diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/test-compcov.c | 16 | ||||
| -rwxr-xr-x | test/test.sh | 30 |
2 files changed, 37 insertions, 9 deletions
diff --git a/test/test-compcov.c b/test/test-compcov.c index c8dd674e..4959c39c 100644 --- a/test/test-compcov.c +++ b/test/test-compcov.c @@ -20,9 +20,19 @@ int main(int argc, char **argv) { } if (strcmp(input, "LIBTOKENCAP") == 0) - printf("your string was libtokencap\n"); + printf("your string was LIBTOKENCAP\n"); else if (strcmp(input, "BUGMENOT") == 0) - printf("your string was bugmenot\n"); + printf("your string was BUGMENOT\n"); + else if (strncmp(input, "BANANA", 3) == 0) + printf("your string started with BAN\n"); + else if (strcmp(input, "APRI\0COT") == 0) + printf("your string was APRI\n"); + else if (strcasecmp(input, "Kiwi") == 0) + printf("your string was Kiwi\n"); + else if (strncasecmp(input, "avocado", 9) == 0) + printf("your string was avocado\n"); + else if (strncasecmp(input, "Grapes", argc > 2 ? atoi(argv[2]) : 3) == 0) + printf("your string was a prefix of Grapes\n"); else if (strcmp(input, "BUFFEROVERFLOW") == 0) { buf = (char *)malloc(16); @@ -39,6 +49,8 @@ int main(int argc, char **argv) { printf("short local var memcmp works!\n"); else if (memcmp(global_cmpval, input, sizeof(global_cmpval)) == 0) printf("global var memcmp works!\n"); + else if (strncasecmp("-h", input, 2) == 0) + printf("this is not the help you are looking for\n"); else printf("I do not know your string\n"); diff --git a/test/test.sh b/test/test.sh index c52be154..431e3983 100755 --- a/test/test.sh +++ b/test/test.sh @@ -22,6 +22,20 @@ else GREPAOPTION= fi +test_compcov_binary_functionality() { + RUN="../afl-showmap -o /dev/null -- $1" + $RUN 'LIBTOKENCAP' | grep 'your string was LIBTOKENCAP' \ + && $RUN 'BUGMENOT' | grep 'your string was BUGMENOT' \ + && $RUN 'BANANA' | grep 'your string started with BAN' \ + && $RUN 'APRI' | grep 'your string was APRI' \ + && $RUN 'kiWI' | grep 'your string was Kiwi' \ + && $RUN 'Avocado' | grep 'your string was avocado' \ + && $RUN 'GRAX' 3 | grep 'your string was a prefix of Grapes' \ + && $RUN 'LOCALVARIABLE' | grep 'local var memcmp works!' \ + && $RUN 'abc' | grep 'short local var memcmp works!' \ + && $RUN 'GLOBALVARIABLE' | grep 'global var memcmp works!' +} > /dev/null + ECHO="printf %b\\n" $ECHO \\101 2>&1 | grep -qE '^A' || { ECHO= @@ -68,6 +82,7 @@ unset LD_PRELOAD rm -rf in in2 out export ASAN_OPTIONS=detect_leaks=0:allocator_may_return_null=1:abort_on_error=1:symbolize=0 +export AFL_LLVM_INSTRUMENT=AFL # on OpenBSD we need to work with llvm from /usr/local/bin test -e /usr/local/bin/opt && { @@ -258,7 +273,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { $ECHO "$RED[!] llvm_mode failed" CODE=1 } - test -e test-compcov.harden && { + test -e test-compcov.harden && test_compcov_binary_functionality ./test-compcov.harden && { grep -Eq$GREPAOPTION 'stack_chk_fail|fstack-protector-all|fortified' test-compcov.harden > /dev/null 2>&1 && { $ECHO "$GREEN[+] llvm_mode hardened mode succeeded and is working" } || { @@ -339,7 +354,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { # now for the special llvm_mode things test -e ../libLLVMInsTrim.so && { - AFL_LLVM_INSTRIM=1 AFL_LLVM_INSTRIM_LOOPHEAD=1 ../afl-clang-fast -o test-instr.instrim ../test-instr.c > /dev/null 2>test.out + AFL_LLVM_INSTRUMENT=CFG AFL_LLVM_INSTRIM_LOOPHEAD=1 ../afl-clang-fast -o test-instr.instrim ../test-instr.c > /dev/null 2>test.out test -e test-instr.instrim && { TUPLES=`echo 0|../afl-showmap -m ${MEM_LIMIT} -o /dev/null -- ./test-instr.instrim 2>&1 | grep Captur | awk '{print$3}'` test "$TUPLES" -gt 2 -a "$TUPLES" -lt 5 && { @@ -357,9 +372,10 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { $ECHO "$YELLOW[-] llvm_mode InsTrim not compiled, cannot test" INCOMPLETE=1 } + AFL_LLVM_INSTRUMENT=AFL AFL_DEBUG=1 AFL_LLVM_LAF_SPLIT_SWITCHES=1 AFL_LLVM_LAF_TRANSFORM_COMPARES=1 AFL_LLVM_LAF_SPLIT_COMPARES=1 ../afl-clang-fast -o test-compcov.compcov test-compcov.c > test.out 2>&1 - test -e test-compcov.compcov && { - grep --binary-files=text -Eq " [ 12][0-9][0-9] location| [3-9][0-9] location" test.out && { + test -e test-compcov.compcov && test_compcov_binary_functionality ./test-compcov.compcov && { + grep --binary-files=text -Eq " [ 123][0-9][0-9] location| [3-9][0-9] location" test.out && { $ECHO "$GREEN[+] llvm_mode laf-intel/compcov feature works correctly" } || { $ECHO "$RED[!] llvm_mode laf-intel/compcov feature failed" @@ -372,7 +388,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { rm -f test-compcov.compcov test.out echo foobar.c > whitelist.txt AFL_DEBUG=1 AFL_LLVM_WHITELIST=whitelist.txt ../afl-clang-fast -o test-compcov test-compcov.c > test.out 2>&1 - test -e test-compcov && { + test -e test-compcov && test_compcov_binary_functionality ./test-compcov && { grep -q "No instrumentation targets found" test.out && { $ECHO "$GREEN[+] llvm_mode whitelist feature works correctly" } || { @@ -511,7 +527,7 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && { CODE=1 } - test -e test-compcov.harden.gccpi && { + test -e test-compcov.harden.gccpi && test_compcov_binary_functionality ./test-compcov.harden.gccpi && { grep -Eq$GREPAOPTION 'stack_chk_fail|fstack-protector-all|fortified' test-compcov.harden.gccpi > /dev/null 2>&1 && { $ECHO "$GREEN[+] gcc_plugin hardened mode succeeded and is working" } || { @@ -556,7 +572,7 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && { # now for the special gcc_plugin things echo foobar.c > whitelist.txt AFL_GCC_WHITELIST=whitelist.txt ../afl-gcc-fast -o test-compcov test-compcov.c > /dev/null 2>&1 - test -e test-compcov && { + test -e test-compcov && test_compcov_binary_functionality ./test-compcov && { echo 1 | ../afl-showmap -m ${MEM_LIMIT} -o - -r -- ./test-compcov 2>&1 | grep -q "Captured 1 tuples" && { $ECHO "$GREEN[+] gcc_plugin whitelist feature works correctly" } || { |