diff options
| author | Your Name <you@example.com> | 2022-05-12 16:54:40 +0100 |
|---|---|---|
| committer | Your Name <you@example.com> | 2022-05-12 16:54:40 +0100 |
| commit | 3dc72ffb6be7f9acb9788d5cfa8d99c557418621 (patch) | |
| tree | 2cc0db1d117f2990e772ef0adddd70276753e9bd | |
| parent | ca361e1b6a7228e1f854aa6884cf98f4e9a21486 (diff) | |
| download | afl++-3dc72ffb6be7f9acb9788d5cfa8d99c557418621.tar.gz | |
Added test for prefetch validation
| -rw-r--r-- | frida_mode/test/dynamic/GNUmakefile | 76 | ||||
| -rw-r--r-- | frida_mode/test/dynamic/Makefile | 19 | ||||
| -rw-r--r-- | frida_mode/test/dynamic/testinstr.c | 98 | ||||
| -rw-r--r-- | frida_mode/test/dynamic/testinstrlib.c | 14 |
4 files changed, 207 insertions, 0 deletions
diff --git a/frida_mode/test/dynamic/GNUmakefile b/frida_mode/test/dynamic/GNUmakefile new file mode 100644 index 00000000..f43416f7 --- /dev/null +++ b/frida_mode/test/dynamic/GNUmakefile @@ -0,0 +1,76 @@ +PWD:=$(shell pwd)/ +ROOT:=$(PWD)../../../ +BUILD_DIR:=$(PWD)build/ +TESTINSTR_DATA_DIR:=$(BUILD_DIR)in/ +TESTINSTR_DATA_FILE:=$(TESTINSTR_DATA_DIR)in +AFLPP_DRIVER_DUMMY_INPUT:=$(BUILD_DIR)dummy.dat + +TESTINSTBIN:=$(BUILD_DIR)testinstr +TESTINSTSRC:=$(PWD)testinstr.c + +TESTINSTLIB:=$(BUILD_DIR)testinstrlib.so +TESTINSTLIBSRC:=$(PWD)testinstrlib.c + +QEMU_OUT:=$(BUILD_DIR)qemu-out +FRIDA_OUT:=$(BUILD_DIR)frida-out + +AFLPP_FRIDA_DRIVER_HOOK_OBJ=$(ROOT)frida_mode/build/frida_hook.so + +ADDR_BIN:=$(ROOT)frida_mode/build/addr +GET_SYMBOL_ADDR:=$(ROOT)frida_mode/util/get_symbol_addr.sh + +AFL_FRIDA_BASE_ADDR:=$(shell $(ADDR_BIN)) +AFL_FRIDA_PERSISTENT_ADDR=$(shell $(GET_SYMBOL_ADDR) $(TESTINSTBIN) testinstr $(AFL_FRIDA_BASE_ADDR)) + +CFLAGS+=-D_GNU_SOURCE=1 +LDFLAGS+=-ldl + +.PHONY: all clean qemu frida + +all: $(TESTINSTBIN) $(TESTINSTLIB) + make -C $(ROOT)frida_mode/ + +$(BUILD_DIR): + mkdir -p $@ + +$(AFLPP_DRIVER_DUMMY_INPUT): | $(BUILD_DIR) + dd if=/dev/zero bs=1048576 count=1 of=$@ + +$(TESTINSTR_DATA_DIR): | $(BUILD_DIR) + mkdir -p $@ + +$(TESTINSTR_DATA_FILE): | $(TESTINSTR_DATA_DIR) + echo -n "000" > $@ + +$(TESTINSTLIB): $(TESTINSTLIBSRC) | $(BUILD_DIR) + $(CC) \ + $(CFLAGS) \ + -shared \ + -o $@ \ + $(LDFLAGS) \ + $< + +$(TESTINSTBIN): $(TESTINSTSRC) | $(BUILD_DIR) + $(CC) \ + $(CFLAGS) \ + -o $@ \ + $< \ + $(LDFLAGS) \ + -Wl,-rpath,'$$ORIGIN' + +clean: + rm -rf $(BUILD_DIR) + + +frida: $(TESTINSTBIN) $(TESTINSTR_DATA_FILE) $(AFLPP_DRIVER_DUMMY_INPUT) + AFL_FRIDA_PERSISTENT_HOOK=$(AFLPP_FRIDA_DRIVER_HOOK_OBJ) \ + AFL_FRIDA_PERSISTENT_ADDR=$(AFL_FRIDA_PERSISTENT_ADDR) \ + AFL_ENTRYPOINT=$(AFL_FRIDA_PERSISTENT_ADDR) \ + $(ROOT)afl-fuzz \ + -D \ + -O \ + -i $(TESTINSTR_DATA_DIR) \ + -o $(FRIDA_OUT) \ + -- \ + $(TESTINSTBIN) $(AFLPP_DRIVER_DUMMY_INPUT) + diff --git a/frida_mode/test/dynamic/Makefile b/frida_mode/test/dynamic/Makefile new file mode 100644 index 00000000..f843af19 --- /dev/null +++ b/frida_mode/test/dynamic/Makefile @@ -0,0 +1,19 @@ +all: + @echo trying to use GNU make... + @gmake all || echo please install GNUmake + +32: + @echo trying to use GNU make... + @gmake 32 || echo please install GNUmake + +clean: + @gmake clean + +qemu: + @gmake qemu + +frida: + @gmake frida + +debug: + @gmake debug diff --git a/frida_mode/test/dynamic/testinstr.c b/frida_mode/test/dynamic/testinstr.c new file mode 100644 index 00000000..ad26d060 --- /dev/null +++ b/frida_mode/test/dynamic/testinstr.c @@ -0,0 +1,98 @@ +/* + american fuzzy lop++ - a trivial program to test the build + -------------------------------------------------------- + Originally written by Michal Zalewski + Copyright 2014 Google Inc. All rights reserved. + Copyright 2019-2022 AFLplusplus Project. All rights reserved. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at: + http://www.apache.org/licenses/LICENSE-2.0 + */ +#include <dlfcn.h> +#include <fcntl.h> +#include <stdbool.h> +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> + +typedef void (*fntestinstrlib)(char *buf, int len); + +void testinstr(char *buf, int len) { + void *lib = dlopen("testinstrlib.so", RTLD_NOW); + if (lib == NULL) { + puts("Library not found"); + abort(); + } + + fntestinstrlib fn = (fntestinstrlib)(dlsym(lib, "testinstrlib")); + if (fn == NULL) { + puts("Function not found"); + abort(); + } + + fn(buf, len); +} + +int main(int argc, char **argv) { + char * file; + int fd = -1; + off_t len; + char * buf = NULL; + size_t n_read; + int result = -1; + + if (argc != 2) { return 1; } + + do { + file = argv[1]; + printf("file: %s\n", file); + + dprintf(STDERR_FILENO, "Running: %s\n", file); + + fd = open(file, O_RDONLY); + if (fd < 0) { + perror("open"); + break; + } + + len = lseek(fd, 0, SEEK_END); + if (len < 0) { + perror("lseek (SEEK_END)"); + break; + } + + if (lseek(fd, 0, SEEK_SET) != 0) { + perror("lseek (SEEK_SET)"); + break; + } + + printf("len: %ld\n", len); + + buf = malloc(len); + if (buf == NULL) { + perror("malloc"); + break; + } + + n_read = read(fd, buf, len); + if (n_read != len) { + perror("read"); + break; + } + + dprintf(STDERR_FILENO, "Running: %s: (%zd bytes)\n", file, n_read); + + testinstr(buf, len); + dprintf(STDERR_FILENO, "Done: %s: (%zd bytes)\n", file, n_read); + + result = 0; + + } while (false); + + if (buf != NULL) { free(buf); } + + if (fd != -1) { close(fd); } + + return result; +} diff --git a/frida_mode/test/dynamic/testinstrlib.c b/frida_mode/test/dynamic/testinstrlib.c new file mode 100644 index 00000000..987cbf91 --- /dev/null +++ b/frida_mode/test/dynamic/testinstrlib.c @@ -0,0 +1,14 @@ +#include <stdio.h> + +void testinstrlib(char *buf, int len) { + if (len < 1) return; + buf[len] = 0; + + // we support three input cases + if (buf[0] == '0') + printf("Looks like a zero to me!\n"); + else if (buf[0] == '1') + printf("Pretty sure that is a one!\n"); + else + printf("Neither one or zero? How quaint!\n"); +} |