diff options
| author | Dominik Maier <domenukk@gmail.com> | 2020-06-02 14:10:44 +0200 |
|---|---|---|
| committer | Dominik Maier <domenukk@gmail.com> | 2020-06-02 14:10:44 +0200 |
| commit | fbd781fc839740b6ee3129f216bdc8bc7f923edd (patch) | |
| tree | 06c90bd806578a11bd292df4c4011dacdaa28878 /examples | |
| parent | 62306f5ce87916396f8245db508dff889894f54c (diff) | |
| parent | 1d15048f2f79bb6836e8a50676a8ecc8cff1e5d0 (diff) | |
| download | afl++-fbd781fc839740b6ee3129f216bdc8bc7f923edd.tar.gz | |
Merge branch 'dev' of github.com:aflplusplus/aflplusplus into dev
Diffstat (limited to 'examples')
| -rw-r--r-- | examples/aflpp_driver/aflpp_driver.cpp | 10 | ||||
| -rw-r--r-- | examples/persistent_demo/Makefile | 6 | ||||
| -rw-r--r-- | examples/persistent_demo/persistent_demo.c | 1 | ||||
| -rw-r--r-- | examples/persistent_demo/persistent_demo_new.c | 1 | ||||
| -rw-r--r-- | examples/persistent_demo/test-instr.c | 67 |
5 files changed, 79 insertions, 6 deletions
diff --git a/examples/aflpp_driver/aflpp_driver.cpp b/examples/aflpp_driver/aflpp_driver.cpp index 3dcc8c3c..f2c604da 100644 --- a/examples/aflpp_driver/aflpp_driver.cpp +++ b/examples/aflpp_driver/aflpp_driver.cpp @@ -252,18 +252,18 @@ int main(int argc, char **argv) { else if(argc == 2 && (N = atoi(argv[1])) > 0) Printf("WARNING: using the deprecated call style `%s %d`\n", argv[0], N); else if (argc > 1) { - if (!getenv("AFL_DRIVER_DONT_DEFER")) { +// if (!getenv("AFL_DRIVER_DONT_DEFER")) { __afl_sharedmem_fuzzing = 0; __afl_manual_init(); - } +// } return ExecuteFilesOnyByOne(argc, argv); exit(0); } assert(N > 0); - if (!getenv("AFL_DRIVER_DONT_DEFER")) - __afl_manual_init(); +// if (!getenv("AFL_DRIVER_DONT_DEFER")) + __afl_manual_init(); // Call LLVMFuzzerTestOneInput here so that coverage caused by initialization // on the first execution of LLVMFuzzerTestOneInput is ignored. @@ -272,7 +272,7 @@ int main(int argc, char **argv) { int num_runs = 0; while (__afl_persistent_loop(N)) { - if (__afl_fuzz_len > 0) { + if (__afl_fuzz_len) { num_runs++; LLVMFuzzerTestOneInput(__afl_fuzz_ptr, __afl_fuzz_len); } diff --git a/examples/persistent_demo/Makefile b/examples/persistent_demo/Makefile index cbbb7239..6fa1c30e 100644 --- a/examples/persistent_demo/Makefile +++ b/examples/persistent_demo/Makefile @@ -1,6 +1,10 @@ all: afl-clang-fast -o persistent_demo persistent_demo.c afl-clang-fast -o persistent_demo_new persistent_demo_new.c + AFL_DONT_OPTIMIZE=1 afl-clang-fast -o test-instr test-instr.c + +document: + AFL_DONT_OPTIMIZE=1 afl-clang-fast -D_AFL_DOCUMENT_MUTATIONS -o test-instr test-instr.c clean: - rm -f persistent_demo persistent_demo_new + rm -f persistent_demo persistent_demo_new test-instr diff --git a/examples/persistent_demo/persistent_demo.c b/examples/persistent_demo/persistent_demo.c index 2da49bb0..4cedc32c 100644 --- a/examples/persistent_demo/persistent_demo.c +++ b/examples/persistent_demo/persistent_demo.c @@ -41,6 +41,7 @@ int main(int argc, char **argv) { terminate normally. This limits the impact of accidental memory leaks and similar hiccups. */ + __AFL_INIT(); while (__AFL_LOOP(1000)) { /*** PLACEHOLDER CODE ***/ diff --git a/examples/persistent_demo/persistent_demo_new.c b/examples/persistent_demo/persistent_demo_new.c index 36411e13..69468bdd 100644 --- a/examples/persistent_demo/persistent_demo_new.c +++ b/examples/persistent_demo/persistent_demo_new.c @@ -42,6 +42,7 @@ int main(int argc, char **argv) { terminate normally. This limits the impact of accidental memory leaks and similar hiccups. */ + __AFL_INIT(); buf = __AFL_FUZZ_TESTCASE_BUF; while (__AFL_LOOP(1000)) { diff --git a/examples/persistent_demo/test-instr.c b/examples/persistent_demo/test-instr.c new file mode 100644 index 00000000..4cd07102 --- /dev/null +++ b/examples/persistent_demo/test-instr.c @@ -0,0 +1,67 @@ +/* + american fuzzy lop++ - a trivial program to test the build + -------------------------------------------------------- + Originally written by Michal Zalewski + Copyright 2014 Google Inc. All rights reserved. + Copyright 2019-2020 AFLplusplus Project. All rights reserved. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at: + http://www.apache.org/licenses/LICENSE-2.0 + */ + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <string.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> + +__AFL_FUZZ_INIT(); + +int main(int argc, char **argv) { + + __AFL_INIT(); + unsigned char *buf = __AFL_FUZZ_TESTCASE_BUF; + + while (__AFL_LOOP(2147483647)) { + + unsigned int len = __AFL_FUZZ_TESTCASE_LEN; + +#ifdef _AFL_DOCUMENT_MUTATIONS + static unsigned int counter = 0; + char fn[32]; + sprintf(fn, "%09u:test-instr", counter); + int fd_doc = open(fn, O_WRONLY | O_CREAT | O_TRUNC, 0600); + if (fd_doc >= 0) { + + if (write(fd_doc, buf, len) != __afl_fuzz_len) { + + fprintf(stderr, "write of mutation file failed: %s\n", fn); + unlink(fn); + + } + + close(fd_doc); + + } + + counter++; +#endif + + if (!len) continue; + + if (buf[0] == '0') + printf("Looks like a zero to me!\n"); + else if (buf[0] == '1') + printf("Pretty sure that is a one!\n"); + else + printf("Neither one or zero? How quaint!\n"); + + } + + return 0; + +} + |