin/exploits/exploit'
require 'ronin/exploits/metadata/arch'
require 'ronin/exploits/metadata/os'

describe Ronin::Exploits::Mixins::StackOverflow do
  module TestSEHMixin
    class TestExploit < Ronin::Exploits::Exploit
      include Ronin::Exploits::Metadata::Arch
      include Ronin::Exploits::Metadata::OS
      include Ronin::Exploits::Mixins::StackOverflow

      arch :x86
      os :windows
    end
  end

  let(:exploit_class) { TestSEHMixin::TestExploit }

  it "must include Ronin::Exploits::Mixins::Text" do
    expect(exploit_class).to include(Ronin::Exploits::Mixins::Text)
  end

  it "must include Ronin::Exploits::Mixins::Binary" do
    expect(exploit_class).to include(Ronin::Exploits::Mixins::Binary)
  end

  it "must include Ronin::Exploits::Mixins::NOPS" do
    expect(exploit_class).to include(Ronin::Exploits::Mixins::NOPS)
  end

  subject { exploit_class.new }

  let(:bp) { 0x06eb9090 }
  let(:ip)  { 0x1001ae86 }

  describe "#stack_frame" do
    it "must pack the nseh and seh arguments as machine words" do
      expect(subject.stack_frame(bp,ip)).to eq(
        [bp, ip].pack('L<2')
      )
    end
  end

  describe "#buffer_overflow" do
    let(:length)  { 1024 }
    let(:payload) { 'shellcode here'.b }

    it "must return a buffer of the given size, containing junk data, the payload, stack base pointer (bp), and stack instruction pointer (ip) addresses" do
      buffer = subject.buffer_overflow(
        length: length, payload: payload, bp: bp, ip: ip
      )

      expect(buffer.length).to eq(length)

      junk = subject.junk(length - payload.bytesize - (subject.platform[:machine_word].size * 2))

      packed_bp = subject.pack(:machine_word,bp)
      packed_ip = subject.pack(:machine_word,ip)

      expect(buffer).to eq(junk + payload + packed_bp + packed_ip)
    end

    context "when the nops: keyword argument is given" do
      let(:nops) { 16 }

      it "must add additional NOP padding to the beginning of the payload" do
        buffer = subject.buffer_overflow(
          length: length, nops: nops, payload: payload, bp: bp, ip: ip
        )

        expect(buffer.length).to eq(length)

        junk = subject.junk(length - (subject.nop.bytesize * nops) - payload.bytesize - (subject.platform[:machine_word].size * 2))

        nop_pad = subject.nops(nops)

        packed_ip = subject.pack(:machine_word,ip)
        packed_bp = subject.pack(:machine_word,bp)

        expect(buffer).to eq(junk + nop_pad + payload + packed_bp + packed_ip)
      end
    end
  end
end