SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

next step

Browse Source
This commit is contained in:
van Hauser 2020-12-18 11:48:11 +01:00
parent 6c3e60df20
commit 7de1e19f78
3 changed files with 33 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
afl/src/engines/mod.rs
View File

@ -2,8 +2,8 @@
use core::fmt::Debug; use core::fmt::Debug;
use core::marker::PhantomData; use core::marker::PhantomData;
use std::fs;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use std::fs;
use crate::corpus::{Corpus, Testcase}; use crate::corpus::{Corpus, Testcase};
use crate::events::EventManager; use crate::events::EventManager;
@ -203,7 +203,7 @@ where
engine: &mut Engine<E, OT, ET, I>, engine: &mut Engine<E, OT, ET, I>,
manager: &mut EM, manager: &mut EM,
in_dir: String, in_dir: String,
)-> Result<(), AflError> ) -> Result<(), AflError>
where where
G: Generator<I, R>, G: Generator<I, R>,
C: Corpus<I, R>, C: Corpus<I, R>,
@ -212,49 +212,39 @@ where
EM: EventManager<C, E, OT, FT, I, R>, EM: EventManager<C, E, OT, FT, I, R>,
{ {
for entry in fs::read_dir(in_dir)? { for entry in fs::read_dir(in_dir)? {
let entry = entry?; let entry = entry?;
let file = entry.path().display().to_string(); let file = entry.path().display().to_string();
let attributes = fs::metadata(file.clone()); let attributes = fs::metadata(file.clone());
if !attributes.is_ok() { if !attributes.is_ok() {
continue; continue;
} }
let attr = attributes?; let attr = attributes?;
if attr.is_file() { if attr.is_file() {
println!("Load file {}", file); println!("Load file {}", file);
//let input = read_file(file); //let input = read_file(file);
//let fitness = self.evaluate_input(&input, engine.executor_mut())?; //let fitness = self.evaluate_input(&input, engine.executor_mut())?;
//if !self.add_if_interesting(corpus, input, fitness)?.is_none() { //if !self.add_if_interesting(corpus, input, fitness)?.is_none() {
// added += 1; // added += 1;
//} //}
} else if attr.is_dir() { } else if attr.is_dir() {
let _x = self.load_from_directory(
let _x = load_from_directory(
&mut corpus, &mut corpus,
&mut generator, &mut generator,
&mut engine, &mut engine,
&mut manager, &mut manager,
file, file,
); );
} }
} }
Ok(()) Ok(())
} }
pub fn load_initial_inputs<G, C, E, ET, EM>( pub fn load_initial_inputs<G, C, E, ET, EM>(
&mut self, &mut self,
corpus: &mut C, corpus: &mut C,
@ -262,7 +252,7 @@ where
engine: &mut Engine<E, OT, ET, I>, engine: &mut Engine<E, OT, ET, I>,
manager: &mut EM, manager: &mut EM,
in_dir: Vec<String>, in_dir: Vec<String>,
)-> Result<(), AflError> ) -> Result<(), AflError>
where where
G: Generator<I, R>, G: Generator<I, R>,
C: Corpus<I, R>, C: Corpus<I, R>,
@ -272,15 +262,13 @@ where
{ {
let mut added = 0 as u32; let mut added = 0 as u32;
for directory in in_dir { for directory in in_dir {
let _x = self.load_from_directory(
let _x = load_from_directory(
&mut corpus, &mut corpus,
&mut generator, &mut generator,
&mut engine, &mut engine,
&mut manager, &mut manager,
directory, directory,
); );
} }
manager.log( manager.log(
0, 0,

13
fuzzers/libfuzzer/runtime/rt.c
View File

@ -120,14 +120,19 @@ void __sanitizer_cov_trace_switch(uint64_t val, uint64_t *cases) {
} }
__attribute__((weak)) int LLVMFuzzerInitialize(int *argc, char ***argv); __attribute__((weak)) int LLVMFuzzerInitialize(int *argc, char ***argv);
void afl_libfuzzer_main(); void afl_libfuzzer_main();
int afl_libfuzzer_init(int *argc, char ***argv) {
if (LLVMFuzzerInitialize)
return LLVMFuzzerInitialize(&argc, &argv);
else
return 0;
}
int main(int argc, char** argv) { int main(int argc, char** argv) {
if (LLVMFuzzerInitialize)
LLVMFuzzerInitialize(&argc, &argv);
afl_libfuzzer_main(); afl_libfuzzer_main();
return 0; return 0;

12
fuzzers/libfuzzer/src/lib.rs
View File

@ -29,7 +29,7 @@ extern "C" {
fn LLVMFuzzerTestOneInput(data: *const u8, size: usize) -> i32; fn LLVMFuzzerTestOneInput(data: *const u8, size: usize) -> i32;
/// int LLVMFuzzerInitialize(int argc, char **argv) /// int LLVMFuzzerInitialize(int argc, char **argv)
fn LLVMFuzzerInitialize(argc: u32, argv: *const *const u8) -> i32; fn afl_libfuzzer_init(argc: u32, argv: *const *const u8) -> i32;
static __lafl_edges_map: *mut u8; static __lafl_edges_map: *mut u8;
static __lafl_cmp_map: *mut u8; static __lafl_cmp_map: *mut u8;
@ -120,6 +120,16 @@ pub extern "C" fn afl_libfuzzer_main() {
} }
println!("We're a client, let's fuzz :)"); println!("We're a client, let's fuzz :)");
// unsafe {
// if afl_libfuzzer_init(...) == -1 {
// println("Warning: LLVMFuzzerInitialize failed with -1")
// }
// }
let edges_observer = let edges_observer =
StdMapObserver::new_from_ptr(&NAME_COV_MAP, unsafe { __lafl_edges_map }, unsafe { StdMapObserver::new_from_ptr(&NAME_COV_MAP, unsafe { __lafl_edges_map }, unsafe {
__lafl_max_edges_size as usize __lafl_max_edges_size as usize