diff options
| author | h1994st <h1994st@gmail.com> | 2020-03-29 01:22:44 -0400 |
|---|---|---|
| committer | Dominik Maier <domenukk@gmail.com> | 2020-04-01 13:10:07 +0200 |
| commit | 64e1d3a975b5d4f017fabdc921cb59128db1c18a (patch) | |
| tree | 15b5cec8df2b41b81078fb45406394dafbb12eb8 | |
| parent | 50fc7327f2556db588c65fe7941198b622ab50af (diff) | |
| download | afl++-64e1d3a975b5d4f017fabdc921cb59128db1c18a.tar.gz | |
test.sh: "trusty-amd64" does not work well with "realpath". Use
"readlink -f" for Ubuntu instead.
| -rw-r--r-- | examples/custom_mutators/example.py | 12 | ||||
| -rwxr-xr-x | test/test.sh | 16 |
2 files changed, 20 insertions, 8 deletions
diff --git a/examples/custom_mutators/example.py b/examples/custom_mutators/example.py index 7919d3d3..9e95eed6 100644 --- a/examples/custom_mutators/example.py +++ b/examples/custom_mutators/example.py @@ -17,6 +17,13 @@ file, You can obtain one at http://mozilla.org/MPL/2.0/. import random +COMMANDS = [ + b"GET", + b"PUT", + b"DEL", +] + + def init(seed): ''' Called once when AFLFuzz starts up. Used to seed our RNG. @@ -48,8 +55,9 @@ def fuzz(buf, add_buf, max_size): @rtype: bytearray @return: A new bytearray containing the mutated data ''' - ret = bytearray(buf) - # Do something interesting with ret + ret = bytearray(100) + + ret[:3] = random.choice(COMMANDS) return ret diff --git a/test/test.sh b/test/test.sh index 11c4be25..c9ce3489 100755 --- a/test/test.sh +++ b/test/test.sh @@ -894,9 +894,13 @@ test -d ../unicorn_mode/unicornafl && { } $ECHO "$BLUE[*] Testing: custom mutator" -unset AFL_CC # Line 474 sets AFL_CC to "gcc". We reset it to use the default compiler -CUSTOM_MUTATOR_PATH=$( realpath ../examples/custom_mutators ) -test -e test-custom-mutator.c -a -e ${CUSTOM_MUTATOR_PATH}/example.c -a -e ${CUSTOM_MUTATOR_PATH}/example.c && { +unset AFL_CC # Test case "gcc_plugin" sets AFL_CC to "gcc". We reset it to use the default compiler +test `uname -s` = 'Darwin' && { + CUSTOM_MUTATOR_PATH=$( realpath ../examples/custom_mutators ) +} || { + CUSTOM_MUTATOR_PATH=$( readlink -f ../examples/custom_mutators ) +} +test -e test-custom-mutator.c -a -e ${CUSTOM_MUTATOR_PATH}/example.c -a -e ${CUSTOM_MUTATOR_PATH}/example.py && { # Compile the vulnerable program ../afl-clang-fast -o test-custom-mutator test-custom-mutator.c > /dev/null 2>&1 # Compile the custom mutator @@ -904,7 +908,7 @@ test -e test-custom-mutator.c -a -e ${CUSTOM_MUTATOR_PATH}/example.c -a -e ${CUS test -e test-custom-mutator -a -e ${CUSTOM_MUTATOR_PATH}/libexamplemutator.so && { # Create input directory mkdir -p in - echo 00000 > in/in + echo "00000" > in/in # Run afl-fuzz w/ the C mutator $ECHO "$GREY[*] running afl-fuzz for the C mutator, this will take approx 10 seconds" @@ -915,7 +919,7 @@ test -e test-custom-mutator.c -a -e ${CUSTOM_MUTATOR_PATH}/example.c -a -e ${CUS } >>errors 2>&1 # Check results - test -n "$( ls out/queue/id:000001* 2>/dev/null )" && { # TODO: update here + test -n "$( ls out/crashes/id:000000* 2>/dev/null )" && { # TODO: update here $ECHO "$GREEN[+] afl-fuzz is working correctly with the C mutator" } || { echo CUT------------------------------------------------------------------CUT @@ -939,7 +943,7 @@ test -e test-custom-mutator.c -a -e ${CUSTOM_MUTATOR_PATH}/example.c -a -e ${CUS } >>errors 2>&1 # Check results - test -n "$( ls out/queue/id:000001* 2>/dev/null )" && { # TODO: update here + test -n "$( ls out/crashes/id:000000* 2>/dev/null )" && { # TODO: update here $ECHO "$GREEN[+] afl-fuzz is working correctly with the Python mutator" } || { echo CUT------------------------------------------------------------------CUT |