diff options
| -rw-r--r-- | test/test-floatingpoint.c | 24 | ||||
| -rwxr-xr-x | test/test.sh | 4 |
2 files changed, 17 insertions, 11 deletions
diff --git a/test/test-floatingpoint.c b/test/test-floatingpoint.c index 8f691c2c..083f0df5 100644 --- a/test/test-floatingpoint.c +++ b/test/test-floatingpoint.c @@ -1,17 +1,23 @@ #include <stdlib.h> #include <unistd.h> +#include <limits.h> +#include <stdint.h> -int main(void) { - - float magic; +__AFL_FUZZ_INIT(); - ssize_t bytes_read = read(STDIN_FILENO, &magic, sizeof(magic)); - if (bytes_read < (ssize_t)sizeof(magic)) { return 1; } - - if ((-magic == 15.0 + 0.5 + 0.125 + 0.03125 + - 0.0078125)) { /* 15 + 1/2 + 1/8 + 1/32 + 1/128 */ - abort(); +int main(void) { + ssize_t bytes_read; + + __AFL_INIT(); + float *magic = (float*)__AFL_FUZZ_TESTCASE_BUF; + + while (__AFL_LOOP(INT_MAX)) { + + if (__AFL_FUZZ_TESTCASE_LEN != sizeof(float)) return 1; + /* 15 + 1/2 + 1/8 + 1/32 + 1/128 */ + if ((-*magic == 15.0 + 0.5 + 0.125 + 0.03125 + 0.0078125)) abort(); + } return 0; diff --git a/test/test.sh b/test/test.sh index 15082070..dc85f745 100755 --- a/test/test.sh +++ b/test/test.sh @@ -385,13 +385,13 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { CODE=1 } rm -f test-compcov.compcov test.out - AFL_LLVM_INSTRUMENT=AFL AFL_DEBUG=1 AFL_LLVM_LAF_SPLIT_COMPARES=1 AFL_LLVM_LAF_SPLIT_FLOATS=1 ../afl-clang-fast -o test-floatingpoint test-floatingpoint.c > test.out 2>&1 + AFL_LLVM_INSTRUMENT=AFL AFL_DEBUG=1 AFL_NO_UI=1 AFL_LLVM_LAF_ALL=1 ../afl-clang-fast -o test-floatingpoint test-floatingpoint.c > test.out 2>&1 test -e test-floatingpoint && { mkdir -p in echo ZZ > in/in $ECHO "$GREY[*] running afl-fuzz with floating point splitting, this will take max. 30 seconds" { - AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -s1 -V30 -m ${MEM_LIMIT} -i in -o out -- ./test-floatingpoint >>errors 2>&1 + AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -s 123 -V30 -m ${MEM_LIMIT} -i in -o out -- ./test-floatingpoint >>errors 2>&1 } >>errors 2>&1 test -n "$( ls out/crashes/id:* 2>/dev/null )" && { $ECHO "$GREEN[+] llvm_mode laf-intel floatingpoint splitting feature works correctly" |