diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 2aa939ae6d..0c2893a1b7 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -106,6 +106,8 @@ jobs: run: rustup toolchain install nightly --component rustfmt --component clippy --allow-downgrade - name: Install deps run: sudo apt-get install -y llvm llvm-dev clang nasm ninja-build + - name: install cargo-make + run: cargo install --force cargo-make - uses: actions/checkout@v2 - name: Build and run example fuzzers run: ./scripts/test_all_fuzzers.sh @@ -192,6 +194,8 @@ jobs: run: rustup toolchain install nightly --component rustfmt --component clippy --allow-downgrade - name: Install deps run: brew install llvm libpng nasm coreutils z3 && brew link --force llvm + - name: install cargo-make + run: cargo install --force cargo-make - uses: actions/checkout@v2 - name: Increase map sizes run: ./scripts/shmem_limits_macos.sh diff --git a/fuzzers/forkserver_simple/Makefile b/fuzzers/forkserver_simple/Makefile deleted file mode 100644 index ae26da329d..0000000000 --- a/fuzzers/forkserver_simple/Makefile +++ /dev/null @@ -1,24 +0,0 @@ -FUZZER_NAME="forkserver_simple" -PROJECT_DIR=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST)))) -CORPUS_DIR="corpus" - -PHONY: all - -all: $(FUZZER_NAME) - -$(FUZZER_NAME): - cargo build --release - cp $(PROJECT_DIR)/target/release/$(FUZZER_NAME) . - -clean: - rm ./$(FUZZER_NAME) - -run: all - taskset -c 0 ./$(FUZZER_NAME) 2>/dev/null & - -short_test: all - rm -rf libafl_unix_shmem_server || true - timeout 10s taskset -c 0 ./$(FUZZER_NAME) $(PROJECT_DIR)/target/release/program ./$(CORPUS_DIR) @@ 2>/dev/null & - -test: all - timeout 60s taskset -c 0 ./$(FUZZER_NAME) $(PROJECT_DIR)/target/release/program ./$(CORPUS_DIR) @@ 2>/dev/null & diff --git a/fuzzers/fuzzbench/Makefile.toml b/fuzzers/fuzzbench/Makefile.toml new file mode 100644 index 0000000000..be7dca4516 --- /dev/null +++ b/fuzzers/fuzzbench/Makefile.toml @@ -0,0 +1,99 @@ +[env] +FUZZER_NAME="fuzzer" +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Cargo-make not integrated yet on this" +''' + +# Compilers +[tasks.cxx] +linux_alias = "cxx_unix" +mac_alias = "cxx_unix" +windows_alias = "unsupported" + +[tasks.cxx_unix] +command = "cargo" +args = ["build" , "--release"] + +[tasks.cc] +linux_alias = "cc_unix" +mac_alias = "cc_unix" +windows_alias = "unsupported" + +[tasks.cc_unix] +command = "cargo" +args = ["build" , "--release"] + +# fuzz.o File +[tasks.fuzz_o] +linux_alias = "fuzz_o_unix" +mac_alias = "fuzz_o_unix" +windows_alias = "unsupported" + +[tasks.fuzz_o_unix] +command = "target/release/libafl_cc" +args = ["--libafl-no-link", "-O3", "-c", "fuzz.c", "-o", "fuzz.o"] +dependencies = ["cc", "cxx"] + +# Fuzzer +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "target/release/libafl_cxx" +args = ["--libafl", "fuzz.o", "-o", "${FUZZER_NAME}", "-lm", "-lz"] +dependencies = ["cc", "cxx", "fuzz_o"] + +# Run +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +script_runner="@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +mkdir in || true +echo a > in/a +./${FUZZER_NAME} -o out -i in +''' +dependencies = ["fuzzer"] + + +# Test +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "unsupported" + +[tasks.test_unix] +script_runner="@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +mkdir in || true +echo a > in/a +# Allow sigterm as exit code +timeout 11s ./${FUZZER_NAME} -o out -i in || [ $? -eq 124 ] +rm -rf out || true +rm -rf in || true +''' +dependencies = ["fuzzer"] + +# Clean +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +script_runner="@shell" +script=''' +rm ./${FUZZER_NAME} || true +rm fuzz.o || true +''' \ No newline at end of file diff --git a/fuzzers/fuzzbench_fork_qemu/Makefile.toml b/fuzzers/fuzzbench_fork_qemu/Makefile.toml new file mode 100644 index 0000000000..f8d8af05ef --- /dev/null +++ b/fuzzers/fuzzbench_fork_qemu/Makefile.toml @@ -0,0 +1,100 @@ +# Variables +[env] +FUZZER_NAME='libpng_harness' +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Qemu fuzzer not supported on windows" +''' + +# libpng +[tasks.libpng] +linux_alias = "libpng_unix" +mac_alias = "libpng_unix" +windows_alias = "unsupported" + +[tasks.libpng_unix] +condition = { files_not_exist = [ "./libpng-1.6.37" ] } +script_runner="@shell" +script=''' +wget https://deac-fra.dl.sourceforge.net/project/libpng/libpng16/1.6.37/libpng-1.6.37.tar.xz +tar -xvf libpng-1.6.37.tar.xz +''' + +# fuzzer +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "cargo" +args = ["build", "--release"] + +# Harness +[tasks.harness] +linux_alias = "harness_unix" +mac_alias = "harness_unix" +windows_alias = "unsupported" + +[tasks.harness_unix] +script_runner="@shell" +script=''' +cd libpng-1.6.37 && ./configure --enable-shared=no --with-pic=yes --enable-hardware-optimizations=yes +cd "${PROJECT_DIR}" +make -C libpng-1.6.37 +cc -c "${PROJECT_DIR}/libfuzzer_main.c" +# Build the libpng harness +c++ \ + ../libfuzzer_libpng/harness.cc \ + ./libpng-1.6.37/.libs/libpng16.a \ + ./libfuzzer_main.o \ + -I./libpng-1.6.37/ \ + -o ${FUZZER_NAME} \ + -lm -lz +''' +dependencies = ["libpng"] + +# Run the fuzzer +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +command = "cargo" +args = ["run", "--release", "./{FUZZER_NAME}", "--", "--libafl-in", "../libfuzzer_libpng/corpus", "--libafl-out", "./out", "./${FUZZER_NAME}"] +dependencies = [ "harness", "fuzzer" ] + +# Run the fuzzer +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "unsupported" + +# Short test +[tasks.test_unix] +script_runner = "@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +timeout 10s cargo run --release -- --libafl-in ../libfuzzer_libpng/corpus --libafl-out ./out ./${FUZZER_NAME} & +''' +dependencies = [ "harness", "fuzzer" ] + +# Clean up +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +# Disable default `clean` definition +clear = true +script_runner="@shell" +script=''' +rm -f ./${FUZZER_NAME} libfuzzer_main.o +make -C libpng-1.6.37 clean +cargo clean +''' \ No newline at end of file diff --git a/fuzzers/fuzzbench_qemu/Makefile.toml b/fuzzers/fuzzbench_qemu/Makefile.toml new file mode 100644 index 0000000000..f8d8af05ef --- /dev/null +++ b/fuzzers/fuzzbench_qemu/Makefile.toml @@ -0,0 +1,100 @@ +# Variables +[env] +FUZZER_NAME='libpng_harness' +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Qemu fuzzer not supported on windows" +''' + +# libpng +[tasks.libpng] +linux_alias = "libpng_unix" +mac_alias = "libpng_unix" +windows_alias = "unsupported" + +[tasks.libpng_unix] +condition = { files_not_exist = [ "./libpng-1.6.37" ] } +script_runner="@shell" +script=''' +wget https://deac-fra.dl.sourceforge.net/project/libpng/libpng16/1.6.37/libpng-1.6.37.tar.xz +tar -xvf libpng-1.6.37.tar.xz +''' + +# fuzzer +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "cargo" +args = ["build", "--release"] + +# Harness +[tasks.harness] +linux_alias = "harness_unix" +mac_alias = "harness_unix" +windows_alias = "unsupported" + +[tasks.harness_unix] +script_runner="@shell" +script=''' +cd libpng-1.6.37 && ./configure --enable-shared=no --with-pic=yes --enable-hardware-optimizations=yes +cd "${PROJECT_DIR}" +make -C libpng-1.6.37 +cc -c "${PROJECT_DIR}/libfuzzer_main.c" +# Build the libpng harness +c++ \ + ../libfuzzer_libpng/harness.cc \ + ./libpng-1.6.37/.libs/libpng16.a \ + ./libfuzzer_main.o \ + -I./libpng-1.6.37/ \ + -o ${FUZZER_NAME} \ + -lm -lz +''' +dependencies = ["libpng"] + +# Run the fuzzer +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +command = "cargo" +args = ["run", "--release", "./{FUZZER_NAME}", "--", "--libafl-in", "../libfuzzer_libpng/corpus", "--libafl-out", "./out", "./${FUZZER_NAME}"] +dependencies = [ "harness", "fuzzer" ] + +# Run the fuzzer +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "unsupported" + +# Short test +[tasks.test_unix] +script_runner = "@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +timeout 10s cargo run --release -- --libafl-in ../libfuzzer_libpng/corpus --libafl-out ./out ./${FUZZER_NAME} & +''' +dependencies = [ "harness", "fuzzer" ] + +# Clean up +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +# Disable default `clean` definition +clear = true +script_runner="@shell" +script=''' +rm -f ./${FUZZER_NAME} libfuzzer_main.o +make -C libpng-1.6.37 clean +cargo clean +''' \ No newline at end of file diff --git a/fuzzers/fuzzbench_text/Makefile.toml b/fuzzers/fuzzbench_text/Makefile.toml new file mode 100644 index 0000000000..5ec845b5f4 --- /dev/null +++ b/fuzzers/fuzzbench_text/Makefile.toml @@ -0,0 +1,100 @@ +[env] +FUZZER_NAME="fuzzer" +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Cargo-make not integrated yet on this" +''' + +# Compilers +[tasks.cxx] +linux_alias = "cxx_unix" +mac_alias = "cxx_unix" +windows_alias = "unsupported" + +[tasks.cxx_unix] +command = "cargo" +args = ["build" , "--release"] + +[tasks.cc] +linux_alias = "cc_unix" +mac_alias = "cc_unix" +windows_alias = "unsupported" + +[tasks.cc_unix] +command = "cargo" +args = ["build" , "--release"] + +# fuzz.o File +[tasks.fuzz_o] +linux_alias = "fuzz_o_unix" +mac_alias = "fuzz_o_unix" +windows_alias = "unsupported" + +[tasks.fuzz_o_unix] +command = "target/release/libafl_cc" +args = ["--libafl-no-link", "-O3", "-c", "fuzz.c", "-o", "fuzz.o"] +dependencies = ["cc", "cxx"] + +# Fuzzer +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "target/release/libafl_cxx" +args = ["--libafl", "fuzz.o", "-o", "${FUZZER_NAME}", "-lm", "-lz"] +dependencies = ["cc", "cxx", "fuzz_o"] + +# Run +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +script_runner="@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +mkdir in || true +echo a > in/a +# Allow sigterm as exit code +./${FUZZER_NAME} -o out -i in +''' +dependencies = ["fuzzer"] + + +# Test +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "unsupported" + +[tasks.test_unix] +script_runner="@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +mkdir in || true +echo a > in/a +# Allow sigterm as exit code +timeout 11s ./${FUZZER_NAME} -o out -i in || [ $? -eq 124 ] +rm -rf out || true +rm -rf in || true +''' +dependencies = ["fuzzer"] + +# Clean +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +script_runner="@shell" +script=''' +rm ./${FUZZER_NAME} || true +rm fuzz.o || true +''' \ No newline at end of file diff --git a/fuzzers/generic_inmemory/Makefile.toml b/fuzzers/generic_inmemory/Makefile.toml new file mode 100644 index 0000000000..85b5f28b9a --- /dev/null +++ b/fuzzers/generic_inmemory/Makefile.toml @@ -0,0 +1,79 @@ +[env] +FUZZER_NAME="fuzzer" +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Cargo-make not integrated yet on this" +''' + +# Compilers +[tasks.cxx] +linux_alias = "cxx_unix" +mac_alias = "cxx_unix" +windows_alias = "unsupported" + +[tasks.cxx_unix] +command = "cargo" +args = ["build" , "--release"] + +[tasks.cc] +linux_alias = "cc_unix" +mac_alias = "cc_unix" +windows_alias = "unsupported" + +[tasks.cc_unix] +command = "cargo" +args = ["build" , "--release"] + +# Fuzzer +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "target/release/libafl_cc" +args = ["-O3", "fuzz.c", "-o", "fuzzer"] +dependencies = ["cc", "cxx"] + +# Run +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +script_runner="@shell" +script=''' +./${FUZZER_NAME} --cores 0 --broker-port 31337 +''' +dependencies = ["fuzzer"] + + +# Test +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "unsupported" + +[tasks.test_unix] +script_runner="@shell" +script=''' +timeout 10s ./${FUZZER_NAME} --cores 0 --broker-port 31337 || [ $? -eq 124 ] +''' +dependencies = ["fuzzer"] + +# Clean +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +script_runner="@shell" +script=''' +rm ./${FUZZER_NAME} || true + +''' \ No newline at end of file diff --git a/fuzzers/libfuzzer_libmozjpeg/Makefile.toml b/fuzzers/libfuzzer_libmozjpeg/Makefile.toml new file mode 100644 index 0000000000..70b217ca05 --- /dev/null +++ b/fuzzers/libfuzzer_libmozjpeg/Makefile.toml @@ -0,0 +1,124 @@ +# Variables +[env] +FUZZER_NAME='fuzzer_mozjpeg' +LIBAFL_CC = './target/release/libafl_cc' +LIBAFL_CXX = './target/release/libafl_cxx' +FUZZER = './target/release/${FUZZER_NAME}' +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Cargo-make not integrated yet on this platform" +''' + +# libpng +[tasks.mozjpeg] +linux_alias = "mozjpeg_unix" +mac_alias = "mozjpeg_unix" +windows_alias = "unsupported" + +[tasks.mozjpeg_unix] +condition = { files_not_exist = ["./mozjpeg-4.0.3"]} +script_runner="@shell" +script=''' +wget https://github.com/mozilla/mozjpeg/archive/v4.0.3.tar.gz +tar -xzvf v4.0.3.tar.gz +''' + +# Compilers +[tasks.cxx] +linux_alias = "cxx_unix" +mac_alias = "cxx_unix" +windows_alias = "unsupported" + +[tasks.cxx_unix] +command = "cargo" +args = ["build" , "--release"] + +[tasks.cc] +linux_alias = "cc_unix" +mac_alias = "cc_unix" +windows_alias = "unsupported" + +[tasks.cc_unix] +command = "cargo" +args = ["build" , "--release"] + +# Library +[tasks.lib] +linux_alias = "lib_unix" +mac_alias = "lib_unix" +windows_alias = "unsupported" + +[tasks.lib_unix] +script=''' +cd mozjpeg-4.0.3 && cmake . -DENABLE_SHARED=false -DCMAKE_C_COMPILER="${PROJECT_DIR}/${LIBAFL_CC}" -DCMAKE_CXX_COMPILER="${PROJECT_DIR}/${LIBAFL_CXX}" -G "Unix Makefiles" +cd "${PROJECT_DIR}" +make -C mozjpeg-4.0.3 +''' +dependencies = [ "mozjpeg", "cxx", "cc" ] + + +# Harness +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "target/release/libafl_cxx" +args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/mozjpeg-4.0.3/libjpeg.a", "${PROJECT_DIR}/mozjpeg-4.0.3/libturbojpeg.a", "-I", "${PROJECT_DIR}/mozjpeg-4.0.3/", "-o", "${FUZZER_NAME}", "-lm", "-lz"] +dependencies = [ "lib", "cxx", "cc" ] + +# Run the fuzzer +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +script_runner = "@shell" +script=''' +./${FUZZER_NAME} & +sleep 0.2 +./${FUZZER_NAME} +''' +dependencies = [ "fuzzer" ] + +# Test +[tasks.test] +linux_alias = "test_linux" +mac_alias = "test_mac" +windows_alias = "unsupported" + +[tasks.test_linux] +script_runner = "@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +timeout 11s ./${FUZZER_NAME} & +sleep 0.2 +timeout 10s ./${FUZZER_NAME} >/dev/null 2>/dev/null & +''' +dependencies = [ "fuzzer" ] + +[tasks.test_mac] +script=''' +echo "Skipping build on MacOS as libpng in Github is ancient, see LibAFL GH issue #254" +''' + +# Clean up +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +# Disable default `clean` definition +clear = true +script_runner="@shell" +script=''' +rm -f ./${FUZZER_NAME} +make -C mozjpeg-4.0.3 clean +cargo clean +''' \ No newline at end of file diff --git a/fuzzers/libfuzzer_libpng/Makefile.toml b/fuzzers/libfuzzer_libpng/Makefile.toml new file mode 100644 index 0000000000..80b60b9cb2 --- /dev/null +++ b/fuzzers/libfuzzer_libpng/Makefile.toml @@ -0,0 +1,120 @@ +# Variables +[env] +FUZZER_NAME='fuzzer_libpng' +LIBAFL_CC = './target/release/libafl_cc' +LIBAFL_CXX = './target/release/libafl_cxx' +FUZZER = './target/release/${FUZZER_NAME}' +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Cargo-make not integrated yet on this" +''' + +# libpng +[tasks.libpng] +linux_alias = "libpng_unix" +mac_alias = "libpng_unix" +windows_alias = "unsupported" + +[tasks.libpng_unix] +condition = { files_not_exist = ["./libpng-1.6.37"]} +script_runner="@shell" +script=''' +wget https://deac-fra.dl.sourceforge.net/project/libpng/libpng16/1.6.37/libpng-1.6.37.tar.xz +tar -xvf libpng-1.6.37.tar.xz +''' + +# Compilers +[tasks.cxx] +linux_alias = "cxx_unix" +mac_alias = "cxx_unix" +windows_alias = "unsupported" + +[tasks.cxx_unix] +command = "cargo" +args = ["build" , "--release"] + +[tasks.cc] +linux_alias = "cc_unix" +mac_alias = "cc_unix" +windows_alias = "unsupported" + +[tasks.cc_unix] +command = "cargo" +args = ["build" , "--release"] + +# Library +[tasks.lib] +linux_alias = "lib_unix" +mac_alias = "lib_unix" +windows_alias = "unsupported" + +[tasks.lib_unix] +script_runner="@shell" +script=''' +cd libpng-1.6.37 && ./configure --enable-shared=no --with-pic=yes --enable-hardware-optimizations=yes +cd "${PROJECT_DIR}" +make -C libpng-1.6.37 CC="${PROJECT_DIR}/target/release/libafl_cc" CXX="${PROJECT_DIR}/target/release/libafl_cxx" +''' +dependencies = [ "libpng", "cxx", "cc" ] + + +# Harness +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "target/release/libafl_cxx" +args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/libpng-1.6.37/.libs/libpng16.a", "-I", "${PROJECT_DIR}/libpng-1.6.37/", "-o", "${FUZZER_NAME}", "-lm", "-lz"] +dependencies = [ "lib", "cxx", "cc" ] + +# Run the fuzzer +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +script_runner = "@shell" +script=''' +./${FUZZER_NAME} & +sleep 0.2 +./${FUZZER_NAME} 2>/dev/null +''' +dependencies = [ "fuzzer" ] + +# Test +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "unsupported" + +[tasks.test_unix] +script_runner = "@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +timeout 11s ./${FUZZER_NAME} & +sleep 0.2 +timeout 10s ./${FUZZER_NAME} >/dev/null 2>/dev/null & +''' +dependencies = [ "fuzzer" ] + +# Clean up +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +# Disable default `clean` definition +clear = true +script_runner="@shell" +script=''' +rm -f ./${FUZZER_NAME} +make -C libpng-1.6.37 clean +cargo clean +''' \ No newline at end of file diff --git a/fuzzers/libfuzzer_libpng_accounting/Makefile.toml b/fuzzers/libfuzzer_libpng_accounting/Makefile.toml new file mode 100644 index 0000000000..3ef89db4f6 --- /dev/null +++ b/fuzzers/libfuzzer_libpng_accounting/Makefile.toml @@ -0,0 +1,116 @@ +# Variables +[env] +FUZZER_NAME='fuzzer_libpng' +LIBAFL_CC = './target/release/libafl_cc' +LIBAFL_CXX = './target/release/libafl_cxx' +FUZZER = './target/release/${FUZZER_NAME}' +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Cargo-make not integrated yet on this platform" +''' + +# libpng +[tasks.libpng] +linux_alias = "libpng_unix" +mac_alias = "libpng_unix" +windows_alias = "unsupported" + +[tasks.libpng_unix] +condition = { files_not_exist = ["./libpng-1.6.37"]} +script_runner="@shell" +script=''' +wget https://deac-fra.dl.sourceforge.net/project/libpng/libpng16/1.6.37/libpng-1.6.37.tar.xz +tar -xvf libpng-1.6.37.tar.xz +''' + +# Compilers +[tasks.cxx] +linux_alias = "cxx_unix" +mac_alias = "cxx_unix" +windows_alias = "unsupported" + +[tasks.cxx_unix] +command = "cargo" +args = ["build" , "--release"] + +[tasks.cc] +linux_alias = "cc_unix" +mac_alias = "cc_unix" +windows_alias = "unsupported" + +[tasks.cc_unix] +command = "cargo" +args = ["build" , "--release"] + +# Library +[tasks.lib] +linux_alias = "lib_unix" +mac_alias = "lib_unix" +windows_alias = "unsupported" + +[tasks.lib_unix] +script_runner="@shell" +script=''' +cd libpng-1.6.37 && ./configure --enable-shared=no --with-pic=yes --enable-hardware-optimizations=yes +cd "${PROJECT_DIR}" +make -C libpng-1.6.37 CC="${PROJECT_DIR}/target/release/libafl_cc" CXX="${PROJECT_DIR}/target/release/libafl_cxx" +''' +dependencies = [ "libpng", "cxx", "cc" ] + + +# Harness +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "target/release/libafl_cxx" +args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/libpng-1.6.37/.libs/libpng16.a", "-I", "${PROJECT_DIR}/libpng-1.6.37/", "-o", "${FUZZER_NAME}", "-lm", "-lz"] +dependencies = [ "lib", "cxx", "cc" ] + +# Run the fuzzer +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +script_runner = "@shell" +script=''' +./${FUZZER_NAME} --cores 0 --input ./corpus & +''' +dependencies = [ "fuzzer" ] + +# Test +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "unsupported" + +[tasks.test_unix] +script_runner = "@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +timeout 11s ./${FUZZER_NAME} --cores 0 --input ./corpus 2>/dev/null & +''' +dependencies = [ "fuzzer" ] + +# Clean up +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +# Disable default `clean` definition +clear = true +script_runner="@shell" +script=''' +rm -f ./${FUZZER_NAME} +make -C libpng-1.6.37 clean +cargo clean +''' \ No newline at end of file diff --git a/fuzzers/libfuzzer_libpng_ctx/Makefile.toml b/fuzzers/libfuzzer_libpng_ctx/Makefile.toml new file mode 100644 index 0000000000..3ef89db4f6 --- /dev/null +++ b/fuzzers/libfuzzer_libpng_ctx/Makefile.toml @@ -0,0 +1,116 @@ +# Variables +[env] +FUZZER_NAME='fuzzer_libpng' +LIBAFL_CC = './target/release/libafl_cc' +LIBAFL_CXX = './target/release/libafl_cxx' +FUZZER = './target/release/${FUZZER_NAME}' +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Cargo-make not integrated yet on this platform" +''' + +# libpng +[tasks.libpng] +linux_alias = "libpng_unix" +mac_alias = "libpng_unix" +windows_alias = "unsupported" + +[tasks.libpng_unix] +condition = { files_not_exist = ["./libpng-1.6.37"]} +script_runner="@shell" +script=''' +wget https://deac-fra.dl.sourceforge.net/project/libpng/libpng16/1.6.37/libpng-1.6.37.tar.xz +tar -xvf libpng-1.6.37.tar.xz +''' + +# Compilers +[tasks.cxx] +linux_alias = "cxx_unix" +mac_alias = "cxx_unix" +windows_alias = "unsupported" + +[tasks.cxx_unix] +command = "cargo" +args = ["build" , "--release"] + +[tasks.cc] +linux_alias = "cc_unix" +mac_alias = "cc_unix" +windows_alias = "unsupported" + +[tasks.cc_unix] +command = "cargo" +args = ["build" , "--release"] + +# Library +[tasks.lib] +linux_alias = "lib_unix" +mac_alias = "lib_unix" +windows_alias = "unsupported" + +[tasks.lib_unix] +script_runner="@shell" +script=''' +cd libpng-1.6.37 && ./configure --enable-shared=no --with-pic=yes --enable-hardware-optimizations=yes +cd "${PROJECT_DIR}" +make -C libpng-1.6.37 CC="${PROJECT_DIR}/target/release/libafl_cc" CXX="${PROJECT_DIR}/target/release/libafl_cxx" +''' +dependencies = [ "libpng", "cxx", "cc" ] + + +# Harness +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "target/release/libafl_cxx" +args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/libpng-1.6.37/.libs/libpng16.a", "-I", "${PROJECT_DIR}/libpng-1.6.37/", "-o", "${FUZZER_NAME}", "-lm", "-lz"] +dependencies = [ "lib", "cxx", "cc" ] + +# Run the fuzzer +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +script_runner = "@shell" +script=''' +./${FUZZER_NAME} --cores 0 --input ./corpus & +''' +dependencies = [ "fuzzer" ] + +# Test +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "unsupported" + +[tasks.test_unix] +script_runner = "@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +timeout 11s ./${FUZZER_NAME} --cores 0 --input ./corpus 2>/dev/null & +''' +dependencies = [ "fuzzer" ] + +# Clean up +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +# Disable default `clean` definition +clear = true +script_runner="@shell" +script=''' +rm -f ./${FUZZER_NAME} +make -C libpng-1.6.37 clean +cargo clean +''' \ No newline at end of file diff --git a/fuzzers/libfuzzer_libpng_launcher/Makefile.toml b/fuzzers/libfuzzer_libpng_launcher/Makefile.toml new file mode 100644 index 0000000000..3ef89db4f6 --- /dev/null +++ b/fuzzers/libfuzzer_libpng_launcher/Makefile.toml @@ -0,0 +1,116 @@ +# Variables +[env] +FUZZER_NAME='fuzzer_libpng' +LIBAFL_CC = './target/release/libafl_cc' +LIBAFL_CXX = './target/release/libafl_cxx' +FUZZER = './target/release/${FUZZER_NAME}' +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Cargo-make not integrated yet on this platform" +''' + +# libpng +[tasks.libpng] +linux_alias = "libpng_unix" +mac_alias = "libpng_unix" +windows_alias = "unsupported" + +[tasks.libpng_unix] +condition = { files_not_exist = ["./libpng-1.6.37"]} +script_runner="@shell" +script=''' +wget https://deac-fra.dl.sourceforge.net/project/libpng/libpng16/1.6.37/libpng-1.6.37.tar.xz +tar -xvf libpng-1.6.37.tar.xz +''' + +# Compilers +[tasks.cxx] +linux_alias = "cxx_unix" +mac_alias = "cxx_unix" +windows_alias = "unsupported" + +[tasks.cxx_unix] +command = "cargo" +args = ["build" , "--release"] + +[tasks.cc] +linux_alias = "cc_unix" +mac_alias = "cc_unix" +windows_alias = "unsupported" + +[tasks.cc_unix] +command = "cargo" +args = ["build" , "--release"] + +# Library +[tasks.lib] +linux_alias = "lib_unix" +mac_alias = "lib_unix" +windows_alias = "unsupported" + +[tasks.lib_unix] +script_runner="@shell" +script=''' +cd libpng-1.6.37 && ./configure --enable-shared=no --with-pic=yes --enable-hardware-optimizations=yes +cd "${PROJECT_DIR}" +make -C libpng-1.6.37 CC="${PROJECT_DIR}/target/release/libafl_cc" CXX="${PROJECT_DIR}/target/release/libafl_cxx" +''' +dependencies = [ "libpng", "cxx", "cc" ] + + +# Harness +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "target/release/libafl_cxx" +args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/libpng-1.6.37/.libs/libpng16.a", "-I", "${PROJECT_DIR}/libpng-1.6.37/", "-o", "${FUZZER_NAME}", "-lm", "-lz"] +dependencies = [ "lib", "cxx", "cc" ] + +# Run the fuzzer +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +script_runner = "@shell" +script=''' +./${FUZZER_NAME} --cores 0 --input ./corpus & +''' +dependencies = [ "fuzzer" ] + +# Test +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "unsupported" + +[tasks.test_unix] +script_runner = "@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +timeout 11s ./${FUZZER_NAME} --cores 0 --input ./corpus 2>/dev/null & +''' +dependencies = [ "fuzzer" ] + +# Clean up +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +# Disable default `clean` definition +clear = true +script_runner="@shell" +script=''' +rm -f ./${FUZZER_NAME} +make -C libpng-1.6.37 clean +cargo clean +''' \ No newline at end of file diff --git a/fuzzers/libfuzzer_stb_image/Makefile.toml b/fuzzers/libfuzzer_stb_image/Makefile.toml new file mode 100644 index 0000000000..118db51ee0 --- /dev/null +++ b/fuzzers/libfuzzer_stb_image/Makefile.toml @@ -0,0 +1,84 @@ +# Variables +[env] +FUZZER_NAME='libfuzzer_stb_image' +LIBAFL_CC = { source = "${CARGO_MAKE_RUST_TARGET_OS}", default_value = './target/release/libafl_cc', mapping = {"windows" = '.\\target\\release\\libafl_cc.exe'} } +LIBAFL_CXX = { source = "${CARGO_MAKE_RUST_TARGET_OS}", default_value = './target/release/libafl_cxx', mapping = {"windows" = '.\\target\\release\\libafl_cxx.exe'} } +FUZZER = { source = "${CARGO_MAKE_RUST_TARGET_OS}", default_value = './target/release/${FUZZER_NAME}', mapping = {"windows" = '.\\target\\release\\${FUZZER_NAME}.exe'} } + +# Compilers +[tasks.cxx] +condition = { files_not_exist = ["${LIBAFL_CXX}"] } +command = "cargo" +args = ["build" , "--release"] + +[tasks.cc] +condition = { files_not_exist = ["${LIBAFL_CC}"] } +command = "cargo" +args = ["build" , "--release"] + + +# Build the fuzzer +[tasks.fuzzer] +script_runner="@shell" +script=''' +cargo build --release +cp ${FUZZER} . +''' +dependencies = ["cc", "cxx"] + +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "run_windows" + +[tasks.run_unix] +script_runner = "@shell" +script=''' +./${FUZZER_NAME} & +sleep 0.2 +./${FUZZER_NAME} +''' +dependencies = [ "fuzzer" ] + +[tasks.run_windows] +# Do nothing +script_runner = "@shell" +script=''' +echo "Not integrated into cargo-make yet." +''' +dependencies = [ "fuzzer" ] + + +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "test_windows" + +[tasks.test_unix] +script_runner = "@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +timeout 11s ./${FUZZER_NAME} & +sleep 0.2 +timeout 10s ./${FUZZER_NAME} >/dev/null 2>/dev/null & +''' +dependencies = [ "fuzzer" ] + +[tasks.test_windows] +# Do nothing +script_runner = "@shell" +script=''' +echo "Not integrated into cargo-make yet." +''' +dependencies = [ "fuzzer" ] + + +# Clean up +[tasks.clean] +# Disable default `clean` definition +clear = true +script_runner="@shell" +script=''' +rm -f ./${FUZZER_NAME} +cargo clean +''' \ No newline at end of file diff --git a/fuzzers/libfuzzer_stb_image_sugar/Makefile.toml b/fuzzers/libfuzzer_stb_image_sugar/Makefile.toml new file mode 100644 index 0000000000..6c547f4fb6 --- /dev/null +++ b/fuzzers/libfuzzer_stb_image_sugar/Makefile.toml @@ -0,0 +1,80 @@ +# Variables +[env] +FUZZER_NAME='libfuzzer_stb_image' +LIBAFL_CC = { source = "${CARGO_MAKE_RUST_TARGET_OS}", default_value = './target/release/libafl_cc', mapping = {"windows" = '.\\target\\release\\libafl_cc.exe'} } +LIBAFL_CXX = { source = "${CARGO_MAKE_RUST_TARGET_OS}", default_value = './target/release/libafl_cxx', mapping = {"windows" = '.\\target\\release\\libafl_cxx.exe'} } +FUZZER = { source = "${CARGO_MAKE_RUST_TARGET_OS}", default_value = './target/release/${FUZZER_NAME}', mapping = {"windows" = '.\\target\\release\\${FUZZER_NAME}.exe'} } + +# Compilers +[tasks.cxx] +condition = { files_not_exist = ["${LIBAFL_CXX}"] } +command = "cargo" +args = ["build" , "--release"] + +[tasks.cc] +condition = { files_not_exist = ["${LIBAFL_CC}"] } +command = "cargo" +args = ["build" , "--release"] + + +# Build the fuzzer +[tasks.fuzzer] +script_runner="@shell" +script=''' +cargo build --release +cp ${FUZZER} . +''' +dependencies = ["cc", "cxx"] + +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "run_windows" + +[tasks.run_unix] +script_runner = "@shell" +script=''' +./${FUZZER_NAME} & +''' +dependencies = [ "fuzzer" ] + +[tasks.run_windows] +# Do nothing +script_runner = "@shell" +script=''' +echo "Not integrated into cargo-make yet." +''' +dependencies = [ "fuzzer" ] + + +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "test_windows" + +[tasks.test_unix] +script_runner = "@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +timeout 11s ./${FUZZER_NAME} 2>/dev/null & +''' +dependencies = [ "fuzzer" ] + +[tasks.test_windows] +# Do nothing +script_runner = "@shell" +script=''' +echo "Not integrated into cargo-make yet." +''' +dependencies = [ "fuzzer" ] + + +# Clean up +[tasks.clean] +# Disable default `clean` definition +clear = true +script_runner="@shell" +script=''' +rm -f ./${FUZZER_NAME} +cargo clean +''' \ No newline at end of file diff --git a/fuzzers/qemu_launcher/Makefile.toml b/fuzzers/qemu_launcher/Makefile.toml new file mode 100644 index 0000000000..fd4090318b --- /dev/null +++ b/fuzzers/qemu_launcher/Makefile.toml @@ -0,0 +1,98 @@ +# Variables +[env] +FUZZER_NAME='libpng_harness' +PROJECT_DIR = { script = ["pwd"] } + +[tasks.unsupported] +script_runner="@shell" +script=''' +echo "Qemu fuzzer not supported on windows" +''' + +# libpng +[tasks.libpng] +linux_alias = "libpng_unix" +mac_alias = "libpng_unix" +windows_alias = "unsupported" + +[tasks.libpng_unix] +condition = { files_not_exist = [ "./libpng-1.6.37" ] } +script_runner="@shell" +script=''' +wget https://deac-fra.dl.sourceforge.net/project/libpng/libpng16/1.6.37/libpng-1.6.37.tar.xz +tar -xvf libpng-1.6.37.tar.xz +''' + +# fuzzer +[tasks.fuzzer] +linux_alias = "fuzzer_unix" +mac_alias = "fuzzer_unix" +windows_alias = "unsupported" + +[tasks.fuzzer_unix] +command = "cargo" +args = ["build", "--release"] + +# Harness +[tasks.harness] +linux_alias = "harness_unix" +mac_alias = "harness_unix" +windows_alias = "unsupported" + +[tasks.harness_unix] +script_runner="@shell" +script=''' +cd libpng-1.6.37 && ./configure --enable-shared=no --with-pic=yes --enable-hardware-optimizations=yes +cd "${PROJECT_DIR}" +make -C libpng-1.6.37 +# Build the libpng harness +c++ \ + ./harness.cc \ + ./libpng-1.6.37/.libs/libpng16.a \ + -I./libpng-1.6.37/ \ + -o ${FUZZER_NAME} \ + -lm -lz +''' +dependencies = [ "libpng" ] + +# Run the fuzzer +[tasks.run] +linux_alias = "run_unix" +mac_alias = "run_unix" +windows_alias = "unsupported" + +[tasks.run_unix] +command = "cargo" +args = ["run", "--release", "./{FUZZER_NAME}"] +dependencies = [ "harness", "fuzzer" ] + +# Run the fuzzer +[tasks.test] +linux_alias = "test_unix" +mac_alias = "test_unix" +windows_alias = "unsupported" + +# Short test +[tasks.test_unix] +script_runner = "@shell" +script=''' +rm -rf libafl_unix_shmem_server || true +timeout 11s cargo run --release ./${FUZZER_NAME} 2>/dev/null & +''' +dependencies = [ "harness", "fuzzer" ] + +# Clean up +[tasks.clean] +linux_alias = "clean_unix" +mac_alias = "clean_unix" +windows_alias = "unsupported" + +[tasks.clean_unix] +# Disable default `clean` definition +clear = true +script_runner="@shell" +script=''' +rm -f ./${FUZZER_NAME} +make -C libpng-1.6.37 clean +cargo clean +''' \ No newline at end of file diff --git a/scripts/test_all_fuzzers.sh b/scripts/test_all_fuzzers.sh index 464fdf7f0d..a3ba1d69f7 100755 --- a/scripts/test_all_fuzzers.sh +++ b/scripts/test_all_fuzzers.sh @@ -23,9 +23,9 @@ do echo "[+] Skipping fmt and clippy for $fuzzer (--no-fmt specified)" fi - if [ -e ./Makefile ]; then + if [ -e ./Makefile.toml ]; then echo "[*] Testing $fuzzer" - make short_test || exit 1 + cargo make test || exit 1 echo "[+] Done testing $fuzzer" else echo "[*] Building $fuzzer"