ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-14 11:08:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:vanhauser-thc/AFLplusplus

Browse Source
This commit is contained in:
Andrea Fioraldi
2020-01-06 11:46:23 +01:00
parent 67cbeeb395 e7fc1ef49e
commit b95cd8968d
65 changed files with 212 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.custom-format.py
View File

@ -6,7 +6,7 @@
# Written and maintaned by Andrea Fioraldi <andreafioraldi@gmail.com>
#
# Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
# Copyright 2019 AFLplusplus Project. All rights reserved.
# Copyright 2019-2020 AFLplusplus Project. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

1
Android.bp
View File

@ -129,6 +129,7 @@ cc_library_static {
vendor_available: true,
host_supported: true,
recovery_available: true,
sdk_version: "9",
defaults: [
"afl-defaults",

11
Makefile
View File

@ -104,9 +104,9 @@ endif
COMM_HDR = include/alloc-inl.h include/config.h include/debug.h include/types.h
ifeq "$(shell echo '\#include <Python.h>@int main() {return 0; }' | tr @ '\n' | $(CC) -x c - -o .test -I$(PYTHON_INCLUDE) $(LDFLAGS) $(PYTHON_LIB) 2>/dev/null && echo 1 || echo 0 )" "1"
ifeq "$(shell echo '\#include <Python.h>@int main() {return 0; }' | tr @ '\n' | $(CC) -x c - -o .test -I$(PYTHON_INCLUDE) $(LDFLAGS) $(PYTHON_LIB) 2>/dev/null && echo 1 || echo 0 ; rm -f .test )" "1"
PYTHON_OK=1
PYFLAGS=-DUSE_PYTHON -I$(PYTHON_INCLUDE) $(LDFLAGS) $(PYTHON_LIB)
PYFLAGS=-DUSE_PYTHON -I$(PYTHON_INCLUDE) $(LDFLAGS) $(PYTHON_LIB) -DPYTHON_VERSION=\"$(PYTHON_VERSION)\"
else
PYTHON_OK=0
PYFLAGS=
@ -122,7 +122,7 @@ ifdef STATIC
LDFLAGS += -lm -lrt -lpthread -lz -lutil
endif
ifeq "$(shell echo '\#include <sys/ipc.h>@\#include <sys/shm.h>@int main() { int _id = shmget(IPC_PRIVATE, 65536, IPC_CREAT | IPC_EXCL | 0600); shmctl(_id, IPC_RMID, 0); return 0;}' | tr @ '\n' | $(CC) -x c - -o .test2 2>/dev/null && echo 1 || echo 0 )" "1"
ifeq "$(shell echo '\#include <sys/ipc.h>@\#include <sys/shm.h>@int main() { int _id = shmget(IPC_PRIVATE, 65536, IPC_CREAT | IPC_EXCL | 0600); shmctl(_id, IPC_RMID, 0); return 0;}' | tr @ '\n' | $(CC) -x c - -o .test2 2>/dev/null && echo 1 || echo 0 ; rm -f .test2 )" "1"
SHMAT_OK=1
else
SHMAT_OK=0
@ -145,6 +145,7 @@ man: $(MANPAGES)
tests: source-only
@cd test ; ./test.sh
@rm -f test/errors
performance-tests: performance-test
test-performance: performance-test
@ -325,7 +326,7 @@ clean:
$(MAKE) -C qemu_mode/unsigaction clean
$(MAKE) -C qemu_mode/libcompcov clean
$(MAKE) -C src/third_party/libradamsa/ clean
-$(MAKE) -C unicorn_mode/unicorn clean
-rm -rf unicorn_mode/unicorn
distrib: all radamsa
-$(MAKE) -C llvm_mode
@ -399,7 +400,7 @@ endif
set -e; if [ -f afl-clang-fast ] ; then ln -sf afl-clang-fast $${DESTDIR}$(BIN_PATH)/afl-clang ; ln -sf afl-clang-fast $${DESTDIR}$(BIN_PATH)/afl-clang++ ; else ln -sf afl-gcc $${DESTDIR}$(BIN_PATH)/afl-clang ; ln -sf afl-gcc $${DESTDIR}$(BIN_PATH)/afl-clang++; fi
mkdir -m 0755 -p ${DESTDIR}$(MAN_PATH)
install -m0644 -D *.8 ${DESTDIR}$(MAN_PATH)
install -m0644 *.8 ${DESTDIR}$(MAN_PATH)
install -m 755 afl-as $${DESTDIR}$(HELPER_PATH)
ln -sf afl-as $${DESTDIR}$(HELPER_PATH)/as

10
README.md
View File

@ -2,9 +2,9 @@
![Travis State](https://api.travis-ci.com/vanhauser-thc/AFLplusplus.svg?branch=master)
Release Version: 2.59c
Release Version: 2.60c
Github Version: 2.59d
Github Version: 2.60d
includes all necessary/interesting changes from Google's afl 2.56b
@ -71,9 +71,9 @@
(1) only in LLVM >= 9.0 due to a bug in llvm in previous versions
(2) gcc create non-performant code, hence it is disabled in gcc_plugin
(2) gcc creates non-performant code, hence it is disabled in gcc_plugin
So all in all this is the best-of AFL that is currently out there :-)
So all in all this is the best-of afl that is currently out there :-)
For new versions and additional information, check out:
[https://github.com/vanhauser-thc/AFLplusplus](https://github.com/vanhauser-thc/AFLplusplus)
@ -124,7 +124,7 @@ afl++ binaries by passing the STATIC=1 argument to make:
$ make all STATIC=1
```
Note that afl++ is faster and better the newer the compilers used.
Note that afl++ is faster and better the newer the compilers used are.
Hence gcc-9 and especially llvm-9 should be the compilers of choice.
If your distribution does not have them, you can use the Dockerfile:

15
docs/ChangeLog
View File

@ -14,12 +14,25 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
--------------------------
Version ++2.59d (develop):
Version ++2.60d (develop):
--------------------------
- afl-fuzz:
- now prints the real python version support compiled in
- added fix from Debian project to compile libdislocator and libtokencap
--------------------------
Version ++2.60c (release):
--------------------------
- fixed a critical bug in afl-tmin that was introduced during ++2.53d
- added test cases for afl-cmin and afl-tmin to test/test.sh
- added ./experimental/argv_fuzzing ld_preload library by Kjell Braden
- added preeny's desock_dup ld_preload library as
./experimental/socket_fuzzing for network fuzzing
- added AFL_AS_FORCE_INSTRUMENT environment variable for afl-as - this is
for the retrorewrite project
- we now set QEMU_SET_ENV from AFL_PRELOAD when qemu_mode is used

4
docs/env_variables.txt
View File

@ -65,6 +65,10 @@ tools make fairly broad use of environmental variables:
mkdir assembly_here
TMPDIR=$PWD/assembly_here AFL_KEEP_ASSEMBLY=1 make clean all
- If you are a weird person that wants to compile and instrument asm
text files then use the AFL_AS_FORCE_INSTRUMENT variable:
AFL_AS_FORCE_INSTRUMENT=1 afl-gcc foo.s -o foo
- Setting AFL_QUIET will prevent afl-cc and afl-as banners from being
displayed during compilation, in case you find them distracting.

2
experimental/argv_fuzzing/Makefile
View File

@ -2,7 +2,7 @@
# american fuzzy lop++ - argvfuzz
# --------------------------------
#
# Copyright 2019 Kjell Braden <afflux@pentabarf.de>
# Copyright 2019-2020 Kjell Braden <afflux@pentabarf.de>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
experimental/argv_fuzzing/argvfuzz.c
View File

@ -2,7 +2,7 @@
american fuzzy lop++ - LD_PRELOAD for fuzzing argv in binaries
------------------------------------------------------------
Copyright 2019 Kjell Braden <afflux@pentabarf.de>
Copyright 2019-2020 Kjell Braden <afflux@pentabarf.de>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

4
gcc_plugin/Makefile
View File

@ -35,7 +35,7 @@ CXX ?= g++
PLUGIN_FLAGS = -fPIC -fno-rtti -I"$(shell $(CC) -print-file-name=plugin)/include"
ifeq "$(shell echo '\#include <sys/ipc.h>@\#include <sys/shm.h>@int main() { int _id = shmget(IPC_PRIVATE, 65536, IPC_CREAT | IPC_EXCL | 0600); shmctl(_id, IPC_RMID, 0); return 0;}' | tr @ '\n' | $(CC) -x c - -o .test2 2>/dev/null && echo 1 || echo 0 )" "1"
ifeq "$(shell echo '\#include <sys/ipc.h>@\#include <sys/shm.h>@int main() { int _id = shmget(IPC_PRIVATE, 65536, IPC_CREAT | IPC_EXCL | 0600); shmctl(_id, IPC_RMID, 0); return 0;}' | tr @ '\n' | $(CC) -x c - -o .test2 2>/dev/null && echo 1 || echo 0 ; rm -f .test2 )" "1"
SHMAT_OK=1
else
SHMAT_OK=0
@ -126,5 +126,5 @@ vpath % ..
ln -sf afl-gcc-fast.8 ../afl-g++-fast.8
clean:
rm -f *.o *.so *~ a.out core core.[1-9][0-9]* test-instr .test-instr0 .test-instr1
rm -f *.o *.so *~ a.out core core.[1-9][0-9]* test-instr .test-instr0 .test-instr1 .test2
rm -f $(PROGS) ../afl-g++-fast ../afl-g*-fast.8

2
gcc_plugin/afl-gcc-pass.so.cc
View File

@ -14,7 +14,7 @@
Written by Austin Seipp <aseipp@pobox.com> with bits from
Emese Revfy <re.emese@gmail.com>
Fixed by Heiko Eißfeldt 2019 for AFL++
Fixed by Heiko Eißfeldt 2019-2020 for AFL++
GCC integration design is based on the LLVM design, which comes
from Laszlo Szekeres. Some of the boilerplate code below for

2
include/afl-as.h
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

3
include/afl-fuzz.h
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -271,6 +271,7 @@ extern u64 mem_limit; /* Memory cap for child (MB) */
extern u8 cal_cycles, /* Calibration cycles defaults */
cal_cycles_long, /* Calibration cycles defaults */
no_unlink, /* do not unlink cur_input */
use_stdin, /* use stdin for sending data */
debug, /* Debug mode */
custom_only, /* Custom mutator only mode */
python_only; /* Python-only mode */

2
include/alloc-inl.h
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
include/android-ashmem.h
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
include/common.h
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

4
include/config.h
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -26,7 +26,7 @@
/* Version string: */
#define VERSION "++2.59d" // c = release, d = volatile github dev
#define VERSION "++2.60d" // c = release, d = volatile github dev
/******************************************************
* *

2
include/debug.h
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
include/forkserver.h
View File

@ -11,7 +11,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
include/sharedmem.h
View File

@ -11,7 +11,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
include/types.h
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

4
libdislocator/Makefile
View File

@ -18,8 +18,8 @@ HELPER_PATH = $(PREFIX)/lib/afl
VERSION = $(shell grep '^\#define VERSION ' ../config.h | cut -d '"' -f2)
CFLAGS ?= -O3 -funroll-loops -I ../include/
CFLAGS += -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign
CFLAGS ?= -O3 -funroll-loops
CFLAGS += -I ../include/ -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign
ifdef USEHUGEPAGE
CFLAGS += -DUSEHUGEPAGE

4
libtokencap/Makefile
View File

@ -18,8 +18,8 @@ HELPER_PATH = $(PREFIX)/lib/afl
VERSION = $(shell grep '^\#define VERSION ' ../config.h | cut -d '"' -f2)
CFLAGS ?= -O3 -funroll-loops -I ../include/
CFLAGS += -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign
CFLAGS ?= -O3 -funroll-loops
CFLAGS += -I ../include/ -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign
ifeq "$(shell uname)" "Linux"
TARGETS = libtokencap.so

17
libtokencap/libtokencap.so.c
View File

@ -142,6 +142,9 @@ static void __tokencap_load_mappings(void) {
}
base += size;
size = 0;
}
}
@ -687,6 +690,20 @@ bool strcsequal(const void* s1, const void* s2) {
}
/* bcmp/memcmp BSD flavors, similar to CRYPTO_memcmp */
int timingsafe_bcmp(const void* mem1, const void* mem2, size_t len) {
return bcmp(mem1, mem2, len);
}
int timingsafe_memcmp(const void* mem1, const void* mem2, size_t len) {
return memcmp(mem1, mem2, len);
}
/* Init code to open the output file (or default to stderr). */
__attribute__((constructor)) void __tokencap_init(void) {

4
llvm_mode/Makefile
View File

@ -115,7 +115,7 @@ endif
CLANGVER = $(shell $(CC) --version | sed -E -ne '/^.*version\ ([0-9]\.[0-9]\.[0-9]).*/s//\1/p')
ifeq "$(shell echo '\#include <sys/ipc.h>@\#include <sys/shm.h>@int main() { int _id = shmget(IPC_PRIVATE, 65536, IPC_CREAT | IPC_EXCL | 0600); shmctl(_id, IPC_RMID, 0); return 0;}' | tr @ '\n' | $(CC) -x c - -o .test2 2>/dev/null && echo 1 || echo 0 )" "1"
ifeq "$(shell echo '\#include <sys/ipc.h>@\#include <sys/shm.h>@int main() { int _id = shmget(IPC_PRIVATE, 65536, IPC_CREAT | IPC_EXCL | 0600); shmctl(_id, IPC_RMID, 0); return 0;}' | tr @ '\n' | $(CC) -x c - -o .test2 2>/dev/null && echo 1 || echo 0 ; rm -f .test2 )" "1"
SHMAT_OK=1
else
SHMAT_OK=0
@ -261,5 +261,5 @@ vpath % ..
ln -sf afl-clang-fast.8 ../afl-clang-fast++.8
clean:
rm -f *.o *.so *~ a.out core core.[1-9][0-9]* .test2 test-instr .test-instr0 .test-instr1
rm -f *.o *.so *~ a.out core core.[1-9][0-9]* .test2 test-instr .test-instr0 .test-instr1 afl-llvm-pass.dwo
rm -f $(PROGS) ../afl-clang-fast++ ../afl-clang-fast*.8

18
llvm_mode/afl-clang-fast.c
View File

@ -50,7 +50,11 @@ static void find_obj(u8* argv0) {
if (afl_path) {
#ifdef __ANDROID__
tmp = alloc_printf("%s/afl-llvm-rt.so", afl_path);
#else
tmp = alloc_printf("%s/afl-llvm-rt.o", afl_path);
#endif
if (!access(tmp, R_OK)) {
@ -74,7 +78,11 @@ static void find_obj(u8* argv0) {
dir = ck_strdup(argv0);
*slash = '/';
#ifdef __ANDROID__
tmp = alloc_printf("%s/afl-llvm-rt.so", afl_path);
#else
tmp = alloc_printf("%s/afl-llvm-rt.o", dir);
#endif
if (!access(tmp, R_OK)) {
@ -89,8 +97,14 @@ static void find_obj(u8* argv0) {
}
#ifdef __ANDROID__
if (!access(AFL_PATH "/afl-llvm-rt.so", R_OK)) {
#else
if (!access(AFL_PATH "/afl-llvm-rt.o", R_OK)) {
#endif
obj_path = AFL_PATH;
return;
@ -359,7 +373,7 @@ static void edit_params(u32 argc, char** argv) {
}
//#ifndef __ANDROID__ // not sure, we might need these ifdefs for Android
#ifndef __ANDROID__
switch (bit_mode) {
case 0:
@ -384,7 +398,7 @@ static void edit_params(u32 argc, char** argv) {
}
//#endif
#endif
}

2
qemu_mode/build_qemu_support.sh
View File

@ -13,7 +13,7 @@
# counters by Andrea Fioraldi <andreafioraldi@gmail.com>
#
# Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
# Copyright 2019 AFLplusplus Project. All rights reserved.
# Copyright 2019-2020 AFLplusplus Project. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
qemu_mode/libcompcov/Makefile
View File

@ -4,7 +4,7 @@
#
# Written by Andrea Fioraldi <andreafioraldi@gmail.com>
#
# Copyright 2019 Andrea Fioraldi. All rights reserved.
# Copyright 2019-2020 Andrea Fioraldi. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
qemu_mode/libcompcov/compcovtest.cc
View File

@ -2,7 +2,7 @@
//
// Author: Mateusz Jurczyk (mjurczyk@google.com)
//
// Copyright 2019 Google LLC
// Copyright 2019-2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.

2
qemu_mode/libcompcov/libcompcov.so.c
View File

@ -5,7 +5,7 @@
Written and maintained by Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
qemu_mode/patches/afl-qemu-common.h
View File

@ -12,7 +12,7 @@
counters by Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
qemu_mode/patches/afl-qemu-cpu-inl.h
View File

@ -12,7 +12,7 @@
counters by Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
qemu_mode/patches/afl-qemu-cpu-translate-inl.h
View File

@ -12,7 +12,7 @@
counters by Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
qemu_mode/patches/afl-qemu-floats.h
View File

@ -12,7 +12,7 @@
counters by Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
qemu_mode/patches/afl-qemu-tcg-inl.h
View File

@ -12,7 +12,7 @@
counters by Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
qemu_mode/patches/afl-qemu-translate-inl.h
View File

@ -12,7 +12,7 @@
counters by Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
qemu_mode/unsigaction/Makefile
View File

@ -4,7 +4,7 @@
#
# Written by Andrea Fioraldi <andreafioraldi@gmail.com>
#
# Copyright 2019 Andrea Fioraldi. All rights reserved.
# Copyright 2019-2020 Andrea Fioraldi. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

6
qemu_mode/unsigaction/README.md
View File

@ -1,7 +1,7 @@
# unsigation
# unsigaction
This library disable sigaction when preloaded.
This library disables sigaction handlers when preloaded.
Mainly needed by Wine mode but can be used as a separate tool.
A similar solution can be found in is [preeny](https://github.com/zardus/preeny).
A similar solution can be found in [preeny](https://github.com/zardus/preeny).

4
src/afl-analyze.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -75,7 +75,7 @@ static u64 mem_limit = MEM_LIMIT; /* Memory limit (MB) */
static s32 dev_null_fd = -1; /* FD to /dev/null */
static u8 edges_only, /* Ignore hit counts? */
u8 edges_only, /* Ignore hit counts? */
use_hex_offsets, /* Show hex offsets? */
use_stdin = 1; /* Use stdin for program input? */

8
src/afl-as.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -208,8 +208,12 @@ static void edit_params(int argc, char** argv) {
NSS. */
if (strncmp(input_file, tmp_dir, strlen(tmp_dir)) &&
strncmp(input_file, "/var/tmp/", 9) && strncmp(input_file, "/tmp/", 5))
strncmp(input_file, "/var/tmp/", 9) &&
strncmp(input_file, "/tmp/", 5) &&
getenv("AFL_AS_FORCE_INSTRUMENT") == NULL)
pass_thru = 1;
else if (getenv("AFL_AS_FORCE_INSTRUMENT"))
unsetenv("AFL_AS_FORCE_INSTRUMENT");
}

7
src/afl-common.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -35,7 +35,8 @@
#include <unistd.h>
#endif
u8* target_path; /* Path to target binary */
u8* target_path; /* Path to target binary */
extern u8 use_stdin;
void detect_file_args(char** argv, u8* prog_in) {
@ -78,6 +79,8 @@ void detect_file_args(char** argv, u8* prog_in) {
else
aa_subst = alloc_printf("%s/%s", cwd, prog_in);
use_stdin = 0;
/* Construct a replacement argv value. */
*aa_loc = 0;

6
src/afl-forkserver.c
View File

@ -11,7 +11,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -43,6 +43,8 @@
/* a program that includes afl-forkserver needs to define these */
extern u8 uses_asan;
extern u8 *trace_bits;
extern u8 use_stdin;
extern s32 forksrv_pid, child_pid, fsrv_ctl_fd, fsrv_st_fd;
extern s32 out_fd, out_dir_fd, dev_null_fd; /* initialize these with -1 */
#ifndef HAVE_ARC4RANDOM
@ -211,7 +213,7 @@ void init_forkserver(char **argv) {
}
if (out_file) {
if (!use_stdin) {
dup2(dev_null_fd, 0);

2
src/afl-fuzz-bitmap.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
src/afl-fuzz-extras.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

3
src/afl-fuzz-globals.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -86,6 +86,7 @@ u8 cal_cycles = CAL_CYCLES, /* Calibration cycles defaults */
cal_cycles_long = CAL_CYCLES_LONG, /* Calibration cycles defaults */
debug, /* Debug mode */
no_unlink, /* do not unlink cur_input */
use_stdin = 1, /* use stdin for sending data */
custom_only, /* Custom mutator only mode */
python_only; /* Python-only mode */

2
src/afl-fuzz-init.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
src/afl-fuzz-misc.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

14
src/afl-fuzz-one.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -482,6 +482,9 @@ u8 fuzz_one_original(char** argv) {
if (use_radamsa > 1) goto radamsa_stage;
//custom_stage: // not used - yet
if (custom_mutator) {
stage_short = "custom";
@ -541,9 +544,6 @@ u8 fuzz_one_original(char** argv) {
: havoc_max_mult * 100)) ||
queue_cur->passed_det) {
if (use_radamsa > 1)
goto radamsa_stage;
else
#ifdef USE_PYTHON
goto python_stage;
#else
@ -557,9 +557,6 @@ u8 fuzz_one_original(char** argv) {
if (master_max && (queue_cur->exec_cksum % master_max) != master_id - 1) {
if (use_radamsa > 1)
goto radamsa_stage;
else
#ifdef USE_PYTHON
goto python_stage;
#else
@ -2266,9 +2263,6 @@ retry_splicing:
out_buf = ck_alloc_nozero(len);
memcpy(out_buf, in_buf, len);
if (use_radamsa > 1)
goto radamsa_stage;
else
#ifdef USE_PYTHON
goto python_stage;
#else

2
src/afl-fuzz-python.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
src/afl-fuzz-queue.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at:

2
src/afl-fuzz-run.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
src/afl-fuzz-stats.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

24
src/afl-fuzz.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -84,13 +84,6 @@ static u8* get_libradamsa_path(u8* own_loc) {
static void usage(u8* argv0) {
#ifdef USE_PYTHON
#define PHYTON_SUPPORT \
"Compiled with Python 2.7 module support, see docs/python_mutators.txt\n"
#else
#define PHYTON_SUPPORT ""
#endif
SAYF(
"\n%s [ options ] -- /path/to/fuzzed_app [ ... ]\n\n"
@ -146,13 +139,15 @@ static void usage(u8* argv0) {
"file\n"
" -C - crash exploration mode (the peruvian rabbit thing)\n"
" -e ext - File extension for the temporarily generated test "
"case\n\n"
"case\n\n",
PHYTON_SUPPORT
argv0, EXEC_TIMEOUT, MEM_LIMIT);
"For additional tips, please consult %s/README\n\n",
#ifdef USE_PYTHON
SAYF("Compiled with Python %s module support, see docs/python_mutators.txt\n", (char*)PYTHON_VERSION);
#endif
argv0, EXEC_TIMEOUT, MEM_LIMIT, doc_path);
SAYF("For additional help please consult %s/README.md\n\n", doc_path);
exit(1);
#undef PHYTON_SUPPORT
@ -304,6 +299,7 @@ int main(int argc, char** argv) {
if (out_file) FATAL("Multiple -f options not supported");
out_file = optarg;
use_stdin = 0;
break;
case 'x': /* dictionary */
@ -595,7 +591,7 @@ int main(int argc, char** argv) {
if (optind == argc || !in_dir || !out_dir) usage(argv[0]);
OKF("afl++ is maintained by Marc \"van Hauser\" Heuse, Heiko \"hexcoder\" "
"Eissfeldt and Andrea Fioraldi");
"Eißfeldt and Andrea Fioraldi");
OKF("afl++ is open source, get it at "
"https://github.com/vanhauser-thc/AFLplusplus");
OKF("Power schedules from github.com/mboehme/aflfast");
@ -836,6 +832,8 @@ int main(int argc, char** argv) {
if (aa_loc && !out_file) {
use_stdin = 0;
if (file_extension) {
out_file = alloc_printf("%s/.cur_input.%s", out_dir, file_extension);

2
src/afl-gcc.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
src/afl-gotcpu.c
View File

@ -9,7 +9,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
src/afl-sharedmem.c
View File

@ -11,7 +11,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

14
src/afl-showmap.c
View File

@ -11,7 +11,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -72,11 +72,12 @@ static u32 total, highest; /* tuple content information */
static u64 mem_limit = MEM_LIMIT; /* Memory limit (MB) */
static u8 quiet_mode, /* Hide non-essential messages? */
u8 quiet_mode, /* Hide non-essential messages? */
edges_only, /* Ignore hit counts? */
raw_instr_output, /* Do not apply AFL filters */
cmin_mode, /* Generate output in afl-cmin mode? */
binary_mode, /* Write output as a binary map */
use_stdin = 1, /* use stdin - unused here */
keep_cores; /* Allow coredumps? */
static volatile u8 stop_soon, /* Ctrl-C pressed? */
@ -535,7 +536,7 @@ int main(int argc, char** argv) {
doc_path = access(DOC_PATH, F_OK) ? "docs" : DOC_PATH;
while ((opt = getopt(argc, argv, "+o:m:t:A:eqZQUWbcrh")) > 0)
while ((opt = getopt(argc, argv, "+o:f:m:t:A:eqZQUWbcrh")) > 0)
switch (opt) {
@ -583,6 +584,13 @@ int main(int argc, char** argv) {
break;
case 'f': // only in here to avoid a compiler warning for use_stdin
use_stdin = 0;
FATAL("Option -f is not supported in afl-showmap");
break;
case 't':
if (timeout_given) FATAL("Multiple -t options not supported");

4
src/afl-tmin.c
View File

@ -11,7 +11,7 @@
Andrea Fioraldi <andreafioraldi@gmail.com>
Copyright 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -88,7 +88,7 @@ u64 mem_limit = MEM_LIMIT; /* Memory limit (MB) */
s32 dev_null_fd = -1; /* FD to /dev/null */
static u8 crash_mode, /* Crash-centric mode? */
u8 crash_mode, /* Crash-centric mode? */
exit_crash, /* Treat non-zero exit as crash? */
edges_only, /* Ignore hit counts? */
exact_mode, /* Require path match for crashes? */

1
test-instr.c
View File

@ -27,6 +27,7 @@ int main(int argc, char** argv) {
if (argc > 1) {
buf = argv[1];
printf("Input %s - ", buf);
} else if (read(0, buf, sizeof(buf)) < 1) {

60
test/test.sh
View File

@ -13,6 +13,8 @@ OK=OK
diff -q test.1 test.2 >/dev/null 2>&1 || OK=
rm -f test.1 test.2
test -z "$OK" && { echo Error: diff -q is not working ; exit 1 ; }
test -z "$LLVM_CONFIG" && LLVM_CONFIG=llvm-config
ECHO="printf %b\\n"
$ECHO \\101 2>&1 | grep -qE '^A' || {
@ -25,6 +27,7 @@ $ECHO \\101 2>&1 | grep -qE '^A' || {
test -z "$ECHO" && { printf Error: printf command does not support octal character codes ; exit 1 ; }
CODE=0
INCOMPLETE=0
export AFL_EXIT_WHEN_DONE=1
export AFL_SKIP_CPUFREQ=1
@ -69,9 +72,9 @@ export PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
$ECHO "${RESET}${GREY}[*] starting afl++ test framework ..."
test -z "$SYS" && $ECHO "$YELLOW[!] uname -m did not succeed"
test -z "$SYS" && $ECHO "$YELLOW[-] uname -m did not succeed"
$ECHO "$BLUE[*] Testing: ${AFL_GCC}, afl-showmap and afl-fuzz"
$ECHO "$BLUE[*] Testing: ${AFL_GCC}, afl-showmap, afl-fuzz, afl-cmin and afl-tmin"
test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" && {
test -e ../${AFL_GCC} -a -e ../afl-showmap -a -e ../afl-fuzz && {
../${AFL_GCC} -o test-instr.plain ../test-instr.c > /dev/null 2>&1
@ -122,7 +125,7 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" && {
# now we want to be sure that afl-fuzz is working
# make sure core_pattern is set to core on linux
(test "$(uname -s)" = "Linux" && test "$(sysctl kernel.core_pattern)" != "kernel.core_pattern = core" && {
$ECHO "$YELLOW[!] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
$ECHO "$YELLOW[-] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
true
}) ||
# make sure crash reporter is disabled on Mac OS X
@ -145,11 +148,28 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" && {
$ECHO "$RED[!] afl-fuzz is not working correctly with ${AFL_GCC}"
CODE=1
}
rm -rf in out errors
echo 000000000000000000000000 > in/in2
mkdir -p in2
../afl-cmin -i in -o in2 -- ./test-instr.plain > /dev/null 2>&1
CNT=`ls in2/ | wc -l`
test "$CNT" = 1 && $ECHO "$GREEN[+] afl-cmin correctly minimized testcase numbers"
test "$CNT" = 1 || {
$ECHO "$RED[!] afl-cmin did not correctly minimize testcase numbers"
CODE=1
}
../afl-tmin -i in/in2 -o in2/in2 -- ./test-instr.plain > /dev/null 2>&1
SIZE=`ls -l in2/in2 2> /dev/null | awk '{print$5}'`
test "$SIZE" = 1 && $ECHO "$GREEN[+] afl-tmin correctly minimized the testcase"
test "$SIZE" = 1 || {
$ECHO "$RED[!] afl-tmin did incorrectly minimize the testcase to $SIZE"
CODE=1
}
rm -rf in out errors in2
}
rm -f test-instr.plain
} || {
$ECHO "$YELLOW[-] afl is not compiled, cannot test"
INCOMPLETE=1
}
} || {
$ECHO "$YELLOW[-] not an intel platform, cannot test afl-gcc"
@ -161,7 +181,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && {
if which clang >/dev/null; then
export AFL_CC=`which clang`
else
export AFL_CC=`llvm-config --bindir`/clang
export AFL_CC=`$LLVM_CONFIG --bindir`/clang
fi
../afl-clang-fast -o test-instr.plain ../test-instr.c > /dev/null 2>&1
AFL_HARDEN=1 ../afl-clang-fast -o test-compcov.harden test-compcov.c > /dev/null 2>&1
@ -206,7 +226,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && {
}
# now we want to be sure that afl-fuzz is working
(test "$(uname -s)" = "Linux" && test "$(sysctl kernel.core_pattern)" != "kernel.core_pattern = core" && {
$ECHO "$YELLOW[!] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
$ECHO "$YELLOW[-] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
true
}) ||
# make sure crash reporter is disabled on Mac OS X
@ -290,6 +310,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && {
rm -f test-persistent
} || {
$ECHO "$YELLOW[-] llvm_mode not compiled, cannot test"
INCOMPLETE=1
}
$ECHO "$BLUE[*] Testing: gcc_plugin"
@ -312,7 +333,7 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && {
$ECHO "$GREEN[+] gcc_plugin run reported $TUPLES instrumented locations which is fine"
} || {
$ECHO "$RED[!] gcc_plugin instrumentation produces a weird number of instrumented locations: $TUPLES"
$ECHO "$YELLOW[!] the gcc_plugin instrumentation issue is not flagged as an error because travis builds would all fail otherwise :-("
$ECHO "$YELLOW[-] the gcc_plugin instrumentation issue is not flagged as an error because travis builds would all fail otherwise :-("
#CODE=1
}
}
@ -340,7 +361,7 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && {
}
# now we want to be sure that afl-fuzz is working
(test "$(uname -s)" = "Linux" && test "$(sysctl kernel.core_pattern)" != "kernel.core_pattern = core" && {
$ECHO "$YELLOW[!] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
$ECHO "$YELLOW[-] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
true
}) ||
# make sure crash reporter is disabled on Mac OS X
@ -398,6 +419,7 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && {
rm -f test-persistent
} || {
$ECHO "$YELLOW[-] gcc_plugin not compiled, cannot test"
INCOMPLETE=1
}
$ECHO "$BLUE[*] Testing: shared library extensions"
@ -413,6 +435,7 @@ test -e ../libtokencap.so && {
rm -f token.out
} || {
$ECHO "$YELLOW[-] libtokencap is not compiled, cannot test"
INCOMPLETE=1
}
test -e ../libdislocator.so && {
{
@ -429,6 +452,7 @@ test -e ../libdislocator.so && {
rm -f test.out core test-compcov.core core.test-compcov
} || {
$ECHO "$YELLOW[-] libdislocator is not compiled, cannot test"
INCOMPLETE=1
}
rm -f test-compcov
test -e ../libradamsa.so && {
@ -454,9 +478,11 @@ test -e ../libradamsa.so && {
rm -rf in out errors test-instr.plain
} || {
$ECHO "$YELLOW[-] compilation of test target failed, cannot test libradamsa"
INCOMPLETE=1
}
} || {
$ECHO "$YELLOW[-] libradamsa is not compiled, cannot test"
INCOMPLETE=1
}
$ECHO "$BLUE[*] Testing: qemu_mode"
@ -501,6 +527,7 @@ test -e ../afl-qemu-trace && {
}
} || {
$ECHO "$YELLOW[-] we cannot test qemu_mode libcompcov because it is not present"
INCOMPLETE=1
}
rm -f errors
@ -519,10 +546,10 @@ test -e ../afl-qemu-trace && {
test "$SLOW" -lt "$FAST" && {
$ECHO "$GREEN[+] persistent qemu_mode was noticeable faster than standard qemu_mode"
} || {
$ECHO "$YELLOW[?] persistent qemu_mode was not noticeable faster than standard qemu_mode"
$ECHO "$YELLOW[-] persistent qemu_mode was not noticeable faster than standard qemu_mode"
}
} || {
$ECHO "$YELLOW[?] we got no data on executions performed? weird!"
$ECHO "$YELLOW[-] we got no data on executions performed? weird!"
}
} || {
echo CUT------------------------------------------------------------------CUT
@ -532,17 +559,18 @@ test -e ../afl-qemu-trace && {
CODE=1
exit 1
}
$ECHO "$YELLOW[?] we need a test case for qemu_mode unsigaction library"
$ECHO "$YELLOW[-] we need a test case for qemu_mode unsigaction library"
rm -rf in out errors
}
} || {
$ECHO "$RED[-] gcc compilation of test targets failed - what is going on??"
$ECHO "$RED[!] gcc compilation of test targets failed - what is going on??"
CODE=1
}
rm -f test-instr test-compcov
} || {
$ECHO "$YELLOW[-] qemu_mode is not compiled, cannot test"
INCOMPLETE=1
}
$ECHO "$BLUE[*] Testing: unicorn_mode"
@ -557,6 +585,7 @@ test -d ../unicorn_mode/unicorn && {
$ECHO "$GREY[*] Using python binary $PY"
if ! $PY -c 'import unicornafl' 2> /dev/null ; then
$ECHO "$YELLOW[-] we cannot test unicorn_mode because it is not present"
INCOMPLETE=1
else
{
$ECHO "$GREY[*] running afl-fuzz for unicorn_mode, this will take approx 25 seconds"
@ -596,15 +625,18 @@ test -d ../unicorn_mode/unicorn && {
fi
}
} || {
$ECHO "$RED[-] missing sample binaries in unicorn_mode/samples/ - what is going on??"
$ECHO "$RED[!] missing sample binaries in unicorn_mode/samples/ - what is going on??"
CODE=1
}
} || {
$ECHO "$YELLOW[-] unicorn_mode is not compiled, cannot test"
INCOMPLETE=1
}
$ECHO "$GREY[*] all test cases completed.$RESET"
test "$INCOMPLETE" = "0" && $ECHO "$GREEN[+] all test cases executed"
test "$INCOMPLETE" = "1" && $ECHO "$YELLOW[-] not all test cases were executed"
test "$CODE" = "0" && $ECHO "$GREEN[+] all tests were successful :-)$RESET"
test "$CODE" = "0" || $ECHO "$RED[-] failure in tests :-($RESET"
test "$CODE" = "0" || $ECHO "$RED[!] failure in tests :-($RESET"
exit $CODE

2
unicorn_mode/build_unicorn_support.sh
View File

@ -14,7 +14,7 @@
# <andreafioraldi@gmail.com>
#
# Copyright 2017 Battelle Memorial Institute. All rights reserved.
# Copyright 2019 AFLplusplus Project. All rights reserved.
# Copyright 2019-2020 AFLplusplus Project. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.

2
unicorn_mode/patches/afl-unicorn-common.h
View File

@ -11,7 +11,7 @@
<andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
unicorn_mode/patches/afl-unicorn-cpu-inl.h
View File

@ -11,7 +11,7 @@
<andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
unicorn_mode/patches/afl-unicorn-cpu-translate-inl.h
View File

@ -11,7 +11,7 @@
<andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
unicorn_mode/patches/afl-unicorn-tcg-op-inl.h
View File

@ -11,7 +11,7 @@
<andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
unicorn_mode/patches/afl-unicorn-tcg-runtime-inl.h
View File

@ -11,7 +11,7 @@
<andreafioraldi@gmail.com>
Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
Copyright 2019 AFLplusplus Project. All rights reserved.
Copyright 2019-2020 AFLplusplus Project. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.