ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-18 12:48:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

update the codes, readme

Browse Source 
- add readme
- add required qlpack.yml
This commit is contained in:
microsvuln
2021-04-03 02:02:45 +04:00
parent 565f61a6ab
commit a26ed3b758
6 changed files with 378 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

188
utils/autodict_ql/autodict_ql.py Normal file
View File

@ -0,0 +1,188 @@
#!/usr/bin/env python3
import os
import string
import binascii
import codecs
import errno
import struct
import argparse
import shutil
import subprocess
from binascii import unhexlify
def ensure_dir(dir):
try:
os.makedirs(dir)
except OSError as e:
if e.errno != errno.EEXIST:
raise
def parse_args():
parser = argparse.ArgumentParser(description=(
"Helper - Specify input file analysis and output folder to save corpus for strings in the overall project --------------------------------------------------------------------------- Example usage : python2 thisfile.py outdir str.txt" ))
#parser.add_argument("tokenpath",
#help="Destination directory for tokens")
parser.add_argument("cur",
help = "Current Path")
parser.add_argument("db",
help = "CodeQL database Path")
parser.add_argument("tokenpath",
help="Destination directory for tokens")
return parser.parse_args()
def static_analysis(file,file2,cur,db) :
with open(cur+"/"+file, "w") as f:
print(cur+"/"+file)
stream = os.popen("codeql query run " + cur +"/"+ file2 + " -d " + db )
output = stream.read()
f.write(output)
f.close()
def copy_tokens(cur, tokenpath) :
subprocess.call(["cp " + cur + "/" + "arrays-lits/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
subprocess.call(["cp " + cur + "/" + "strstr-strs/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
subprocess.call(["cp " + cur + "/" + "strcmp-strs/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
subprocess.call(["cp " + cur + "/" + "strncmp-strs/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
subprocess.call(["cp " + cur + "/" + "local-strs/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
subprocess.call(["cp " + cur + "/" + "memcmp-strs/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
subprocess.call(["cp " + cur + "/" + "global-strs/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
subprocess.call(["cp " + cur + "/" + "lits/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
subprocess.call(["cp " + cur + "/" + "arrays-lits/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
subprocess.call(["cp " + cur + "/" + "arrays-strs/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
subprocess.call(["cp " + cur + "/" + "strtool-strs/*" + " " + cur + "/" + tokenpath + "/."] ,shell=True)
#strtool-strs
def codeql_analysis(cur, db) :
static_analysis("litout.out","litool.ql", cur, db)
static_analysis("strcmp-strings.out","strcmp-str.ql", cur, db)
static_analysis("strncmp-strings.out","strncmp-str.ql", cur, db)
static_analysis("strstr-strings.out","strstr-str.ql", cur, db)
static_analysis("memcmp-strings.out","memcmp-str.ql", cur, db)
static_analysis("global-values-strings.out","globals-values.ql", cur, db)
static_analysis("local-strings.out","locals-strs.ql", cur, db)
static_analysis("strtool-strings.out","strtool.ql", cur, db)
static_analysis("arrays.out","array-literals.ql", cur, db)
start_aflql(0,cur)
#command1 = [
# 'codeql','query', 'run',
# cur + '/litool.ql',
# '-d',
# db, '>','fff.txt'
# ]
#with open("litool2.log", "w") as f:
# stream = os.popen("codeql query run litool.ql -d " + db )
# output = stream.read()
# f.write(output)
# f.close()
#worker1 = subprocess.Popen(command1)
#print(worker1.communicate())
def start_aflql(tokenpath, cur):
command = [
'python3',
cur + '/litan.py',
cur+'/lits/',
cur+'/litout.out'
]
worker1 = subprocess.Popen(command)
print(worker1.communicate())
command1 = [
'python3',
cur + '/strcmp-strings.py',
cur + '/strcmp-strs/',
cur + '/strcmp-strings.out'
]
worker2 = subprocess.Popen(command1)
print(worker2.communicate())
command2 = [
'python3',
cur + '/strncmp-strings.py',
cur + '/strncmp-strs/',
cur + '/strncmp-strings.out'
]
worker3 = subprocess.Popen(command2)
print(worker3.communicate())
command3 = [
'python3',
cur + '/array-lits.py',
cur + '/arrays-lits/',
cur + '/arrays.out'
]
worker4 = subprocess.Popen(command3)
print(worker4.communicate())
command4 = [
'python3',
cur + '/array-strings.py',
cur + '/arrays-strs/',
cur + '/arrays.out'
]
worker5 = subprocess.Popen(command4)
print(worker5.communicate())
command5 = [
'python3',
cur + '/memcmp-strings.py',
cur + '/memcmp-strs/',
cur + '/memcmp-strings.out'
]
worker6 = subprocess.Popen(command5)
print(worker6.communicate())
command6 = [
'python3',
cur + '/globals-strings.py',
cur + '/global-strs/',
cur + '/global-values-strings.out'
]
worker7 = subprocess.Popen(command6)
print(worker7.communicate())
command7 = [
'python3',
cur + '/strstr-strings.py',
cur + '/strstr-strs/',
cur + '/strstr-strings.out'
]
worker8 = subprocess.Popen(command7)
print(worker8.communicate())
#strtool-strings.out
command8 = [
'python3',
cur + '/stan-strings.py',
cur + '/strtool-strs/',
cur + '/strtool-strings.out'
]
worker9 = subprocess.Popen(command8)
print(worker9.communicate())
command9 = [
'python3',
cur + '/local-strings.py',
cur + '/local-strs/',
cur + '/local-strings.out'
]
worker10 = subprocess.Popen(command9)
print(worker10.communicate())
def main():
args = parse_args()
ensure_dir(args.tokenpath)
#copy_tokens(args.cur, args.tokenpath)
codeql_analysis(args.cur, args.db)
copy_tokens(args.cur, args.tokenpath)
#start_aflql(args.tokenpath, args.cur)
if __name__ == '__main__':
main()