diff options
| author | van Hauser <vh@thc.org> | 2022-12-28 17:54:32 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-12-28 17:54:32 +0100 |
| commit | 31d4dc8a3879c53521563bd839b138978f5487af (patch) | |
| tree | 0cef149d27efdaf48a320a7f0ab452912c27fa80 /utils/argv_fuzzing/argv_fuzz_persistent_demo.c | |
| parent | e847b9948daba83257a665d936d83cfd9004e2ae (diff) | |
| parent | 8817da8ae4038b0a155fde9e1f3ea8d4f7d8c107 (diff) | |
| download | afl++-31d4dc8a3879c53521563bd839b138978f5487af.tar.gz | |
Merge pull request #1607 from ahpaleus/argv-persistent-fuzzing
Argv_fuzz feature persistent fuzzing + cleanup
Diffstat (limited to 'utils/argv_fuzzing/argv_fuzz_persistent_demo.c')
| -rw-r--r-- | utils/argv_fuzzing/argv_fuzz_persistent_demo.c | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/utils/argv_fuzzing/argv_fuzz_persistent_demo.c b/utils/argv_fuzzing/argv_fuzz_persistent_demo.c new file mode 100644 index 00000000..08a62c62 --- /dev/null +++ b/utils/argv_fuzzing/argv_fuzz_persistent_demo.c @@ -0,0 +1,58 @@ +/* +This file contains a simple fuzzer for testing command line argument parsing +using persistent mode. +*/ + +#include <stdio.h> +#include <string.h> +#include "argv-fuzz-inl.h" + +__AFL_FUZZ_INIT(); + +/* The main function is an entry point for a program. + The argc parameter is an integer that indicates the number of arguments + passed to the program. The argv parameter is an array of character pointers, + with each element pointing to a null-terminated string that represents + one of the arguments. + */ +int main(int argc, char **argv) { + +#ifdef __AFL_HAVE_MANUAL_CONTROL + __AFL_INIT(); +#endif + unsigned char *buf = __AFL_FUZZ_TESTCASE_BUF; + + /* __AFL_LOOP() limits the maximum number of iterations before exiting + the loop and allowing the program to terminate. It protects against + accidental memory leaks and similar issues. */ + while (__AFL_LOOP(100000)) { + + int len = __AFL_FUZZ_TESTCASE_LEN; + + // Check that the length of the test case is at least 8 bytes + if (len < 8) continue; + + // Initialize the command line arguments using the testcase buffer + AFL_INIT_ARGV_PERSISTENT(buf); + + /* Check if the first argument is "XYZ" and the second argument is "TEST2" + If so, call the "abort" function to terminate the program. + Otherwise, print an error message. */ + if (argc > 1 && strcmp(argv[1], "XYZ") == 0) { + + if (strcmp(argv[2], "TEST2") == 0) { abort(); } + + } else { + + printf("Bad number of arguments!\n"); + + } + + } + + /* Exiting the loop allows the program to terminate normally. AFL will restart + the process with a clean slate for allocated memory, file descriptors, etc. + */ + return 0; + +} |