ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-12 01:58:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
4103ee43e249ee14bd16baf080489a107bbfdbf5
AFLplusplus/custom_mutators/gramatron
History
yihellen 4103ee43e2 Add automaton parser (#1426) 
* have compilable program

* enable read in file

* add hashmap usage

* add build hashmap; WIP; test if constructed correctly tomorrow

* add testcase to test hashmap

* add sorted symbols list

* build symbols dictionary

* clean up DEBUG

* successfully find automaton path

* fix all memory leaks

* test if automaton same with example

* able to iterate through files in a folder

* finish testing on one random queue
wip
- change macro values
- add bound checking

* add bound checking to program length

* add bound checking to program walk length

* add boundary check to terminal number, terminal lengths and program length

* commit test makefile

* add makefile

* able to add seeds to gramatron

* remove useless argument in automaton_parser

* add automaton parser to gramfuzz

* change build

* revert test.c to original state

* add makefile to test.c for testing
2022-05-26 16:21:59 +02:00
..
grammars
fixes
2021-07-09 10:32:14 +02:00
json-c @ af8dd4a307
add gramatron
2021-07-20 11:10:58 +02:00
preprocess
fixes
2021-07-09 10:32:14 +02:00
automaton-parser.c
Add automaton parser (#1426)
2022-05-26 16:21:59 +02:00
automaton-parser.h
Add automaton parser (#1426)
2022-05-26 16:21:59 +02:00
build_gramatron_mutator.sh
Add automaton parser (#1426)
2022-05-26 16:21:59 +02:00
gramfuzz-helpers.c
add gramatron
2021-07-20 11:10:58 +02:00
gramfuzz-mutators.c
add gramatron
2021-07-20 11:10:58 +02:00
gramfuzz-util.c
reenable splicing
2021-07-09 12:31:29 +02:00
gramfuzz.c
Add automaton parser (#1426)
2022-05-26 16:21:59 +02:00
gramfuzz.h
add gramatron
2021-07-20 11:10:58 +02:00
hashmap.c
Add automaton parser (#1426)
2022-05-26 16:21:59 +02:00
hashmap.h
fixes
2021-07-09 10:32:14 +02:00
JSONC_VERSION
add gramatron
2021-07-20 11:10:58 +02:00
README.md
Fix various missed issues - 1st run
2021-12-05 19:40:56 +01:00
test.c
fixes
2021-07-09 10:32:14 +02:00
test.h
fixes
2021-07-09 10:32:14 +02:00
testMakefile.mk
Add automaton parser (#1426)
2022-05-26 16:21:59 +02:00
utarray.h
fixes
2021-07-09 10:32:14 +02:00
uthash.h
more fixes
2021-07-09 11:39:25 +02:00

README.md

GramaTron

GramaTron is a coverage-guided fuzzer that uses grammar automatons to perform grammar-aware fuzzing. Technical details about our framework are available in the ISSTA'21 paper. The artifact to reproduce the experiments presented in the paper are present in artifact/. Instructions to run a sample campaign and incorporate new grammars is presented below:

Compiling

Execute ./build_gramatron_mutator.sh.

Running

You have to set the grammar file to use with GRAMATRON_AUTOMATION:

export AFL_DISABLE_TRIM=1
export AFL_CUSTOM_MUTATOR_ONLY=1
export AFL_CUSTOM_MUTATOR_LIBRARY=./gramatron.so
export GRAMATRON_AUTOMATION=grammars/ruby/source_automata.json
afl-fuzz -i in -o out -- ./target

Adding and testing a new grammar

  • Specify in a JSON format for CFG. Examples are correspond source.json files.

  • Run the automaton generation script (in src/gramfuzz-mutator/preprocess) which will place the generated automaton in the same folder.

    ./preprocess/prep_automaton.sh <grammar_file> <start_symbol> [stack_limit]

E.g., ./preprocess/prep_automaton.sh ~/grammars/ruby/source.json PROGRAM

  • If the grammar has no self-embedding rules, then you do not need to pass the stack limit parameter. However, if it does have self-embedding rules, then you need to pass the stack limit parameter. We recommend starting with 5 and then increasing it if you need more complexity.

  • To sanity-check that the automaton is generating inputs as expected, you can use the test binary housed in src/gramfuzz-mutator.

    ./test SanityCheck <automaton_file>

E.g., ./test SanityCheck ~/grammars/ruby/source_automata.json