mirror of
https://github.com/AFLplusplus/AFLplusplus.git
synced 2025-06-11 01:31:37 +00:00
Merge branch 'master' of https://github.com/vanhauser-thc/AFLplusplus
This commit is contained in:
hexcoder-
commit
b89d10025d
13
.gitignore
vendored
13
.gitignore
vendored
@ -17,6 +17,19 @@ afl-gotcpu
|
||||
afl-qemu-trace
|
||||
afl-showmap
|
||||
afl-tmin
|
||||
afl-analyze.8
|
||||
afl-clang-fast++.8
|
||||
afl-clang-fast.8
|
||||
afl-cmin.8
|
||||
afl-fuzz.8
|
||||
afl-gcc.8
|
||||
afl-gotcpu.8
|
||||
afl-plot.8
|
||||
afl-showmap.8
|
||||
afl-system-config.8
|
||||
afl-tmin.8
|
||||
afl-whatsup.8
|
||||
qemu_mode/libcompcov/compcovtest
|
||||
as
|
||||
qemu_mode/qemu-*
|
||||
unicorn_mode/unicorn
|
||||
|
||||
2
Makefile
2
Makefile
@ -250,7 +250,7 @@ binary-only: all
|
||||
cd unicorn_mode && sh ./build_unicorn_support.sh
|
||||
|
||||
source-only: all
|
||||
$(MAKE) -C llvm_mode
|
||||
-$(MAKE) -C llvm_mode
|
||||
$(MAKE) -C libdislocator
|
||||
$(MAKE) -C libtokencap
|
||||
|
||||
|
||||
@ -48,5 +48,13 @@ if [ "$PLATFORM" = "OpenBSD" ] ; then
|
||||
echo
|
||||
echo 'System security features cannot be disabled on OpenBSD.'
|
||||
fi
|
||||
if [ "$PLATFORM" = "Darwin" ] ; then
|
||||
if [ $(launchctl list 2>/dev/null | grep -q '\.ReportCrash$') ] ; then
|
||||
echo We unload the default crash reporter here
|
||||
SL=/System/Library; PL=com.apple.ReportCrash
|
||||
launchctl unload -w ${SL}/LaunchAgents/${PL}.plist
|
||||
sudo launchctl unload -w ${SL}/LaunchDaemons/${PL}.Root.plist
|
||||
fi
|
||||
fi
|
||||
echo
|
||||
echo Also use AFL_TMPDIR to use a tmpfs for the input file
|
||||
|
||||
@ -46,7 +46,7 @@ endif
|
||||
|
||||
# this is not visible yet:
|
||||
ifeq "$(LLVM_MAJOR)" "9"
|
||||
$(info llvm_mode deteted llvm 9, enabling neverZero implementation)
|
||||
$(info llvm_mode detected llvm 9, enabling neverZero implementation)
|
||||
endif
|
||||
|
||||
CFLAGS ?= -O3 -funroll-loops
|
||||
|
||||
58
test/test.sh
58
test/test.sh
@ -39,6 +39,13 @@ unset AFL_LLVM_LAF_SPLIT_SWITCHES
|
||||
unset AFL_LLVM_LAF_TRANSFORM_COMPARES
|
||||
unset AFL_LLVM_LAF_SPLIT_COMPARES
|
||||
|
||||
# on MacOS X we prefer afl-clang over afl-gcc, because
|
||||
# afl-gcc does not work there
|
||||
test `uname -s` = 'Darwin' && {
|
||||
AFL_GCC=afl-clang
|
||||
} || {
|
||||
AFL_GCC=afl-gcc
|
||||
}
|
||||
GREY="\\033[1;90m"
|
||||
BLUE="\\033[1;94m"
|
||||
GREEN="\\033[0;32m"
|
||||
@ -50,38 +57,47 @@ MEM_LIMIT=150
|
||||
|
||||
$ECHO "${RESET}${GREY}[*] starting afl++ test framework ..."
|
||||
|
||||
$ECHO "$BLUE[*] Testing: afl-gcc, afl-showmap and afl-fuzz"
|
||||
test -e ../afl-gcc -a -e ../afl-showmap -a -e ../afl-fuzz && {
|
||||
../afl-gcc -o test-instr.plain ../test-instr.c > /dev/null 2>&1
|
||||
AFL_HARDEN=1 ../afl-gcc -o test-instr.harden ../test-instr.c > /dev/null 2>&1
|
||||
$ECHO "$BLUE[*] Testing: ${AFL_GCC}, afl-showmap and afl-fuzz"
|
||||
test -e ../${AFL_GCC} -a -e ../afl-showmap -a -e ../afl-fuzz && {
|
||||
../${AFL_GCC} -o test-instr.plain ../test-instr.c > /dev/null 2>&1
|
||||
AFL_HARDEN=1 ../${AFL_GCC} -o test-instr.harden ../test-instr.c > /dev/null 2>&1
|
||||
test -e test-instr.plain && {
|
||||
$ECHO "$GREEN[+] afl-gcc compilation succeeded"
|
||||
$ECHO "$GREEN[+] ${AFL_GCC} compilation succeeded"
|
||||
echo 0 | ../afl-showmap -m ${MEM_LIMIT} -o test-instr.plain.0 -r -- ./test-instr.plain > /dev/null 2>&1
|
||||
../afl-showmap -m ${MEM_LIMIT} -o test-instr.plain.1 -r -- ./test-instr.plain < /dev/null > /dev/null 2>&1
|
||||
test -e test-instr.plain.0 -a -e test-instr.plain.1 && {
|
||||
diff -q test-instr.plain.0 test-instr.plain.1 > /dev/null 2>&1 && {
|
||||
$ECHO "$RED[!] afl-gcc instrumentation should be different on different input but is not"
|
||||
} || $ECHO "$GREEN[+] afl-gcc instrumentation present and working correctly"
|
||||
} || $ECHO "$RED[!] afl-gcc instrumentation failed"
|
||||
$ECHO "$RED[!] ${AFL_GCC} instrumentation should be different on different input but is not"
|
||||
} || $ECHO "$GREEN[+] ${AFL_GCC} instrumentation present and working correctly"
|
||||
} || $ECHO "$RED[!] ${AFL_GCC} instrumentation failed"
|
||||
rm -f test-instr.plain.0 test-instr.plain.1
|
||||
} || $ECHO "$RED[!] afl-gcc failed"
|
||||
} || $ECHO "$RED[!] ${AFL_GCC} failed"
|
||||
test -e test-instr.harden && {
|
||||
grep -qa fstack-protector-all test-instr.harden > /dev/null 2>&1 && {
|
||||
$ECHO "$GREEN[+] afl-gcc hardened mode succeeded and is working"
|
||||
} || $ECHO "$RED[!] afl-gcc hardened mode is not hardened"
|
||||
$ECHO "$GREEN[+] ${AFL_GCC} hardened mode succeeded and is working"
|
||||
} || $ECHO "$RED[!] ${AFL_GCC} hardened mode is not hardened"
|
||||
rm -f test-instr.harden
|
||||
} || $ECHO "$RED[!] afl-gcc hardened mode compilation failed"
|
||||
} || $ECHO "$RED[!] ${AFL_GCC} hardened mode compilation failed"
|
||||
# now we want to be sure that afl-fuzz is working
|
||||
{
|
||||
# make sure core_pattern is set to core on linux
|
||||
(test "$(uname -s)" = "Linux" && test "$(sysctl kernel.core_pattern)" != "kernel.core_pattern = core" && {
|
||||
$ECHO "$RED[!] we cannot run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
|
||||
true
|
||||
}) ||
|
||||
# make sure crash reporter is disabled on Mac OS X
|
||||
(test "$(uname -s)" = "Darwin" && test $(launchctl list 2>/dev/null | grep -q '\.ReportCrash$') && {
|
||||
$ECHO "$RED[!] we cannot run afl-fuzz with enabled crash reporter. Run 'sudo sh afl-system-config'.$RESET"
|
||||
true
|
||||
}) || {
|
||||
mkdir -p in
|
||||
echo 0 > in/in
|
||||
$ECHO "$GREY[*] running afl-fuzz for afl-gcc, this will take approx 10 seconds"
|
||||
$ECHO "$GREY[*] running afl-fuzz for ${AFL_GCC}, this will take approx 10 seconds"
|
||||
{
|
||||
../afl-fuzz -V10 -m ${MEM_LIMIT} -i in -o out -- ./test-instr.plain > /dev/null 2>&1
|
||||
} > /dev/null 2>&1
|
||||
test -n "$( ls out/queue/id:000002* 2> /dev/null )" && {
|
||||
$ECHO "$GREEN[+] afl-fuzz is working correctly with afl-gcc"
|
||||
} || $ECHO "$RED[!] afl-fuzz is not working correctly with afl-gcc"
|
||||
$ECHO "$GREEN[+] afl-fuzz is working correctly with ${AFL_GCC}"
|
||||
} || $ECHO "$RED[!] afl-fuzz is not working correctly with ${AFL_GCC}"
|
||||
rm -rf in out
|
||||
}
|
||||
rm -f test-instr.plain
|
||||
@ -109,7 +125,15 @@ test -e ../afl-clang-fast && {
|
||||
rm -f test-compcov.harden
|
||||
} || $ECHO "$RED[!] llvm_mode hardened mode compilation failed"
|
||||
# now we want to be sure that afl-fuzz is working
|
||||
{
|
||||
(test "$(uname -s)" = "Linux" && test "$(sysctl kernel.core_pattern)" != "kernel.core_pattern = core" && {
|
||||
$ECHO "$RED[!] we cannot run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
|
||||
true
|
||||
}) ||
|
||||
# make sure crash reporter is disabled on Mac OS X
|
||||
(test "$(uname -s)" = "Darwin" && test $(launchctl list 2>/dev/null | grep -q '\.ReportCrash$') && {
|
||||
$ECHO "$RED[!] we cannot run afl-fuzz with enabled crash reporter. Run 'sudo sh afl-system-config'.$RESET"
|
||||
true
|
||||
}) || {
|
||||
mkdir -p in
|
||||
echo 0 > in/in
|
||||
$ECHO "$GREY[*] running afl-fuzz for llvm_mode, this will take approx 10 seconds"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user