mirror of
https://github.com/AFLplusplus/AFLplusplus.git
synced 2025-06-11 01:31:37 +00:00
added testcases for afl-tmin and afl-cmin
This commit is contained in:
van Hauser
parent
878a80de7f
commit
c3bb0a3421
1
Makefile
1
Makefile
@ -145,6 +145,7 @@ man: $(MANPAGES)
|
||||
|
||||
tests: source-only
|
||||
@cd test ; ./test.sh
|
||||
@rm -f test/errors
|
||||
|
||||
performance-tests: performance-test
|
||||
test-performance: performance-test
|
||||
|
||||
@ -18,6 +18,7 @@ Version ++2.59d (develop):
|
||||
--------------------------
|
||||
|
||||
- fixed a critical bug in afl-tmin that was introduced during ++2.53d
|
||||
- added test cases for afl-cmin and afl-tmin to test/test.sh
|
||||
- added ./experimental/argv_fuzzing ld_preload library by Kjell Braden
|
||||
- added preeny's desock_dup ld_preload library as
|
||||
./experimental/socket_fuzzing for network fuzzing
|
||||
|
||||
56
test/test.sh
56
test/test.sh
@ -25,6 +25,7 @@ $ECHO \\101 2>&1 | grep -qE '^A' || {
|
||||
test -z "$ECHO" && { printf Error: printf command does not support octal character codes ; exit 1 ; }
|
||||
|
||||
CODE=0
|
||||
INCOMPLETE=0
|
||||
|
||||
export AFL_EXIT_WHEN_DONE=1
|
||||
export AFL_SKIP_CPUFREQ=1
|
||||
@ -69,9 +70,9 @@ export PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
|
||||
|
||||
$ECHO "${RESET}${GREY}[*] starting afl++ test framework ..."
|
||||
|
||||
test -z "$SYS" && $ECHO "$YELLOW[!] uname -m did not succeed"
|
||||
test -z "$SYS" && $ECHO "$YELLOW[-] uname -m did not succeed"
|
||||
|
||||
$ECHO "$BLUE[*] Testing: ${AFL_GCC}, afl-showmap and afl-fuzz"
|
||||
$ECHO "$BLUE[*] Testing: ${AFL_GCC}, afl-showmap, afl-fuzz, afl-cmin and afl-tmin"
|
||||
test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" && {
|
||||
test -e ../${AFL_GCC} -a -e ../afl-showmap -a -e ../afl-fuzz && {
|
||||
../${AFL_GCC} -o test-instr.plain ../test-instr.c > /dev/null 2>&1
|
||||
@ -122,7 +123,7 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" && {
|
||||
# now we want to be sure that afl-fuzz is working
|
||||
# make sure core_pattern is set to core on linux
|
||||
(test "$(uname -s)" = "Linux" && test "$(sysctl kernel.core_pattern)" != "kernel.core_pattern = core" && {
|
||||
$ECHO "$YELLOW[!] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
|
||||
$ECHO "$YELLOW[-] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
|
||||
true
|
||||
}) ||
|
||||
# make sure crash reporter is disabled on Mac OS X
|
||||
@ -145,11 +146,28 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" && {
|
||||
$ECHO "$RED[!] afl-fuzz is not working correctly with ${AFL_GCC}"
|
||||
CODE=1
|
||||
}
|
||||
rm -rf in out errors
|
||||
echo 000000000000000000000000 > in/in2
|
||||
mkdir -p in2
|
||||
../afl-cmin -i in -o in2 -- ./test-instr.plain > /dev/null 2>&1
|
||||
CNT=`ls in2/ | wc -l`
|
||||
test "$CNT" = 1 && $ECHO "$GREEN[+] afl-cmin correctly minimized testcase numbers"
|
||||
test "$CNT" = 1 || {
|
||||
$ECHO "$RED[!] afl-cmin did not correctly minimize testcase numbers"
|
||||
CODE=1
|
||||
}
|
||||
../afl-tmin -i in/in2 -o in2/in2 -- ./test-instr.plain > /dev/null 2>&1
|
||||
SIZE=`ls -l in2/in2 2> /dev/null | awk '{print$5}'`
|
||||
test "$SIZE" = 1 && $ECHO "$GREEN[+] afl-tmin correctly minimized the testcase"
|
||||
test "$SIZE" = 1 || {
|
||||
$ECHO "$RED[!] afl-tmin did incorrectly minimize the testcase to $SIZE"
|
||||
CODE=1
|
||||
}
|
||||
rm -rf in out errors in2
|
||||
}
|
||||
rm -f test-instr.plain
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] afl is not compiled, cannot test"
|
||||
INCOMPLETE=1
|
||||
}
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] not an intel platform, cannot test afl-gcc"
|
||||
@ -206,7 +224,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && {
|
||||
}
|
||||
# now we want to be sure that afl-fuzz is working
|
||||
(test "$(uname -s)" = "Linux" && test "$(sysctl kernel.core_pattern)" != "kernel.core_pattern = core" && {
|
||||
$ECHO "$YELLOW[!] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
|
||||
$ECHO "$YELLOW[-] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
|
||||
true
|
||||
}) ||
|
||||
# make sure crash reporter is disabled on Mac OS X
|
||||
@ -290,6 +308,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && {
|
||||
rm -f test-persistent
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] llvm_mode not compiled, cannot test"
|
||||
INCOMPLETE=1
|
||||
}
|
||||
|
||||
$ECHO "$BLUE[*] Testing: gcc_plugin"
|
||||
@ -312,7 +331,7 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && {
|
||||
$ECHO "$GREEN[+] gcc_plugin run reported $TUPLES instrumented locations which is fine"
|
||||
} || {
|
||||
$ECHO "$RED[!] gcc_plugin instrumentation produces a weird number of instrumented locations: $TUPLES"
|
||||
$ECHO "$YELLOW[!] the gcc_plugin instrumentation issue is not flagged as an error because travis builds would all fail otherwise :-("
|
||||
$ECHO "$YELLOW[-] the gcc_plugin instrumentation issue is not flagged as an error because travis builds would all fail otherwise :-("
|
||||
#CODE=1
|
||||
}
|
||||
}
|
||||
@ -340,7 +359,7 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && {
|
||||
}
|
||||
# now we want to be sure that afl-fuzz is working
|
||||
(test "$(uname -s)" = "Linux" && test "$(sysctl kernel.core_pattern)" != "kernel.core_pattern = core" && {
|
||||
$ECHO "$YELLOW[!] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
|
||||
$ECHO "$YELLOW[-] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET"
|
||||
true
|
||||
}) ||
|
||||
# make sure crash reporter is disabled on Mac OS X
|
||||
@ -398,6 +417,7 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && {
|
||||
rm -f test-persistent
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] gcc_plugin not compiled, cannot test"
|
||||
INCOMPLETE=1
|
||||
}
|
||||
|
||||
$ECHO "$BLUE[*] Testing: shared library extensions"
|
||||
@ -413,6 +433,7 @@ test -e ../libtokencap.so && {
|
||||
rm -f token.out
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] libtokencap is not compiled, cannot test"
|
||||
INCOMPLETE=1
|
||||
}
|
||||
test -e ../libdislocator.so && {
|
||||
{
|
||||
@ -429,6 +450,7 @@ test -e ../libdislocator.so && {
|
||||
rm -f test.out core test-compcov.core core.test-compcov
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] libdislocator is not compiled, cannot test"
|
||||
INCOMPLETE=1
|
||||
}
|
||||
rm -f test-compcov
|
||||
test -e ../libradamsa.so && {
|
||||
@ -454,9 +476,11 @@ test -e ../libradamsa.so && {
|
||||
rm -rf in out errors test-instr.plain
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] compilation of test target failed, cannot test libradamsa"
|
||||
INCOMPLETE=1
|
||||
}
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] libradamsa is not compiled, cannot test"
|
||||
INCOMPLETE=1
|
||||
}
|
||||
|
||||
$ECHO "$BLUE[*] Testing: qemu_mode"
|
||||
@ -501,6 +525,7 @@ test -e ../afl-qemu-trace && {
|
||||
}
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] we cannot test qemu_mode libcompcov because it is not present"
|
||||
INCOMPLETE=1
|
||||
}
|
||||
rm -f errors
|
||||
|
||||
@ -519,10 +544,10 @@ test -e ../afl-qemu-trace && {
|
||||
test "$SLOW" -lt "$FAST" && {
|
||||
$ECHO "$GREEN[+] persistent qemu_mode was noticeable faster than standard qemu_mode"
|
||||
} || {
|
||||
$ECHO "$YELLOW[?] persistent qemu_mode was not noticeable faster than standard qemu_mode"
|
||||
$ECHO "$YELLOW[-] persistent qemu_mode was not noticeable faster than standard qemu_mode"
|
||||
}
|
||||
} || {
|
||||
$ECHO "$YELLOW[?] we got no data on executions performed? weird!"
|
||||
$ECHO "$YELLOW[-] we got no data on executions performed? weird!"
|
||||
}
|
||||
} || {
|
||||
echo CUT------------------------------------------------------------------CUT
|
||||
@ -532,17 +557,18 @@ test -e ../afl-qemu-trace && {
|
||||
CODE=1
|
||||
exit 1
|
||||
}
|
||||
$ECHO "$YELLOW[?] we need a test case for qemu_mode unsigaction library"
|
||||
$ECHO "$YELLOW[-] we need a test case for qemu_mode unsigaction library"
|
||||
rm -rf in out errors
|
||||
}
|
||||
} || {
|
||||
$ECHO "$RED[-] gcc compilation of test targets failed - what is going on??"
|
||||
$ECHO "$RED[!] gcc compilation of test targets failed - what is going on??"
|
||||
CODE=1
|
||||
}
|
||||
|
||||
rm -f test-instr test-compcov
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] qemu_mode is not compiled, cannot test"
|
||||
INCOMPLETE=1
|
||||
}
|
||||
|
||||
$ECHO "$BLUE[*] Testing: unicorn_mode"
|
||||
@ -557,6 +583,7 @@ test -d ../unicorn_mode/unicorn && {
|
||||
$ECHO "$GREY[*] Using python binary $PY"
|
||||
if ! $PY -c 'import unicornafl' 2> /dev/null ; then
|
||||
$ECHO "$YELLOW[-] we cannot test unicorn_mode because it is not present"
|
||||
INCOMPLETE=1
|
||||
else
|
||||
{
|
||||
$ECHO "$GREY[*] running afl-fuzz for unicorn_mode, this will take approx 25 seconds"
|
||||
@ -596,15 +623,18 @@ test -d ../unicorn_mode/unicorn && {
|
||||
fi
|
||||
}
|
||||
} || {
|
||||
$ECHO "$RED[-] missing sample binaries in unicorn_mode/samples/ - what is going on??"
|
||||
$ECHO "$RED[!] missing sample binaries in unicorn_mode/samples/ - what is going on??"
|
||||
CODE=1
|
||||
}
|
||||
|
||||
} || {
|
||||
$ECHO "$YELLOW[-] unicorn_mode is not compiled, cannot test"
|
||||
INCOMPLETE=1
|
||||
}
|
||||
|
||||
$ECHO "$GREY[*] all test cases completed.$RESET"
|
||||
test "$INCOMPLETE" = "0" && $ECHO "$GREEN[+] all test cases executed"
|
||||
test "$INCOMPLETE" = "1" && $ECHO "$YELLOW[-] not all test cases were executed"
|
||||
test "$CODE" = "0" && $ECHO "$GREEN[+] all tests were successful :-)$RESET"
|
||||
test "$CODE" = "0" || $ECHO "$RED[-] failure in tests :-($RESET"
|
||||
test "$CODE" = "0" || $ECHO "$RED[!] failure in tests :-($RESET"
|
||||
exit $CODE
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user