From 564399bd754e355d28da5b498856c05b63901661 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Fri, 15 May 2020 09:04:55 +0200 Subject: v2.65d init --- docs/Changelog.md | 4 ++++ include/config.h | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index ef5759c8..9fe17961 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -9,6 +9,10 @@ Want to stay in the loop on major new features? Join our mailing list by sending a mail to . +### Version ++2.6d (dev) + - ... + + ### Version ++2.65c (release): - afl-fuzz: - AFL_MAP_SIZE was not working correctly diff --git a/include/config.h b/include/config.h index cd6ff641..6fde8b36 100644 --- a/include/config.h +++ b/include/config.h @@ -28,7 +28,7 @@ /* Version string: */ // c = release, d = volatile github dev, e = experimental branch -#define VERSION "++2.65c" +#define VERSION "++2.65d" /****************************************************** * * -- cgit 1.4.1 From d536ddc24085bced267143b4f45102715d71693e Mon Sep 17 00:00:00 2001 From: van Hauser Date: Fri, 15 May 2020 09:27:15 +0200 Subject: change: slaves only sync from masters --- TODO.md | 2 -- docs/Changelog.md | 7 +++++-- docs/parallel_fuzzing.md | 8 +++++--- include/afl-fuzz.h | 1 + llvm_mode/LLVMInsTrim.so.cc | 18 +++++++++-------- llvm_mode/afl-llvm-pass.so.cc | 20 +++++++++--------- src/afl-fuzz-init.c | 47 ++++++++++++++++++++++++++++++++++--------- src/afl-fuzz-run.c | 18 +++++++---------- src/afl-fuzz.c | 13 ++++++++++++ 9 files changed, 89 insertions(+), 45 deletions(-) diff --git a/TODO.md b/TODO.md index d084f6e8..4a4cd039 100644 --- a/TODO.md +++ b/TODO.md @@ -2,8 +2,6 @@ ## Roadmap 2.65+ - - sync_fuzzers(): only masters sync from all, slaves only sync from master - (@andrea: be careful, often people run all slaves) - AFL_MAP_SIZE for qemu_mode and unicorn_mode - random crc32 HASH_CONST per run? because with 65536 paths we have collisions - namespace for targets? e.g. network diff --git a/docs/Changelog.md b/docs/Changelog.md index 9fe17961..14b7fb6c 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -9,8 +9,11 @@ Want to stay in the loop on major new features? Join our mailing list by sending a mail to . -### Version ++2.6d (dev) - - ... +### Version ++2.65d (dev) + - afl-fuzz: + - -S slaves now only sync from the master to increase performance, + the -M master stilly syncs from everyone. Added checks that exactly + one master is present ### Version ++2.65c (release): diff --git a/docs/parallel_fuzzing.md b/docs/parallel_fuzzing.md index 8b39df04..12aefb46 100644 --- a/docs/parallel_fuzzing.md +++ b/docs/parallel_fuzzing.md @@ -57,12 +57,14 @@ Each fuzzer will keep its state in a separate subdirectory, like so: Each instance will also periodically rescan the top-level sync directory for any test cases found by other fuzzers - and will incorporate them into its own fuzzing when they are deemed interesting enough. +For performance reasons only -M masters sync the queue with everyone, the +-S slaves will only sync from the master. The difference between the -M and -S modes is that the master instance will still perform deterministic checks; while the secondary instances will -proceed straight to random tweaks. If you don't want to do deterministic -fuzzing at all, it's OK to run all instances with -S. With very slow or complex -targets, or when running heavily parallelized jobs, this is usually a good plan. +proceed straight to random tweaks. + +Note that you must always have one -M master instance! Note that running multiple -M instances is wasteful, although there is an experimental support for parallelizing the deterministic checks. To leverage diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index 9907c245..a77c634c 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -913,6 +913,7 @@ u32 find_start_position(afl_state_t *); void find_timeout(afl_state_t *); double get_runnable_processes(void); void nuke_resume_dir(afl_state_t *); +int check_master_exists(afl_state_t *); void setup_dirs_fds(afl_state_t *); void setup_cmdline_file(afl_state_t *, char **); void setup_stdio_file(afl_state_t *); diff --git a/llvm_mode/LLVMInsTrim.so.cc b/llvm_mode/LLVMInsTrim.so.cc index 7dc96bc3..ced1f383 100644 --- a/llvm_mode/LLVMInsTrim.so.cc +++ b/llvm_mode/LLVMInsTrim.so.cc @@ -160,21 +160,23 @@ struct InsTrim : public ModulePass { else #else if (ngram_size_str) -#ifdef LLVM_VERSION_STRING + #ifdef LLVM_VERSION_STRING FATAL( "Sorry, NGRAM branch coverage is not supported with llvm version %s!", LLVM_VERSION_STRING); -#else -#ifndef LLVM_VERSION_PATCH + #else + #ifndef LLVM_VERSION_PATCH FATAL( - "Sorry, NGRAM branch coverage is not supported with llvm version %d.%d.%d!", + "Sorry, NGRAM branch coverage is not supported with llvm version " + "%d.%d.%d!", LLVM_VERSION_MAJOR, LLVM_VERSION_MINOR, 0); -#else + #else FATAL( - "Sorry, NGRAM branch coverage is not supported with llvm version %d.%d.%d!", + "Sorry, NGRAM branch coverage is not supported with llvm version " + "%d.%d.%d!", LLVM_VERSION_MAJOR, LLVM_VERSION_MINOR, LLVM_VERISON_PATCH); -#endif -#endif + #endif + #endif #endif PrevLocSize = 1; diff --git a/llvm_mode/afl-llvm-pass.so.cc b/llvm_mode/afl-llvm-pass.so.cc index 5bf705f8..82dece75 100644 --- a/llvm_mode/afl-llvm-pass.so.cc +++ b/llvm_mode/afl-llvm-pass.so.cc @@ -211,15 +211,17 @@ bool AFLCoverage::runOnModule(Module &M) { else #else if (ngram_size_str) -#ifndef LLVM_VERSION_PATCH - FATAL("Sorry, NGRAM branch coverage is not supported with llvm version %d.%d.%d!", - LLVM_VERSION_MAJOR, LLVM_VERSION_MINOR, - 0); -#else - FATAL("Sorry, NGRAM branch coverage is not supported with llvm version %d.%d.%d!", - LLVM_VERSION_MAJOR, LLVM_VERSION_MINOR, - LLVM_VERSION_PATCH); -#endif + #ifndef LLVM_VERSION_PATCH + FATAL( + "Sorry, NGRAM branch coverage is not supported with llvm version " + "%d.%d.%d!", + LLVM_VERSION_MAJOR, LLVM_VERSION_MINOR, 0); + #else + FATAL( + "Sorry, NGRAM branch coverage is not supported with llvm version " + "%d.%d.%d!", + LLVM_VERSION_MAJOR, LLVM_VERSION_MINOR, LLVM_VERSION_PATCH); + #endif #endif PrevLocSize = 1; diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c index 613d1437..518de8af 100644 --- a/src/afl-fuzz-init.c +++ b/src/afl-fuzz-init.c @@ -1315,6 +1315,36 @@ dir_cleanup_failed: } +/* If this is a -S slave, ensure a -M master is running */ + +int check_master_exists(afl_state_t *afl) { + + DIR * sd; + struct dirent *sd_ent; + u8 * fn; + sd = opendir(afl->sync_dir); + if (!sd) { PFATAL("Unable to open '%s'", afl->sync_dir); } + while ((sd_ent = readdir(sd))) { + + /* Skip dot files and our own output directory. */ + + if (sd_ent->d_name[0] == '.' || !strcmp(afl->sync_id, sd_ent->d_name)) { + + continue; + + } + + fn = alloc_printf("%s/%s/is_master", afl->sync_dir, sd_ent->d_name); + int res = access(fn, F_OK); + free(fn); + if (res == 0) return 1; + + } + + return 0; + +} + /* Prepare output directories and fds. */ void setup_dirs_fds(afl_state_t *afl) { @@ -1330,18 +1360,15 @@ void setup_dirs_fds(afl_state_t *afl) { } - /* - if (afl->is_master) { + if (afl->is_master) { - u8 *x = alloc_printf("%s/%s/is_master", afl->sync_dir, afl->sync_id); - int fd = open(x, O_CREAT | O_RDWR, 0644); - if (fd < 0) FATAL("cannot create %s", x); - free(x); - close(fd); - - } + u8 *x = alloc_printf("%s/%s/is_master", afl->sync_dir, afl->sync_id); + int fd = open(x, O_CREAT | O_RDWR, 0644); + if (fd < 0) FATAL("cannot create %s", x); + free(x); + close(fd); - */ + } if (mkdir(afl->out_dir, 0700)) { diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c index bbcd9a99..3708cf1a 100644 --- a/src/afl-fuzz-run.c +++ b/src/afl-fuzz-run.c @@ -401,19 +401,15 @@ void sync_fuzzers(afl_state_t *afl) { } - /* - // a slave only syncs from a master, a master syncs from everyone - if (likely(afl->is_slave)) { + // a slave only syncs from a master, a master syncs from everyone + if (likely(afl->is_slave)) { - u8 x = alloc_printf("%s/%s/is_master", afl->sync_dir, sd_ent->d_name); - int res = access(x, F_OK); - free(x); - if (res != 0) - continue; + u8 *x = alloc_printf("%s/%s/is_master", afl->sync_dir, sd_ent->d_name); + int res = access(x, F_OK); + free(x); + if (likely(res != 0)) continue; - } - - */ + } /* Skip anything that doesn't have a queue/ subdirectory. */ diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 8625c37c..9240526e 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -1065,8 +1065,21 @@ int main(int argc, char **argv_orig, char **envp) { init_count_class16(); + if (afl->is_master && check_master_exists(afl) == 1) { + + WARNF("It is wasteful to run more than one master!"); + + } + setup_dirs_fds(afl); + if (afl->is_slave && check_master_exists(afl) == 0) { + + WARNF("no -M master found. You need to run one master!"); + sleep(5); + + } + setup_custom_mutators(afl); setup_cmdline_file(afl, argv + optind); -- cgit 1.4.1 From 57637ba0b0981a7e2ebd407fc04a619f4120fb62 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Fri, 15 May 2020 13:39:42 +0200 Subject: removed overlooked post_lib references, added post_lib examples to examples/custom_mutators --- docs/Changelog.md | 1 + docs/QuickStartGuide.md | 5 +- docs/life_pro_tips.md | 4 +- examples/README.md | 15 ++- examples/custom_mutators/README.md | 4 + examples/custom_mutators/post_library_gif.so.c | 159 +++++++++++++++++++++++++ examples/custom_mutators/post_library_png.so.c | 157 ++++++++++++++++++++++++ include/afl-fuzz.h | 2 - qemu_mode/README.md | 2 +- src/afl-fuzz-mutators.c | 3 - 10 files changed, 339 insertions(+), 13 deletions(-) create mode 100644 examples/custom_mutators/post_library_gif.so.c create mode 100644 examples/custom_mutators/post_library_png.so.c diff --git a/docs/Changelog.md b/docs/Changelog.md index 14b7fb6c..40b841a5 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -14,6 +14,7 @@ sending a mail to . - -S slaves now only sync from the master to increase performance, the -M master stilly syncs from everyone. Added checks that exactly one master is present + - added former post_library examples to examples/custom_mutators/ ### Version ++2.65c (release): diff --git a/docs/QuickStartGuide.md b/docs/QuickStartGuide.md index 1e1d60b7..10be409a 100644 --- a/docs/QuickStartGuide.md +++ b/docs/QuickStartGuide.md @@ -10,8 +10,9 @@ how to hit the ground running: If testing a network service, modify it to run in the foreground and read from stdin. When fuzzing a format that uses checksums, comment out the checksum verification code, too. - If this is not possible (e.g. in -Q(emu) mode) then use AFL_POST_LIBRARY - to calculate the values with your own library. + + If this is not possible (e.g. in -Q(emu) mode) then use + AFL_CUSTOM_MUTATOR_LIBRARY to calculate the values with your own library. The program must crash properly when a fault is encountered. Watch out for custom SIGSEGV or SIGABRT handlers and background processes. For tips on diff --git a/docs/life_pro_tips.md b/docs/life_pro_tips.md index 0724e83c..a5bd7286 100644 --- a/docs/life_pro_tips.md +++ b/docs/life_pro_tips.md @@ -82,8 +82,8 @@ You can find a simple solution in examples/argv_fuzzing. ## Attacking a format that uses checksums? -Remove the checksum-checking code or -use a postprocessor! See examples/post_library/ for more. +Remove the checksum-checking code or use a postprocessor! +See examples/custom_mutators/ for more. ## Dealing with a very slow target or hoping for instant results? diff --git a/examples/README.md b/examples/README.md index 3c5aa9f2..d28aadbe 100644 --- a/examples/README.md +++ b/examples/README.md @@ -2,7 +2,15 @@ Here's a quick overview of the stuff you can find in this directory: - - custom_mutators - example custom mutators in python an c + - afl_network_proxy - fuzz a target over the network: afl-fuzz on + a host, target on an embedded system. + + - afl_proxy - skeleton file example to show how to fuzz + something where you gather coverage data via + different means, e.g. hw debugger + + - afl_untracer - fuzz binary-only libraries much faster but with + less coverage than qemu_mode - argv_fuzzing - a simple wrapper to allow cmdline to be fuzzed (e.g., to test setuid programs). @@ -23,6 +31,9 @@ Here's a quick overview of the stuff you can find in this directory: - crash_triage - a very rudimentary example of how to annotate crashes with additional gdb metadata. + - custom_mutators - examples for the afl++ custom mutator interface in + C and Python + - distributed_fuzzing - a sample script for synchronizing fuzzer instances across multiple machines (see parallel_fuzzing.md). @@ -31,8 +42,6 @@ Here's a quick overview of the stuff you can find in this directory: - persistent_demo - an example of how to use the LLVM persistent process mode to speed up certain fuzzing jobs. - - post_library - an example of how to build postprocessors for AFL. - - socket_fuzzing - a LD_PRELOAD library 'redirects' a socket to stdin for fuzzing access with afl++ diff --git a/examples/custom_mutators/README.md b/examples/custom_mutators/README.md index 99fb9da3..a81538e6 100644 --- a/examples/custom_mutators/README.md +++ b/examples/custom_mutators/README.md @@ -15,6 +15,10 @@ example.c - this is a simple example written in C and should be compiled to a example.py - this is the template you can use, the functions are there but they are empty +post_library_gif.so.c - fix a fuzz input to ensure it is valid for GIF + +post_library_png.so.c - fix a fuzz input to ensure it is valid for PNG + simple-chunk-replace.py - this is a simple example where chunks are replaced common.py - this can be used for common functions and helpers. diff --git a/examples/custom_mutators/post_library_gif.so.c b/examples/custom_mutators/post_library_gif.so.c new file mode 100644 index 00000000..9b76ead5 --- /dev/null +++ b/examples/custom_mutators/post_library_gif.so.c @@ -0,0 +1,159 @@ +/* + american fuzzy lop++ - postprocessor library example + -------------------------------------------------- + + Originally written by Michal Zalewski + Edited by Dominik Maier, 2020 + + Copyright 2015 Google Inc. All rights reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at: + + http://www.apache.org/licenses/LICENSE-2.0 + + Postprocessor libraries can be passed to afl-fuzz to perform final cleanup + of any mutated test cases - for example, to fix up checksums in PNG files. + + Please heed the following warnings: + + 1) In almost all cases, it is more productive to comment out checksum logic + in the targeted binary (as shown in ../libpng_no_checksum/). One possible + exception is the process of fuzzing binary-only software in QEMU mode. + + 2) The use of postprocessors for anything other than checksums is + questionable and may cause more harm than good. AFL is normally pretty good + about dealing with length fields, magic values, etc. + + 3) Postprocessors that do anything non-trivial must be extremely robust to + gracefully handle malformed data and other error conditions - otherwise, + they will crash and take afl-fuzz down with them. Be wary of reading past + *len and of integer overflows when calculating file offsets. + + In other words, THIS IS PROBABLY NOT WHAT YOU WANT - unless you really, + honestly know what you're doing =) + + With that out of the way: the postprocessor library is passed to afl-fuzz + via AFL_POST_LIBRARY. The library must be compiled with: + + gcc -shared -Wall -O3 post_library.so.c -o post_library.so + + AFL will call the afl_custom_post_process() function for every mutated output + buffer. From there, you have three choices: + + 1) If you don't want to modify the test case, simply set `*out_buf = in_buf` + and return the original `len`. + + 2) If you want to skip this test case altogether and have AFL generate a + new one, return 0 or set `*out_buf = NULL`. + Use this sparingly - it's faster than running the target program + with patently useless inputs, but still wastes CPU time. + + 3) If you want to modify the test case, allocate an appropriately-sized + buffer, move the data into that buffer, make the necessary changes, and + then return the new pointer as out_buf. Return an appropriate len + afterwards. + + Note that the buffer will *not* be freed for you. To avoid memory leaks, + you need to free it or reuse it on subsequent calls (as shown below). + + *** Feel free to reuse the original 'in_buf' BUFFER and return it. *** + + Aight. The example below shows a simple postprocessor that tries to make + sure that all input files start with "GIF89a". + + PS. If you don't like C, you can try out the unix-based wrapper from + Ben Nagy instead: https://github.com/bnagy/aflfix + + */ + +#include +#include +#include + +/* Header that must be present at the beginning of every test case: */ + +#define HEADER "GIF89a" + +typedef struct post_state { + + unsigned char *buf; + size_t size; + +} post_state_t; + +void *afl afl_custom_init(void *afl) { + + post_state_t *state = malloc(sizeof(post_state_t)); + if (!state) { + + perror("malloc"); + return NULL; + + } + + state->buf = calloc(sizeof(unsigned char), 4096); + if (!state->buf) { return NULL; } + + return state; + +} + +/* The actual postprocessor routine called by afl-fuzz: */ + +size_t afl_custom_post_process(post_state_t *data, unsigned char *in_buf, + unsigned int len, unsigned char **out_buf) { + + /* Skip execution altogether for buffers shorter than 6 bytes (just to + show how it's done). We can trust len to be sane. */ + + if (len < strlen(HEADER)) return 0; + + /* Do nothing for buffers that already start with the expected header. */ + + if (!memcmp(in_buf, HEADER, strlen(HEADER))) { + + *out_buf = in_buf; + return len; + + } + + /* Allocate memory for new buffer, reusing previous allocation if + possible. */ + + *out_buf = realloc(data->buf, len); + + /* If we're out of memory, the most graceful thing to do is to return the + original buffer and give up on modifying it. Let AFL handle OOM on its + own later on. */ + + if (!*out_buf) { + + *out_buf = in_buf; + return len; + + } + + /* Copy the original data to the new location. */ + + memcpy(*out_buf, in_buf, len); + + /* Insert the new header. */ + + memcpy(*out_buf, HEADER, strlen(HEADER)); + + /* Return the new len. It hasn't changed, so it's just len. */ + + return len; + +} + +/* Gets called afterwards */ +void afl_custom_deinit(post_state_t *data) { + + free(data->buf); + free(data); + +} + diff --git a/examples/custom_mutators/post_library_png.so.c b/examples/custom_mutators/post_library_png.so.c new file mode 100644 index 00000000..7c1ea93e --- /dev/null +++ b/examples/custom_mutators/post_library_png.so.c @@ -0,0 +1,157 @@ +/* + american fuzzy lop++ - postprocessor for PNG + ------------------------------------------ + + Originally written by Michal Zalewski + + Copyright 2015 Google Inc. All rights reserved. + Adapted to the new API, 2020 by Dominik Maier + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at: + + http://www.apache.org/licenses/LICENSE-2.0 + + See post_library.so.c for a general discussion of how to implement + postprocessors. This specific postprocessor attempts to fix up PNG + checksums, providing a slightly more complicated example than found + in post_library.so.c. + + Compile with: + + gcc -shared -Wall -O3 post_library_png.so.c -o post_library_png.so -lz + + */ + +#include +#include +#include +#include +#include + +#include + +/* A macro to round an integer up to 4 kB. */ + +#define UP4K(_i) ((((_i) >> 12) + 1) << 12) + +typedef struct post_state { + + unsigned char *buf; + size_t size; + +} post_state_t; + +void *afl_custom_init(void *afl) { + + post_state_t *state = malloc(sizeof(post_state_t)); + if (!state) { + + perror("malloc"); + return NULL; + + } + + state->buf = calloc(sizeof(unsigned char), 4096); + if (!state->buf) { return NULL; } + + return state; + +} + +size_t afl_custom_post_process(post_state_t *data, const unsigned char *in_buf, + unsigned int len, + const unsigned char **out_buf) { + + unsigned char *new_buf = (unsigned char *)in_buf; + unsigned int pos = 8; + + /* Don't do anything if there's not enough room for the PNG header + (8 bytes). */ + + if (len < 8) { + + *out_buf = in_buf; + return len; + + } + + /* Minimum size of a zero-length PNG chunk is 12 bytes; if we + don't have that, we can bail out. */ + + while (pos + 12 <= len) { + + unsigned int chunk_len, real_cksum, file_cksum; + + /* Chunk length is the first big-endian dword in the chunk. */ + + chunk_len = ntohl(*(uint32_t *)(in_buf + pos)); + + /* Bail out if chunk size is too big or goes past EOF. */ + + if (chunk_len > 1024 * 1024 || pos + 12 + chunk_len > len) break; + + /* Chunk checksum is calculated for chunk ID (dword) and the actual + payload. */ + + real_cksum = htonl(crc32(0, in_buf + pos + 4, chunk_len + 4)); + + /* The in-file checksum is the last dword past the chunk data. */ + + file_cksum = *(uint32_t *)(in_buf + pos + 8 + chunk_len); + + /* If the checksums do not match, we need to fix the file. */ + + if (real_cksum != file_cksum) { + + /* First modification? Make a copy of the input buffer. Round size + up to 4 kB to minimize the number of reallocs needed. */ + + if (new_buf == in_buf) { + + if (len <= data->size) { + + new_buf = data->buf; + + } else { + + new_buf = realloc(data->buf, UP4K(len)); + if (!new_buf) { + + *out_buf = in_buf; + return len; + + } + + data->buf = new_buf; + data->size = UP4K(len); + memcpy(new_buf, in_buf, len); + + } + + } + + *(uint32_t *)(new_buf + pos + 8 + chunk_len) = real_cksum; + + } + + /* Skip the entire chunk and move to the next one. */ + + pos += 12 + chunk_len; + + } + + *out_buf = new_buf; + return len; + +} + +/* Gets called afterwards */ +void afl_custom_deinit(post_state_t *data) { + + free(data->buf); + free(data); + +} + diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index a77c634c..6e74f824 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -547,8 +547,6 @@ typedef struct afl_state { /* afl_postprocess API - Now supported via custom mutators */ - struct custom_mutator *post_library_mutator; - /* CmpLog */ char * cmplog_binary; diff --git a/qemu_mode/README.md b/qemu_mode/README.md index 76b74e17..50d451b6 100644 --- a/qemu_mode/README.md +++ b/qemu_mode/README.md @@ -157,7 +157,7 @@ match. ## 10) Gotchas, feedback, bugs If you need to fix up checksums or do other cleanup on mutated test cases, see -examples/post_library/ for a viable solution. +examples/custom_mutators/ for a viable solution. Do not mix QEMU mode with ASAN, MSAN, or the likes; QEMU doesn't appreciate the "shadow VM" trick employed by the sanitizers and will probably just diff --git a/src/afl-fuzz-mutators.c b/src/afl-fuzz-mutators.c index 87cb86fa..29e10d02 100644 --- a/src/afl-fuzz-mutators.c +++ b/src/afl-fuzz-mutators.c @@ -108,9 +108,6 @@ void setup_custom_mutators(afl_state_t *afl) { #endif - if (afl->post_library_mutator) - list_append(&afl->custom_mutator_list, afl->post_library_mutator); - } void destroy_custom_mutators(afl_state_t *afl) { -- cgit 1.4.1 From 2b922e9e684b51c04c7311ed6fca1334b43b54f6 Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Fri, 15 May 2020 17:07:30 +0200 Subject: fix possible null ptr deref in afl-prealloc.h --- include/afl-prealloc.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/afl-prealloc.h b/include/afl-prealloc.h index 66e6aadf..5e5d7b85 100644 --- a/include/afl-prealloc.h +++ b/include/afl-prealloc.h @@ -61,6 +61,7 @@ typedef enum prealloc_status { if ((prealloc_counter) >= (prealloc_size)) { \ \ el_ptr = malloc(sizeof(*el_ptr)); \ + if (!el_ptr) { FATAL("error in list.h -> out of memory for element!"); } \ el_ptr->pre_status = PRE_STATUS_MALLOC; \ \ } else { \ -- cgit 1.4.1 From afb81b8005f67b37780bdacbab83ea664bac5a9d Mon Sep 17 00:00:00 2001 From: van Hauser Date: Sat, 16 May 2020 11:17:36 +0200 Subject: added lots of dictionaries --- dictionaries/README.md | 3 + dictionaries/aff.dict | 73 ++ dictionaries/ass.dict | 112 +++ dictionaries/atom.dict | 33 + dictionaries/av1_dc.dict | 5 + dictionaries/bash.dict | 152 +++ dictionaries/bdf.dict | 30 + dictionaries/bmp.dict | 10 + dictionaries/bz2.dict | 3 + dictionaries/creole.dict | 14 + dictionaries/css.dict | 354 +++++++ dictionaries/csv.dict | 6 + dictionaries/dds.dict | 35 + dictionaries/djvu.dict | 34 + dictionaries/docommand.dict | 688 +++++++++++++ dictionaries/exif.dict | 222 +++++ dictionaries/fbs.dict | 42 + dictionaries/graphviz.dict | 373 +++++++ dictionaries/heif.dict | 76 ++ dictionaries/hoextdown.dict | 49 + dictionaries/http.dict | 119 +++ dictionaries/icc.dict | 591 +++++++++++ dictionaries/iccprofile.dict | 25 + dictionaries/icns.dict | 43 + dictionaries/initfile.dict | 688 +++++++++++++ dictionaries/jbig2.dict | 98 ++ dictionaries/jpeg2000.dict | 22 + dictionaries/json.dict | 9 + dictionaries/jsonnet.dict | 60 ++ dictionaries/markdown.dict | 28 + dictionaries/math.dict | 20 + dictionaries/mathml.dict | 279 ++++++ dictionaries/mp4.dict | 82 ++ dictionaries/mysqld.dict | 1 + dictionaries/ogg.dict | 36 + dictionaries/openexr.dict | 57 ++ dictionaries/otf.dict | 963 ++++++++++++++++++ dictionaries/pbm.dict | 29 + dictionaries/pcap.dict | 10 + dictionaries/proj4.dict | 249 +++++ dictionaries/protobuf.dict | 40 + dictionaries/ps.dict | 433 +++++++++ dictionaries/psd.dict | 180 ++++ dictionaries/regexp.dict | 414 ++++---- dictionaries/riff.dict | 17 + dictionaries/rss.dict | 31 + dictionaries/rst.dict | 21 + dictionaries/rtf.dict | 419 ++++++++ dictionaries/sas.dict | 37 + dictionaries/spss.dict | 46 + dictionaries/stata.dict | 22 + dictionaries/svg.dict | 170 ++++ dictionaries/tex.dict | 122 +++ dictionaries/theme-load-fuzz.dict | 9 + dictionaries/tokener_parse_ex.dict | 18 + dictionaries/toml.dict | 22 + dictionaries/type42.dict | 25 + dictionaries/url.dict | 62 ++ dictionaries/utf8.dict | 73 ++ dictionaries/vcf.dict | 119 +++ dictionaries/vhd.dict | 10 + dictionaries/vpx_dec.dict | 8 + dictionaries/wav.dict | 25 + dictionaries/webm.dict | 152 +++ dictionaries/wkt.dict | 35 + dictionaries/x86.dict | 1885 ++++++++++++++++++++++++++++++++++++ dictionaries/xml_UTF_16.dict | 103 ++ dictionaries/xml_UTF_16BE.dict | 103 ++ dictionaries/xml_UTF_16LE.dict | 103 ++ dictionaries/xpath.dict | 66 ++ dictionaries/xslt.dict | 118 +++ dictionaries/yaml.dict | 79 ++ dictionaries/yara.dict | 196 ++++ dictionaries/zip.dict | 3 + docs/Changelog.md | 1 + 75 files changed, 10677 insertions(+), 213 deletions(-) create mode 100644 dictionaries/aff.dict create mode 100644 dictionaries/ass.dict create mode 100644 dictionaries/atom.dict create mode 100644 dictionaries/av1_dc.dict create mode 100644 dictionaries/bash.dict create mode 100644 dictionaries/bdf.dict create mode 100644 dictionaries/bmp.dict create mode 100644 dictionaries/bz2.dict create mode 100644 dictionaries/creole.dict create mode 100644 dictionaries/css.dict create mode 100644 dictionaries/csv.dict create mode 100644 dictionaries/dds.dict create mode 100644 dictionaries/djvu.dict create mode 100644 dictionaries/docommand.dict create mode 100644 dictionaries/exif.dict create mode 100644 dictionaries/fbs.dict create mode 100644 dictionaries/graphviz.dict create mode 100644 dictionaries/heif.dict create mode 100644 dictionaries/hoextdown.dict create mode 100644 dictionaries/http.dict create mode 100644 dictionaries/icc.dict create mode 100644 dictionaries/iccprofile.dict create mode 100644 dictionaries/icns.dict create mode 100644 dictionaries/initfile.dict create mode 100644 dictionaries/jbig2.dict create mode 100644 dictionaries/jpeg2000.dict create mode 100644 dictionaries/jsonnet.dict create mode 100644 dictionaries/markdown.dict create mode 100644 dictionaries/math.dict create mode 100644 dictionaries/mathml.dict create mode 100644 dictionaries/mp4.dict create mode 100644 dictionaries/mysqld.dict create mode 100644 dictionaries/ogg.dict create mode 100644 dictionaries/openexr.dict create mode 100644 dictionaries/otf.dict create mode 100644 dictionaries/pbm.dict create mode 100644 dictionaries/pcap.dict create mode 100644 dictionaries/proj4.dict create mode 100644 dictionaries/protobuf.dict create mode 100644 dictionaries/ps.dict create mode 100644 dictionaries/psd.dict create mode 100644 dictionaries/riff.dict create mode 100644 dictionaries/rss.dict create mode 100644 dictionaries/rst.dict create mode 100644 dictionaries/rtf.dict create mode 100644 dictionaries/sas.dict create mode 100644 dictionaries/spss.dict create mode 100644 dictionaries/stata.dict create mode 100644 dictionaries/svg.dict create mode 100644 dictionaries/tex.dict create mode 100644 dictionaries/theme-load-fuzz.dict create mode 100644 dictionaries/tokener_parse_ex.dict create mode 100644 dictionaries/toml.dict create mode 100644 dictionaries/type42.dict create mode 100644 dictionaries/url.dict create mode 100644 dictionaries/utf8.dict create mode 100644 dictionaries/vcf.dict create mode 100644 dictionaries/vhd.dict create mode 100644 dictionaries/vpx_dec.dict create mode 100644 dictionaries/wav.dict create mode 100644 dictionaries/webm.dict create mode 100644 dictionaries/wkt.dict create mode 100644 dictionaries/x86.dict create mode 100644 dictionaries/xml_UTF_16.dict create mode 100644 dictionaries/xml_UTF_16BE.dict create mode 100644 dictionaries/xml_UTF_16LE.dict create mode 100644 dictionaries/xpath.dict create mode 100644 dictionaries/xslt.dict create mode 100644 dictionaries/yaml.dict create mode 100644 dictionaries/yara.dict create mode 100644 dictionaries/zip.dict diff --git a/dictionaries/README.md b/dictionaries/README.md index 6d529e45..616a83cc 100644 --- a/dictionaries/README.md +++ b/dictionaries/README.md @@ -8,6 +8,9 @@ grammar of some of the more verbose data formats or languages. The basic principle behind the operation of fuzzer dictionaries is outlined in section 10 of the "main" README.md for the project. +These sets were done by Michal Zalewski, various contributors, and imported +from oss-fuzz, go-fuzz and libfuzzer. + Custom dictionaries can be added at will. They should consist of a reasonably-sized set of rudimentary syntax units that the fuzzer will then try to clobber together in various ways. Snippets between 2 and 16 bytes are diff --git a/dictionaries/aff.dict b/dictionaries/aff.dict new file mode 100644 index 00000000..09dae5de --- /dev/null +++ b/dictionaries/aff.dict @@ -0,0 +1,73 @@ +# https://www.systutorials.com/docs/linux/man/4-hunspell/ + +# Affix keywords +"AF" +"AM" +"BREAK" +"CHECKCOMPOUNDCASE" +"CHECKCOMPOUNDDUP" +"CHECKCOMPOUNDPATTERN" +"CHECKCOMPOUNDREP" +"CHECKCOMPOUNDTRIPLE" +"COMPLEXPREFIXES" +"COMPOUNDBEGIN" +"COMPOUNDFLAG" +"COMPOUNDFORBIDFLAG" +"COMPOUNDLAST" +"COMPOUNDMIDDLE" +"COMPOUNDMIN" +"COMPOUNDPERMITFLAG" +"COMPOUNDROOT" +"COMPOUNDRULE" +"COMPOUNDSYLLABLE" +"COMPOUNDWORDMAX" +"FLAG" +"FORBIDWARN" +"FORCEUCASE" +"IGNORE" +"KEY" +"LANG" +"MAP" +"MAXCODSUGS" +"MAXDIFF" +"MAXNGRAMSUGS" +"NOSPLITSUGS" +"NOSUGGEST" +"ONLYINCOMPOUND" +"ONLYMAXDIFF" +"PFX" +"PHONE" +"REP" +"SET" +"SFX" +"SIMPLIFIEDTRIPLE" +"SUGWITHDOTS" +"SYLLABLENUM" +"TRY" +"WARN" +"CIRCUMFIX" +"FORBIDDENWORD" +"FULLSTRIP" +"KEEPCASE" +"ICONV" +"OCONV" +"LEMMA_PRESENT" +"NEEDAFFIX" +"PSEUDOROOT" +"SUBSTANDARD" +"WORDCHARS" +"CHECKSHARPS" + +# Optional data fields +"ph:" +"st:" +"al:" +"po:" +"ds:" +"is:" +"ts:" +"sp:" +"pa:" +"dp:" +"ip:" +"tp:" diff --git a/dictionaries/ass.dict b/dictionaries/ass.dict new file mode 100644 index 00000000..aa4f9b43 --- /dev/null +++ b/dictionaries/ass.dict @@ -0,0 +1,112 @@ +"0x" +"\\1a" +"\\2a" +"\\2c" +"\\3a" +"\\3c" +"\\4a" +"\\4c" +"\\a" +"\\alpha" +"\\an" +"Arial" +"\\b" +"Banner;" +"\\be" +"\\blur" +"\\bord" +"\\c" +"CFF" +"CID Type 1" +"\\clip" +"clip" +"Courier" +"Courier New" +"Default" +"Dialogue:" +"[Events]" +"\\fade" +"\\fax" +"\\fay" +"\\fe" +"\\fn" +"fontname:" +"[Fonts]" +"Format:" +"\\frx" +"\\fry" +"\\frz" +"\\fs" +"\\fsc" +"\\fscx" +"\\fscy" +"\\fsp" +"&h" +"Helvetica" +"\\i" +"\\iclip" +"iclip" +"\\k" +"Kerning:" +"Kerning" +"\\kf" +"\\ko" +"Language:" +"monospace" +"\\move" +"move" +"none" +"\\org" +"org" +"OverrideStyle" +"\\p" +"p" +"\\pbo" +"pbo" +"pc.240m" +"pc.601" +"pc.709" +"pc.fcc" +"PlayResX:" +"PlayResX" +"PlayResY:" +"PlayResY" +"\\pos" +"pos" +"\\q" +"\\r" +"\\s" +"sans-serif" +"ScaledBorderAndShadow:" +"ScaledBorderAndShadow" +"[Script Info]" +"Scroll down;" +"Scroll up;" +"serif" +"\\shad" +"Style:" +"\\t" +"Text" +"Timer:" +"Timer" +"Times" +"Times New Roman" +"tv.240m" +"tv.601" +"tv.709" +"tv.fcc" +"Type 1" +"Type 42" +"\\u" +"UTF-8" +"[V4 Styles]" +"[V4+ Styles]" +"WrapStyle:" +"WrapStyle" +"\\xbord" +"\\xshad" +"\\ybord" +"YCbCr Matrix:" +"YCbCr Matrix" +"yes" +"\\yshad" diff --git a/dictionaries/atom.dict b/dictionaries/atom.dict new file mode 100644 index 00000000..e9e6884d --- /dev/null +++ b/dictionaries/atom.dict @@ -0,0 +1,33 @@ +# https://validator.w3.org/feed/docs/atom.html +# https://tools.ietf.org/html/rfc4287 + +"" +"" + +"" +"" +"" +"" +"" +"" +"" +"" +"" +"" +"" +"" +"" +"" +"" +" +"" +"" +"" +"" +"" +"" +"" +"" +"" +"<updated>" +"<uri>" diff --git a/dictionaries/av1_dc.dict b/dictionaries/av1_dc.dict new file mode 100644 index 00000000..fb163886 --- /dev/null +++ b/dictionaries/av1_dc.dict @@ -0,0 +1,5 @@ +# IVF Signature + version (bytes 0-5) +kw1="DKIF\x00\x00" + +# AV1 codec fourCC (bytes 8-11) +kw2="AV01" diff --git a/dictionaries/bash.dict b/dictionaries/bash.dict new file mode 100644 index 00000000..a70e9ff6 --- /dev/null +++ b/dictionaries/bash.dict @@ -0,0 +1,152 @@ +# Keywords taken from +# - https://www.gnu.org/software/bash/manual/html_node/Bash-Variables.html +# - https://www.gnu.org/software/bash/manual/html_node/Bourne-Shell-Builtins.html +# - https://www.gnu.org/software/bash/manual/html_node/Bourne-Shell-Variables.html +# - https://www.gnu.org/software/bash/manual/html_node/Reserved-Word-Index.html + +"!" +"." +":" +"[" +"[[" +"]]" +"{" +"}" +"BASH" +"BASH_ALIASES" +"BASH_ARGC" +"BASH_ARGV" +"BASH_ARGV0" +"BASH_CMDS" +"BASH_COMMAND" +"BASH_COMPAT" +"BASH_ENV" +"BASH_EXECUTION_STRING" +"BASH_LINENO" +"BASH_LOADABLES_PATH" +"BASHOPTS" +"BASHPID" +"BASH_REMATCH" +"BASH_SOURCE" +"BASH_SUBSHELL" +"BASH_VERSINFO" +"BASH_VERSION" +"BASH_XTRACEFD" +"break" +"case" +"cd" +"CDPATH" +"CHILD_MAX" +"COLUMNS" +"COMP_CWORD" +"COMP_KEY" +"COMP_LINE" +"COMP_POINT" +"COMPREPLY" +"COMP_TYPE" +"COMP_WORDBREAKS" +"COMP_WORDS" +"continue" +"COPROC" +"DIRSTACK" +"do" +"done" +"elif" +"else" +"EMACS" +"ENV" +"EPOCHREALTIME" +"EPOCHSECONDS" +"esac" +"EUID" +"eval" +"exec" +"EXECIGNORE" +"exit" +"export" +"FCEDIT" +"fi" +"FIGNORE" +"for" +"FUNCNAME" +"FUNCNEST" +"function" +"getopts" +"GLOBIGNORE" +"GROUPS" +"hash" +"histchars" +"HISTCMD" +"HISTCONTROL" +"HISTFILE" +"HISTFILESIZE" +"HISTIGNORE" +"HISTSIZE" +"HISTTIMEFORMAT" +"HOME" +"HOSTFILE" +"HOSTNAME" +"HOSTTYPE" +"if" +"IFS" +"IGNOREEOF" +"in" +"INPUTRC" +"INSIDE_EMACS" +"LANG" +"LC_ALL" +"LC_COLLATE" +"LC_CTYPE" +"LC_MESSAGES" +"LC_NUMERIC" +"LC_TIME" +"LINENO" +"LINES" +"MACHTYPE" +"MAIL" +"MAILCHECK" +"MAILPATH" +"MAPFILE" +"OLDPWD" +"OPTARG" +"OPTERR" +"OPTIND" +"OSTYPE" +"PATH" +"PIPESTATUS" +"POSIXLY_CORRECT" +"PPID" +"PROMPT_COMMAND" +"PROMPT_DIRTRIM" +"PS0" +"PS1" +"PS2" +"PS3" +"PS4" +"pwd" +"PWD" +"RANDOM" +"READLINE_LINE" +"READLINE_POINT" +"readonly" +"REPLY" +"return" +"SECONDS" +"select" +"SHELL" +"SHELLOPTS" +"shift" +"SHLVL" +"test" +"then" +"time" +"TIMEFORMAT" +"times" +"TMOUT" +"TMPDIR" +"trap" +"UID" +"umask" +"unset" +"until" +"while" diff --git a/dictionaries/bdf.dict b/dictionaries/bdf.dict new file mode 100644 index 00000000..953d1f1b --- /dev/null +++ b/dictionaries/bdf.dict @@ -0,0 +1,30 @@ +# https://en.wikipedia.org/wiki/Glyph_Bitmap_Distribution_Format +# https://www.adobe.com/content/dam/acom/en/devnet/font/pdfs/5005.BDF_Spec.pdf + +"STARTFONT" +"COMMENT" +"CONTENTVERSION" +"FONT" +"SIZE" +"FONTBOUNDINGBOX" +"METRICSSET" +"SWIDTH" +"DWIDTH" +"SWIDTH1" +"DWIDTH1" +"VVECTOR" +"STARTPROPERTIES" +"ENDPROPERTIES" +"CHARS" +"STARTCHAR" +"ENCODING" +"BBX" +"BITMAP" +"ENDCHAR" +"ENDFONT" + +# misc +"255" +"-1" +"0" +"2.1" diff --git a/dictionaries/bmp.dict b/dictionaries/bmp.dict new file mode 100644 index 00000000..76458419 --- /dev/null +++ b/dictionaries/bmp.dict @@ -0,0 +1,10 @@ +windows="BM" +os2_bitmap="BA" +os2_icon="CI" +os2_pointer="CP" +os2_struct="IC" +os2_ptr="PT" +windows_color_space="Win " +srgb="sRGB" +link="LINK" +mbed="MBED" \ No newline at end of file diff --git a/dictionaries/bz2.dict b/dictionaries/bz2.dict new file mode 100644 index 00000000..32db6d70 --- /dev/null +++ b/dictionaries/bz2.dict @@ -0,0 +1,3 @@ +magic="BZ" +compress_magic="\x31\x41\x59\x26\x53\x59" +eos_magic="\x17\x72\x45\x38\x50\x90" \ No newline at end of file diff --git a/dictionaries/creole.dict b/dictionaries/creole.dict new file mode 100644 index 00000000..65a9909a --- /dev/null +++ b/dictionaries/creole.dict @@ -0,0 +1,14 @@ +# http://www.wikicreole.org/wiki/Creole1.0 + +bold="**" +italic="//" +heading="==" +link1="[[a|b]]" +link2="[[a:b]]" +hr="----" +img=" {{a|b}}" +table_heading="|=a |=b |" +raw="{{{a}}}" +escape="~" +placeholder="<<<x>>>" +line_break="\\\\" diff --git a/dictionaries/css.dict b/dictionaries/css.dict new file mode 100644 index 00000000..92fa536c --- /dev/null +++ b/dictionaries/css.dict @@ -0,0 +1,354 @@ +# https://en.wikipedia.org/wiki/Cascading_Style_Sheets + +# selectors +"::after" +"::before" +"::first-letter" +"::first-line" +"::placeholder" +"::selection" +":active" +":checked" +":default" +":disabled" +":empty" +":enabled" +":first-child" +":first-of-type" +":focus" +":hover" +":in-range" +":indeterminate" +":invalid" +":lang(" +":last-child" +":last-of-type" +":link" +":not(" +":nth-child(" +":nth-last-child(" +":nth-last-of-type(" +":nth-of-type(" +":only-child" +":only-of-type" +":optional" +":out-of-range" +":read-only" +":read-write" +":required" +":root" +":target" +":valid" +":visited" + +# units +"ch" +"cm" +"em" +"ex" +"in" +"mm" +"pc" +"pt" +"px" +"rem" +"vh" +"vmax" +"vmin" +"vw" + +# functions +"attr(" +"calc(" +"cubic-bezier(" +"hsl(" +"hsls(" +"linear-gradient(" +"radial-gradient(" +"repeating-linear-gradient(" +"repeating-radial-gradient(" +"rgb(" +"rgba(" +"var(" + +# prefixes +"-moz" +"-webkit" + +# properties +"@charset" +"@font-face" +"@font-feature-values" +"@import" +"@keyframes" +"@media" +"align-items" +"align-self" +"all" +"animation" +"animation-delay" +"animation-direction" +"animation-duration" +"animation-fill-mode" +"animation-iteration-count" +"animation-name" +"animation-play-state" +"animation-timing-function" +"backface-visibility" +"background" +"background-attachment" +"background-blend-mode" +"background-clip" +"background-color" +"background-image" +"background-origin" +"background-position" +"background-repeat" +"background-size" +"border" +"border-bottom" +"border-bottom-color" +"border-bottom-left-radius" +"border-bottom-right-radius" +"border-bottom-style" +"border-bottom-width" +"border-collapse" +"border-color" +"border-image" +"border-image-outset" +"border-image-repeat" +"border-image-slice" +"border-image-source" +"border-image-width" +"border-left" +"border-left-color" +"border-left-style" +"border-left-width" +"border-radius" +"border-right" +"border-right-color" +"border-right-style" +"border-right-width" +"border-spacing" +"border-style" +"border-top" +"border-top-color" +"border-top-left-radius" +"border-top-right-radius" +"border-top-style" +"border-top-width" +"border-width" +"bottom" +"box-decoration-break" +"box-shadow" +"box-sizing" +"break-after" +"break-before" +"break-inside" +"caption-side" +"caret-color" +"clear" +"clip" +"color" +"column-count" +"column-fill" +"column-gap" +"column-rule" +"column-rule-color" +"column-rule-style" +"column-rule-width" +"column-span" +"column-width" +"columns" +"content" +"counter-increment" +"counter-reset" +"cursor" +"direction" +"display" +"empty-cells" +"filter" +"flex" +"flex-basis" +"flex-direction" +"flex-flow" +"flex-grow" +"flex-shrink" +"flex-wrap" +"float" +"font" +"font-family" +"font-feature-settings" +"font-kerning" +"font-language-override" +"font-size" +"font-size-adjust" +"font-stretch" +"font-style" +"font-synthesis" +"font-variant" +"font-variant-alternates" +"font-variant-caps" +"font-variant-east-asian" +"font-variant-ligatures" +"font-variant-numeric" +"font-variant-position" +"font-weight" +"from" +"grid" +"grid-area" +"grid-auto-columns" +"grid-auto-flow" +"grid-auto-rows" +"grid-column" +"grid-column-end" +"grid-column-gap" +"grid-column-start" +"grid-gap" +"grid-row" +"grid-row-end" +"grid-row-gap" +"grid-row-start" +"grid-template" +"grid-template-areas" +"grid-template-columns" +"grid-template-rows" +"hanging-punctuation" +"height" +"hyphens" +"image-rendering" +"isolation" +"justify-content" +"left" +"letter-spacing" +"line-break" +"line-height" +"list-style" +"list-style-image" +"list-style-position" +"list-style-type" +"margin" +"margin-bottom" +"margin-left" +"margin-right" +"margin-top" +"max-height" +"max-width" +"min-height" +"min-width" +"mix-blend-mode" +"object-fit" +"object-position" +"opacity" +"order" +"orphans" +"outline" +"outline-color" +"outline-offset" +"outline-style" +"outline-width" +"overflow" +"overflow-wrap" +"overflow-x" +"overflow-y" +"padding" +"padding-bottom" +"padding-left" +"padding-right" +"padding-top" +"page-break-after" +"page-break-before" +"page-break-inside" +"perspective" +"perspective-origin" +"pointer-events" +"position" +"quotes" +"resize" +"right" +"scroll-behavior" +"tab-size" +"table-layout" +"text-align" +"text-align-last" +"text-combine-upright" +"text-decoration" +"text-decoration-color" +"text-decoration-line" +"text-decoration-style" +"text-indent" +"text-justify" +"text-orientation" +"text-overflow" +"text-shadow" +"text-transform" +"text-underline-position" +"to" +"top" +"transform" +"transform-origin" +"transform-style" +"transition" +"transition-delay" +"transition-duration" +"transition-property" +"transition-timing-function" +"unicode-bidi" +"user-select" +"vertical-align" +"visibility" +"white-space" +"widows" +"width" +"word-break" +"word-spacing" +"word-wrap" +"writing-mode" +"z-index" + + +# aural - https://www.w3schools.com/cssref/css_ref_aural.asp +"above" +"azimuth" +"below" +"center" +"code" +"continuous" +"cue" +"cue-after" +"cue-before" +"elevation" +"generic-voice" +"left" +"left-side" +"leftwards" +"lower" +"medium" +"mix" +"none" +"once" +"pause" +"pause-after" +"pause-before" +"pitch" +"pitch-range" +"play-during" +"richness" +"right" +"right-side" +"slower" +"speak" +"speak-header" +"speak-numeral" +"speak-punctuation" +"speech-rate" +"stress" +"url" +"voice-family" +"volume" +"x-fast" +"x-high" +"x-loud" +"x-low" +"x-slow" +"x-soft" diff --git a/dictionaries/csv.dict b/dictionaries/csv.dict new file mode 100644 index 00000000..6ca621cd --- /dev/null +++ b/dictionaries/csv.dict @@ -0,0 +1,6 @@ +"\x00" +"\r\n" +";;" +",," +"\t;" +"\n;" \ No newline at end of file diff --git a/dictionaries/dds.dict b/dictionaries/dds.dict new file mode 100644 index 00000000..c064eadd --- /dev/null +++ b/dictionaries/dds.dict @@ -0,0 +1,35 @@ +# See http://www.mindcontrol.org/~hplus/graphics/dds-info/ + +magic="\x20\x53\x44\x44" + +# Headers +"\x00\x00\x00\x01" +"\x00\x00\x00\x02" +"\x00\x00\x00\x04" +"\x00\x00\x00\x08" +"\x00\x00\x10\x00" +"\x00\x02\x00\x00" +"\x00\x08\x00\x00" +"\x00\x80\x00\x00" +"\x00\x00\x00\x01" +"\x00\x00\x00\x04" +"\x00\x00\x00\x20" +"\x00\x00\x00\x40" +"\x00\x00\x00\x08" +"\x00\x00\x10\x00" +"\x00\x40\x00\x00" +"\x00\x00\x02\x00" +"\x00\x00\x04\x00" +"\x00\x00\x08\x00" +"\x00\x00\x10\x00" +"\x00\x00\x20\x00" +"\x00\x00\x40\x00" +"\x00\x00\x80\x00" +"\x00\x20\x00\x00" + +#formats +"1TXD" +"2TXD" +"3TXD" +"4TXD" +"5TXD" \ No newline at end of file diff --git a/dictionaries/djvu.dict b/dictionaries/djvu.dict new file mode 100644 index 00000000..1fb8d3ba --- /dev/null +++ b/dictionaries/djvu.dict @@ -0,0 +1,34 @@ +"ANTa" +"ANTz" +"BG2k" +"BG44" +"BGjp" +"BM44" +"CELX" +"DIRM" +"DJVI" +"DJVM" +"DJVU" +"Djbz" +"FAKE" +"FG2k" +"FG44" +"FGbz" +"FGjp" +"FORM" +"INCL" +"INFO" +"LINK" +"METa" +"METz" +"NAVM" +"NDIR" +"PM44" +"SINF" +"Sjbz" +"Smmr" +"TH44" +"THUM" +"TXTa" +"TXTz" +"WMRM" diff --git a/dictionaries/docommand.dict b/dictionaries/docommand.dict new file mode 100644 index 00000000..2d88ebc0 --- /dev/null +++ b/dictionaries/docommand.dict @@ -0,0 +1,688 @@ +#SELECT WORD FROM INFORMATION_SCHEMA.KEYWORDS; +ACCESSIBLE="ACCESSIBLE" +ACCOUNT="ACCOUNT" +ACTION="ACTION" +ACTIVE="ACTIVE" +ADD="ADD" +ADMIN="ADMIN" +AFTER="AFTER" +AGAINST="AGAINST" +AGGREGATE="AGGREGATE" +ALGORITHM="ALGORITHM" +ALL="ALL" +ALTER="ALTER" +ALWAYS="ALWAYS" +ANALYZE="ANALYZE" +AND="AND" +ANY="ANY" +AS="AS" +ASC="ASC" +ASCII="ASCII" +ASENSITIVE="ASENSITIVE" +AT="AT" +AUTOEXTEND_SIZE="AUTOEXTEND_SIZE" +AUTO_INCREMENT="AUTO_INCREMENT" +AVG="AVG" +AVG_ROW_LENGTH="AVG_ROW_LENGTH" +BACKUP="BACKUP" +BEFORE="BEFORE" +BEGIN="BEGIN" +BETWEEN="BETWEEN" +BIGINT="BIGINT" +BINARY="BINARY" +BINLOG="BINLOG" +BIT="BIT" +BLOB="BLOB" +BLOCK="BLOCK" +BOOL="BOOL" +BOOLEAN="BOOLEAN" +BOTH="BOTH" +BTREE="BTREE" +BUCKETS="BUCKETS" +BY="BY" +BYTE="BYTE" +CACHE="CACHE" +CALL="CALL" +CASCADE="CASCADE" +CASCADED="CASCADED" +CASE="CASE" +CATALOG_NAME="CATALOG_NAME" +CHAIN="CHAIN" +CHANGE="CHANGE" +CHANGED="CHANGED" +CHANNEL="CHANNEL" +CHAR="CHAR" +CHARACTER="CHARACTER" +CHARSET="CHARSET" +CHECK="CHECK" +CHECKSUM="CHECKSUM" +CIPHER="CIPHER" +CLASS_ORIGIN="CLASS_ORIGIN" +CLIENT="CLIENT" +CLONE="CLONE" +CLOSE="CLOSE" +COALESCE="COALESCE" +CODE="CODE" +COLLATE="COLLATE" +COLLATION="COLLATION" +COLUMN="COLUMN" +COLUMNS="COLUMNS" +COLUMN_FORMAT="COLUMN_FORMAT" +COLUMN_NAME="COLUMN_NAME" +COMMENT="COMMENT" +COMMIT="COMMIT" +COMMITTED="COMMITTED" +COMPACT="COMPACT" +COMPLETION="COMPLETION" +COMPONENT="COMPONENT" +COMPRESSED="COMPRESSED" +COMPRESSION="COMPRESSION" +CONCURRENT="CONCURRENT" +CONDITION="CONDITION" +CONNECTION="CONNECTION" +CONSISTENT="CONSISTENT" +CONSTRAINT="CONSTRAINT" +CONSTRAINT_CATALOG="CONSTRAINT_CATALOG" +CONSTRAINT_NAME="CONSTRAINT_NAME" +CONSTRAINT_SCHEMA="CONSTRAINT_SCHEMA" +CONTAINS="CONTAINS" +CONTEXT="CONTEXT" +CONTINUE="CONTINUE" +CONVERT="CONVERT" +CPU="CPU" +CREATE="CREATE" +CROSS="CROSS" +CUBE="CUBE" +CUME_DIST="CUME_DIST" +CURRENT="CURRENT" +CURRENT_DATE="CURRENT_DATE" +CURRENT_TIME="CURRENT_TIME" +CURRENT_TIMESTAMP="CURRENT_TIMESTAMP" +CURRENT_USER="CURRENT_USER" +CURSOR="CURSOR" +CURSOR_NAME="CURSOR_NAME" +DATA="DATA" +DATABASE="DATABASE" +DATABASES="DATABASES" +DATAFILE="DATAFILE" +DATE="DATE" +DATETIME="DATETIME" +DAY="DAY" +DAY_HOUR="DAY_HOUR" +DAY_MICROSECOND="DAY_MICROSECOND" +DAY_MINUTE="DAY_MINUTE" +DAY_SECOND="DAY_SECOND" +DEALLOCATE="DEALLOCATE" +DEC="DEC" +DECIMAL="DECIMAL" +DECLARE="DECLARE" +DEFAULT="DEFAULT" +DEFAULT_AUTH="DEFAULT_AUTH" +DEFINER="DEFINER" +DEFINITION="DEFINITION" +DELAYED="DELAYED" +DELAY_KEY_WRITE="DELAY_KEY_WRITE" +DELETE="DELETE" +DENSE_RANK="DENSE_RANK" +DESC="DESC" +DESCRIBE="DESCRIBE" +DESCRIPTION="DESCRIPTION" +DETERMINISTIC="DETERMINISTIC" +DIAGNOSTICS="DIAGNOSTICS" +DIRECTORY="DIRECTORY" +DISABLE="DISABLE" +DISCARD="DISCARD" +DISK="DISK" +DISTINCT="DISTINCT" +DISTINCTROW="DISTINCTROW" +DIV="DIV" +DO="DO" +DOUBLE="DOUBLE" +DROP="DROP" +DUAL="DUAL" +DUMPFILE="DUMPFILE" +DUPLICATE="DUPLICATE" +DYNAMIC="DYNAMIC" +EACH="EACH" +ELSE="ELSE" +ELSEIF="ELSEIF" +EMPTY="EMPTY" +ENABLE="ENABLE" +ENCLOSED="ENCLOSED" +ENCRYPTION="ENCRYPTION" +END="END" +ENDS="ENDS" +ENFORCED="ENFORCED" +ENGINE="ENGINE" +ENGINES="ENGINES" +ENUM="ENUM" +ERROR="ERROR" +ERRORS="ERRORS" +ESCAPE="ESCAPE" +ESCAPED="ESCAPED" +EVENT="EVENT" +EVENTS="EVENTS" +EVERY="EVERY" +EXCEPT="EXCEPT" +EXCHANGE="EXCHANGE" +EXCLUDE="EXCLUDE" +EXECUTE="EXECUTE" +EXISTS="EXISTS" +EXIT="EXIT" +EXPANSION="EXPANSION" +EXPIRE="EXPIRE" +EXPLAIN="EXPLAIN" +EXPORT="EXPORT" +EXTENDED="EXTENDED" +EXTENT_SIZE="EXTENT_SIZE" +FALSE="FALSE" +FAST="FAST" +FAULTS="FAULTS" +FETCH="FETCH" +FIELDS="FIELDS" +FILE="FILE" +FILE_BLOCK_SIZE="FILE_BLOCK_SIZE" +FILTER="FILTER" +FIRST="FIRST" +FIRST_VALUE="FIRST_VALUE" +FIXED="FIXED" +FLOAT="FLOAT" +FLOAT4="FLOAT4" +FLOAT8="FLOAT8" +FLUSH="FLUSH" +FOLLOWING="FOLLOWING" +FOLLOWS="FOLLOWS" +FOR="FOR" +FORCE="FORCE" +FOREIGN="FOREIGN" +FORMAT="FORMAT" +FOUND="FOUND" +FROM="FROM" +FULL="FULL" +FULLTEXT="FULLTEXT" +FUNCTION="FUNCTION" +GENERAL="GENERAL" +GENERATED="GENERATED" +GEOMCOLLECTION="GEOMCOLLECTION" +GEOMETRY="GEOMETRY" +GEOMETRYCOLLECTION="GEOMETRYCOLLECTION" +GET="GET" +GET_FORMAT="GET_FORMAT" +GET_MASTER_PUBLIC_KEY="GET_MASTER_PUBLIC_KEY" +GLOBAL="GLOBAL" +GRANT="GRANT" +GRANTS="GRANTS" +GROUP="GROUP" +GROUPING="GROUPING" +GROUPS="GROUPS" +GROUP_REPLICATION="GROUP_REPLICATION" +HANDLER="HANDLER" +HASH="HASH" +HAVING="HAVING" +HELP="HELP" +HIGH_PRIORITY="HIGH_PRIORITY" +HISTOGRAM="HISTOGRAM" +HISTORY="HISTORY" +HOST="HOST" +HOSTS="HOSTS" +HOUR="HOUR" +HOUR_MICROSECOND="HOUR_MICROSECOND" +HOUR_MINUTE="HOUR_MINUTE" +HOUR_SECOND="HOUR_SECOND" +IDENTIFIED="IDENTIFIED" +IF="IF" +IGNORE="IGNORE" +IGNORE_SERVER_IDS="IGNORE_SERVER_IDS" +IMPORT="IMPORT" +IN="IN" +INACTIVE="INACTIVE" +INDEX="INDEX" +INDEXES="INDEXES" +INFILE="INFILE" +INITIAL_SIZE="INITIAL_SIZE" +INNER="INNER" +INOUT="INOUT" +INSENSITIVE="INSENSITIVE" +INSERT="INSERT" +INSERT_METHOD="INSERT_METHOD" +INSTALL="INSTALL" +INSTANCE="INSTANCE" +INT="INT" +INT1="INT1" +INT2="INT2" +INT3="INT3" +INT4="INT4" +INT8="INT8" +INTEGER="INTEGER" +INTERVAL="INTERVAL" +INTO="INTO" +INVISIBLE="INVISIBLE" +INVOKER="INVOKER" +IO="IO" +IO_AFTER_GTIDS="IO_AFTER_GTIDS" +IO_BEFORE_GTIDS="IO_BEFORE_GTIDS" +IO_THREAD="IO_THREAD" +IPC="IPC" +IS="IS" +ISOLATION="ISOLATION" +ISSUER="ISSUER" +ITERATE="ITERATE" +JOIN="JOIN" +JSON="JSON" +JSON_TABLE="JSON_TABLE" +KEY="KEY" +KEYS="KEYS" +KEY_BLOCK_SIZE="KEY_BLOCK_SIZE" +KILL="KILL" +LAG="LAG" +LANGUAGE="LANGUAGE" +LAST="LAST" +LAST_VALUE="LAST_VALUE" +LATERAL="LATERAL" +LEAD="LEAD" +LEADING="LEADING" +LEAVE="LEAVE" +LEAVES="LEAVES" +LEFT="LEFT" +LESS="LESS" +LEVEL="LEVEL" +LIKE="LIKE" +LIMIT="LIMIT" +LINEAR="LINEAR" +LINES="LINES" +LINESTRING="LINESTRING" +LIST="LIST" +LOAD="LOAD" +LOCAL="LOCAL" +LOCALTIME="LOCALTIME" +LOCALTIMESTAMP="LOCALTIMESTAMP" +LOCK="LOCK" +LOCKED="LOCKED" +LOCKS="LOCKS" +LOGFILE="LOGFILE" +LOGS="LOGS" +LONG="LONG" +LONGBLOB="LONGBLOB" +LONGTEXT="LONGTEXT" +LOOP="LOOP" +LOW_PRIORITY="LOW_PRIORITY" +MASTER="MASTER" +MASTER_AUTO_POSITION="MASTER_AUTO_POSITION" +MASTER_BIND="MASTER_BIND" +MASTER_CONNECT_RETRY="MASTER_CONNECT_RETRY" +MASTER_DELAY="MASTER_DELAY" +MASTER_HEARTBEAT_PERIOD="MASTER_HEARTBEAT_PERIOD" +MASTER_HOST="MASTER_HOST" +MASTER_LOG_FILE="MASTER_LOG_FILE" +MASTER_LOG_POS="MASTER_LOG_POS" +MASTER_PASSWORD="MASTER_PASSWORD" +MASTER_PORT="MASTER_PORT" +MASTER_PUBLIC_KEY_PATH="MASTER_PUBLIC_KEY_PATH" +MASTER_RETRY_COUNT="MASTER_RETRY_COUNT" +MASTER_SERVER_ID="MASTER_SERVER_ID" +MASTER_SSL="MASTER_SSL" +MASTER_SSL_CA="MASTER_SSL_CA" +MASTER_SSL_CAPATH="MASTER_SSL_CAPATH" +MASTER_SSL_CERT="MASTER_SSL_CERT" +MASTER_SSL_CIPHER="MASTER_SSL_CIPHER" +MASTER_SSL_CRL="MASTER_SSL_CRL" +MASTER_SSL_CRLPATH="MASTER_SSL_CRLPATH" +MASTER_SSL_KEY="MASTER_SSL_KEY" +MASTER_SSL_VERIFY_SERVER_CERT="MASTER_SSL_VERIFY_SERVER_CERT" +MASTER_TLS_VERSION="MASTER_TLS_VERSION" +MASTER_USER="MASTER_USER" +MATCH="MATCH" +MAXVALUE="MAXVALUE" +MAX_CONNECTIONS_PER_HOUR="MAX_CONNECTIONS_PER_HOUR" +MAX_QUERIES_PER_HOUR="MAX_QUERIES_PER_HOUR" +MAX_ROWS="MAX_ROWS" +MAX_SIZE="MAX_SIZE" +MAX_UPDATES_PER_HOUR="MAX_UPDATES_PER_HOUR" +MAX_USER_CONNECTIONS="MAX_USER_CONNECTIONS" +MEDIUM="MEDIUM" +MEDIUMBLOB="MEDIUMBLOB" +MEDIUMINT="MEDIUMINT" +MEDIUMTEXT="MEDIUMTEXT" +MEMORY="MEMORY" +MERGE="MERGE" +MESSAGE_TEXT="MESSAGE_TEXT" +MICROSECOND="MICROSECOND" +MIDDLEINT="MIDDLEINT" +MIGRATE="MIGRATE" +MINUTE="MINUTE" +MINUTE_MICROSECOND="MINUTE_MICROSECOND" +MINUTE_SECOND="MINUTE_SECOND" +MIN_ROWS="MIN_ROWS" +MOD="MOD" +MODE="MODE" +MODIFIES="MODIFIES" +MODIFY="MODIFY" +MONTH="MONTH" +MULTILINESTRING="MULTILINESTRING" +MULTIPOINT="MULTIPOINT" +MULTIPOLYGON="MULTIPOLYGON" +MUTEX="MUTEX" +MYSQL_ERRNO="MYSQL_ERRNO" +NAME="NAME" +NAMES="NAMES" +NATIONAL="NATIONAL" +NATURAL="NATURAL" +NCHAR="NCHAR" +NDB="NDB" +NDBCLUSTER="NDBCLUSTER" +NESTED="NESTED" +NETWORK_NAMESPACE="NETWORK_NAMESPACE" +NEVER="NEVER" +NEW="NEW" +NEXT="NEXT" +NO="NO" +NODEGROUP="NODEGROUP" +NONE="NONE" +NOT="NOT" +NOWAIT="NOWAIT" +NO_WAIT="NO_WAIT" +NO_WRITE_TO_BINLOG="NO_WRITE_TO_BINLOG" +NTH_VALUE="NTH_VALUE" +NTILE="NTILE" +NULL="NULL" +NULLS="NULLS" +NUMBER="NUMBER" +NUMERIC="NUMERIC" +NVARCHAR="NVARCHAR" +OF="OF" +OFFSET="OFFSET" +OJ="OJ" +OLD="OLD" +ON="ON" +ONE="ONE" +ONLY="ONLY" +OPEN="OPEN" +OPTIMIZE="OPTIMIZE" +OPTIMIZER_COSTS="OPTIMIZER_COSTS" +OPTION="OPTION" +OPTIONAL="OPTIONAL" +OPTIONALLY="OPTIONALLY" +OPTIONS="OPTIONS" +OR="OR" +ORDER="ORDER" +ORDINALITY="ORDINALITY" +ORGANIZATION="ORGANIZATION" +OTHERS="OTHERS" +OUT="OUT" +OUTER="OUTER" +OUTFILE="OUTFILE" +OVER="OVER" +OWNER="OWNER" +PACK_KEYS="PACK_KEYS" +PAGE="PAGE" +PARSER="PARSER" +PARTIAL="PARTIAL" +PARTITION="PARTITION" +PARTITIONING="PARTITIONING" +PARTITIONS="PARTITIONS" +PASSWORD="PASSWORD" +PATH="PATH" +PERCENT_RANK="PERCENT_RANK" +PERSIST="PERSIST" +PERSIST_ONLY="PERSIST_ONLY" +PHASE="PHASE" +PLUGIN="PLUGIN" +PLUGINS="PLUGINS" +PLUGIN_DIR="PLUGIN_DIR" +POINT="POINT" +POLYGON="POLYGON" +PORT="PORT" +PRECEDES="PRECEDES" +PRECEDING="PRECEDING" +PRECISION="PRECISION" +PREPARE="PREPARE" +PRESERVE="PRESERVE" +PREV="PREV" +PRIMARY="PRIMARY" +PRIVILEGES="PRIVILEGES" +PROCEDURE="PROCEDURE" +PROCESS="PROCESS" +PROCESSLIST="PROCESSLIST" +PROFILE="PROFILE" +PROFILES="PROFILES" +PROXY="PROXY" +PURGE="PURGE" +QUARTER="QUARTER" +QUERY="QUERY" +QUICK="QUICK" +RANGE="RANGE" +RANK="RANK" +READ="READ" +READS="READS" +READ_ONLY="READ_ONLY" +READ_WRITE="READ_WRITE" +REAL="REAL" +REBUILD="REBUILD" +RECOVER="RECOVER" +RECURSIVE="RECURSIVE" +REDO_BUFFER_SIZE="REDO_BUFFER_SIZE" +REDUNDANT="REDUNDANT" +REFERENCE="REFERENCE" +REFERENCES="REFERENCES" +REGEXP="REGEXP" +RELAY="RELAY" +RELAYLOG="RELAYLOG" +RELAY_LOG_FILE="RELAY_LOG_FILE" +RELAY_LOG_POS="RELAY_LOG_POS" +RELAY_THREAD="RELAY_THREAD" +RELEASE="RELEASE" +RELOAD="RELOAD" +REMOVE="REMOVE" +RENAME="RENAME" +REORGANIZE="REORGANIZE" +REPAIR="REPAIR" +REPEAT="REPEAT" +REPEATABLE="REPEATABLE" +REPLACE="REPLACE" +REPLICATE_DO_DB="REPLICATE_DO_DB" +REPLICATE_DO_TABLE="REPLICATE_DO_TABLE" +REPLICATE_IGNORE_DB="REPLICATE_IGNORE_DB" +REPLICATE_IGNORE_TABLE="REPLICATE_IGNORE_TABLE" +REPLICATE_REWRITE_DB="REPLICATE_REWRITE_DB" +REPLICATE_WILD_DO_TABLE="REPLICATE_WILD_DO_TABLE" +REPLICATE_WILD_IGNORE_TABLE="REPLICATE_WILD_IGNORE_TABLE" +REPLICATION="REPLICATION" +REQUIRE="REQUIRE" +RESET="RESET" +RESIGNAL="RESIGNAL" +RESOURCE="RESOURCE" +RESPECT="RESPECT" +RESTART="RESTART" +RESTORE="RESTORE" +RESTRICT="RESTRICT" +RESUME="RESUME" +RETAIN="RETAIN" +RETURN="RETURN" +RETURNED_SQLSTATE="RETURNED_SQLSTATE" +RETURNS="RETURNS" +REUSE="REUSE" +REVERSE="REVERSE" +REVOKE="REVOKE" +RIGHT="RIGHT" +RLIKE="RLIKE" +ROLE="ROLE" +ROLLBACK="ROLLBACK" +ROLLUP="ROLLUP" +ROTATE="ROTATE" +ROUTINE="ROUTINE" +ROW="ROW" +ROWS="ROWS" +ROW_COUNT="ROW_COUNT" +ROW_FORMAT="ROW_FORMAT" +ROW_NUMBER="ROW_NUMBER" +RTREE="RTREE" +SAVEPOINT="SAVEPOINT" +SCHEDULE="SCHEDULE" +SCHEMA="SCHEMA" +SCHEMAS="SCHEMAS" +SCHEMA_NAME="SCHEMA_NAME" +SECOND="SECOND" +SECONDARY="SECONDARY" +SECONDARY_ENGINE="SECONDARY_ENGINE" +SECONDARY_LOAD="SECONDARY_LOAD" +SECONDARY_UNLOAD="SECONDARY_UNLOAD" +SECOND_MICROSECOND="SECOND_MICROSECOND" +SECURITY="SECURITY" +SELECT="SELECT" +SENSITIVE="SENSITIVE" +SEPARATOR="SEPARATOR" +SERIAL="SERIAL" +SERIALIZABLE="SERIALIZABLE" +SERVER="SERVER" +SESSION="SESSION" +SET="SET" +SHARE="SHARE" +SHOW="SHOW" +SHUTDOWN="SHUTDOWN" +SIGNAL="SIGNAL" +SIGNED="SIGNED" +SIMPLE="SIMPLE" +SKIP="SKIP" +SLAVE="SLAVE" +SLOW="SLOW" +SMALLINT="SMALLINT" +SNAPSHOT="SNAPSHOT" +SOCKET="SOCKET" +SOME="SOME" +SONAME="SONAME" +SOUNDS="SOUNDS" +SOURCE="SOURCE" +SPATIAL="SPATIAL" +SPECIFIC="SPECIFIC" +SQL="SQL" +SQLEXCEPTION="SQLEXCEPTION" +SQLSTATE="SQLSTATE" +SQLWARNING="SQLWARNING" +SQL_AFTER_GTIDS="SQL_AFTER_GTIDS" +SQL_AFTER_MTS_GAPS="SQL_AFTER_MTS_GAPS" +SQL_BEFORE_GTIDS="SQL_BEFORE_GTIDS" +SQL_BIG_RESULT="SQL_BIG_RESULT" +SQL_BUFFER_RESULT="SQL_BUFFER_RESULT" +SQL_CALC_FOUND_ROWS="SQL_CALC_FOUND_ROWS" +SQL_NO_CACHE="SQL_NO_CACHE" +SQL_SMALL_RESULT="SQL_SMALL_RESULT" +SQL_THREAD="SQL_THREAD" +SQL_TSI_DAY="SQL_TSI_DAY" +SQL_TSI_HOUR="SQL_TSI_HOUR" +SQL_TSI_MINUTE="SQL_TSI_MINUTE" +SQL_TSI_MONTH="SQL_TSI_MONTH" +SQL_TSI_QUARTER="SQL_TSI_QUARTER" +SQL_TSI_SECOND="SQL_TSI_SECOND" +SQL_TSI_WEEK="SQL_TSI_WEEK" +SQL_TSI_YEAR="SQL_TSI_YEAR" +SRID="SRID" +SSL="SSL" +STACKED="STACKED" +START="START" +STARTING="STARTING" +STARTS="STARTS" +STATS_AUTO_RECALC="STATS_AUTO_RECALC" +STATS_PERSISTENT="STATS_PERSISTENT" +STATS_SAMPLE_PAGES="STATS_SAMPLE_PAGES" +STATUS="STATUS" +STOP="STOP" +STORAGE="STORAGE" +STORED="STORED" +STRAIGHT_JOIN="STRAIGHT_JOIN" +STRING="STRING" +SUBCLASS_ORIGIN="SUBCLASS_ORIGIN" +SUBJECT="SUBJECT" +SUBPARTITION="SUBPARTITION" +SUBPARTITIONS="SUBPARTITIONS" +SUPER="SUPER" +SUSPEND="SUSPEND" +SWAPS="SWAPS" +SWITCHES="SWITCHES" +SYSTEM="SYSTEM" +TABLE="TABLE" +TABLES="TABLES" +TABLESPACE="TABLESPACE" +TABLE_CHECKSUM="TABLE_CHECKSUM" +TABLE_NAME="TABLE_NAME" +TEMPORARY="TEMPORARY" +TEMPTABLE="TEMPTABLE" +TERMINATED="TERMINATED" +TEXT="TEXT" +THAN="THAN" +THEN="THEN" +THREAD_PRIORITY="THREAD_PRIORITY" +TIES="TIES" +TIME="TIME" +TIMESTAMP="TIMESTAMP" +TIMESTAMPADD="TIMESTAMPADD" +TIMESTAMPDIFF="TIMESTAMPDIFF" +TINYBLOB="TINYBLOB" +TINYINT="TINYINT" +TINYTEXT="TINYTEXT" +TO="TO" +TRAILING="TRAILING" +TRANSACTION="TRANSACTION" +TRIGGER="TRIGGER" +TRIGGERS="TRIGGERS" +TRUE="TRUE" +TRUNCATE="TRUNCATE" +TYPE="TYPE" +TYPES="TYPES" +UNBOUNDED="UNBOUNDED" +UNCOMMITTED="UNCOMMITTED" +UNDEFINED="UNDEFINED" +UNDO="UNDO" +UNDOFILE="UNDOFILE" +UNDO_BUFFER_SIZE="UNDO_BUFFER_SIZE" +UNICODE="UNICODE" +UNINSTALL="UNINSTALL" +UNION="UNION" +UNIQUE="UNIQUE" +UNKNOWN="UNKNOWN" +UNLOCK="UNLOCK" +UNSIGNED="UNSIGNED" +UNTIL="UNTIL" +UPDATE="UPDATE" +UPGRADE="UPGRADE" +USAGE="USAGE" +USE="USE" +USER="USER" +USER_RESOURCES="USER_RESOURCES" +USE_FRM="USE_FRM" +USING="USING" +UTC_DATE="UTC_DATE" +UTC_TIME="UTC_TIME" +UTC_TIMESTAMP="UTC_TIMESTAMP" +VALIDATION="VALIDATION" +VALUE="VALUE" +VALUES="VALUES" +VARBINARY="VARBINARY" +VARCHAR="VARCHAR" +VARCHARACTER="VARCHARACTER" +VARIABLES="VARIABLES" +VARYING="VARYING" +VCPU="VCPU" +VIEW="VIEW" +VIRTUAL="VIRTUAL" +VISIBLE="VISIBLE" +WAIT="WAIT" +WARNINGS="WARNINGS" +WEEK="WEEK" +WEIGHT_STRING="WEIGHT_STRING" +WHEN="WHEN" +WHERE="WHERE" +WHILE="WHILE" +WINDOW="WINDOW" +WITH="WITH" +WITHOUT="WITHOUT" +WORK="WORK" +WRAPPER="WRAPPER" +WRITE="WRITE" +X509="X509" +XA="XA" +XID="XID" +XML="XML" +XOR="XOR" +YEAR="YEAR" +YEAR_MONTH="YEAR_MONTH" +ZEROFILL="ZEROFILL" diff --git a/dictionaries/exif.dict b/dictionaries/exif.dict new file mode 100644 index 00000000..08c71bbc --- /dev/null +++ b/dictionaries/exif.dict @@ -0,0 +1,222 @@ +"\x00\x01" +"\x00\x02" +"\x00\x10" +"\x00\x90" +"\x00\xa0" +"\x00\xa3" +"\x00\xa5" +"\x00\xfe" +"\x01\x00" +"\x01\x01" +"\x01\x02" +"\x01\x03" +"\x01\x06" +"\x01\x0a" +"\x01\x0d" +"\x01\x0e" +"\x01\x0f" +"\x01\x10" +"\x01\x11" +"\x01\x12" +"\x01\x15" +"\x01\x16" +"\x01\x17" +"\x01\x1a" +"\x01\x1b" +"\x01\x1c" +"\x01\x28" +"\x01\x2d" +"\x01\x31" +"\x01\x32" +"\x01\x3b" +"\x01\x3e" +"\x01\x3f" +"\x01\x4a" +"\x01\x56" +"\x01\x91" +"\x01\x92" +"\x01\xa0" +"\x01\xa3" +"\x01\xa4" +"\x02\x00" +"\x02\x01" +"\x02\x02" +"\x02\x10" +"\x02\x11" +"\x02\x12" +"\x02\x13" +"\x02\x14" +"\x02\x91" +"\x02\x92" +"\x02\xa0" +"\x02\xa3" +"\x02\xa4" +"\x02\xbc" +"\x03\x01" +"\x03\x90" +"\x03\x92" +"\x03\xa0" +"\x03\xa4" +"\x04\x90" +"\x04\x92" +"\x04\xa0" +"\x04\xa4" +"\x05\x92" +"\x05\xa0" +"\x05\xa4" +"\x06\x01" +"\x06\x92" +"\x06\xa4" +"\x07\x92" +"\x07\xa4" +"\x08\x92" +"\x08\xa4" +"\x09\x92" +"\x09\xa4" +"\x0a\x01" +"\x0a\x92" +"\x0a\xa4" +"\x0b\xa2" +"\x0b\xa4" +"\x0c\xa2" +"\x0c\xa4" +"\x0d\x01" +"\x0e\x01" +"\x0e\xa2" +"\x0f\x01" +"\x0f\xa2" +"\x10\x00" +"\x10\x01" +"\x10\x02" +"\x10\xa2" +"\x11\x01" +"\x11\x02" +"\x12\x01" +"\x12\x02" +"\x13\x02" +"\x14\x02" +"\x14\x92" +"\x14\xa2" +"\x15\x01" +"\x15\xa2" +"\x16\x01" +"\x16\x92" +"\x17\x01" +"\x17\xa2" +"\x1a\x01" +"\x1b\x01" +"\x1c\x01" +"\x1c\xea" +"\x20\xa4" +"\x22\x88" +"\x24\x88" +"\x25\x88" +"\x27\x88" +"\x28\x01" +"\x28\x88" +"\x2a\x88" +"\x2d\x01" +"\x31\x01" +"\x32\x01" +"\x3b\x01" +"\x3e\x01" +"\x3f\x01" +"\x49\x86" +"\x4a\x01" +"\x56\x01" +"\x69\x87" +"\x73\x87" +"\x7c\x92" +"\x82\x8d" +"\x82\x8e" +"\x82\x8f" +"\x82\x98" +"\x82\x9a" +"\x82\x9d" +"\x83\xbb" +"\x86\x49" +"\x86\x92" +"\x87\x69" +"\x87\x73" +"\x88\x22" +"\x88\x24" +"\x88\x25" +"\x88\x27" +"\x88\x28" +"\x88\x2a" +"\x8d\x82" +"\x8e\x82" +"\x8f\x82" +"\x90\x00" +"\x90\x03" +"\x90\x04" +"\x90\x92" +"\x91\x01" +"\x91\x02" +"\x91\x92" +"\x92\x01" +"\x92\x02" +"\x92\x03" +"\x92\x04" +"\x92\x05" +"\x92\x06" +"\x92\x07" +"\x92\x08" +"\x92\x09" +"\x92\x0a" +"\x92\x14" +"\x92\x16" +"\x92\x7c" +"\x92\x86" +"\x92\x90" +"\x92\x91" +"\x92\x92" +"\x98\x82" +"\x9a\x82" +"\x9b\x9c" +"\x9c\x9b" +"\x9c\x9c" +"\x9c\x9d" +"\x9c\x9e" +"\x9c\x9f" +"\x9d\x82" +"\x9d\x9c" +"\x9e\x9c" +"\x9f\x9c" +"\xa0\x00" +"\xa0\x01" +"\xa0\x02" +"\xa0\x03" +"\xa0\x04" +"\xa0\x05" +"\xa2\x0b" +"\xa2\x0c" +"\xa2\x0e" +"\xa2\x0f" +"\xa2\x10" +"\xa2\x14" +"\xa2\x15" +"\xa2\x17" +"\xa3\x00" +"\xa3\x01" +"\xa3\x02" +"\xa4\x01" +"\xa4\x02" +"\xa4\x03" +"\xa4\x04" +"\xa4\x05" +"\xa4\x06" +"\xa4\x07" +"\xa4\x08" +"\xa4\x09" +"\xa4\x0a" +"\xa4\x0b" +"\xa4\x0c" +"\xa4\x20" +"\xa5\x00" +"\xa5\xc4" +"\xbb\x83" +"\xbc\x02" +"\xc4\xa5" +"\xea\x1c" +"\xfe\x00" diff --git a/dictionaries/fbs.dict b/dictionaries/fbs.dict new file mode 100644 index 00000000..1636d920 --- /dev/null +++ b/dictionaries/fbs.dict @@ -0,0 +1,42 @@ +# spec: https://google.github.io/flatbuffers/flatbuffers_grammar.html + +attribute="attribute" +bool="bool" +byte="byte" +double="double" +enum="enum" +false="false" +file_extension="file_extension" +float32="float32" +float64="float64" +float="float" +include="include" +inf="inf" +infinity="infinity" +int16="int16" +int32="int32" +int64="int64" +int8="int8" +int="int" +long="long" +namespace="namespace" +nan="nan" +root_type="root_type" +root_type="root_type" +rpc_service="rpc_service" +short="short" +string="string" +struct="struct" +table="table" +true="true" +ubyte="ubyte" +uint16="uint16" +uint32="uint32" +uint64="uint64" +uint="uint" +ulong="ulong" +union="union" +ushort="ushort" + +separator=":" +eol=";" \ No newline at end of file diff --git a/dictionaries/graphviz.dict b/dictionaries/graphviz.dict new file mode 100644 index 00000000..0b034b36 --- /dev/null +++ b/dictionaries/graphviz.dict @@ -0,0 +1,373 @@ +# Semi-manually curated list of interesting words within a graphviz input file. +# TODO(robhart): Consider expanding from: +# - htmllex.c +# - ? +# Not included exhaustive list of colortables, fontnames, etc. that are unlikely +# to influence core graphviz behaviour. + +# Attributes (from http://www.graphviz.org/doc/info/attrs.html) +"Damping" +"K" +"URL" +"_background" +"area" +"arrowhead" +"arrowsize" +"arrowtail" +"bb" +"bgcolor" +"colorList" +"center" +"charset" +"clusterrank" +"color" +"colorList" +"colorscheme" +"comment" +"compound" +"concentrate" +"constraint" +"decorate" +"defaultdist" +"dim" +"dimen" +"dir" +"diredgeconstraints" +"distortion" +"dpi" +"edgeURL" +"edgehref" +"edgetarget" +"edgetooltip" +"epsilon" +"esep" +"fillcolor" +"fixedsize" +"fontcolor" +"fontname" +"fontnames" +"fontpath" +"fontsize" +"forcelabels" +"gradientangle" +"group" +"headURL" +"head_lp" +"headclip" +"headhref" +"headlabel" +"headport" +"headtarget" +"headtooltip" +"height" +"href" +"id" +"image" +"imagepath" +"imagescale" +"inputscale" +"label" +"labelURL" +"label_scheme" +"labelangle" +"labeldistance" +"labelfloat" +"labelfontcolor" +"labelfontname" +"labelfontsize" +"labelhref" +"labeljust" +"labelloc" +"labeltarget" +"labeltooltip" +"landscape" +"layer" +"layerlistsep" +"layers" +"layerselect" +"layersep" +"layout" +"len" +"levels" +"levelsgap" +"lhead" +"lheight" +"lp" +"ltail" +"lwidth" +"margin" +"maxiter" +"mclimit" +"mindist" +"minlen" +"mode" +"model" +"mosek" +"newrank" +"nodesep" +"nojustify" +"normalize" +"notranslate" +"nslimit " +"nslimit1" +"ordering" +"orientation" +"OrientationGraph" +"outputorder" +"overlap" +"overlap_scaling" +"overlap_shrink" +"pack" +"packmode" +"pad" +"point" +"page" +"point" +"pagedir" +"pencolor" +"penwidth" +"peripheries" +"pin" +"pos" +"splineType" +"quadtree" +"quantum" +"rank" +"rankdir" +"ranksep" +"ratio" +"string" +"rects" +"regular" +"remincross" +"RemoveOverlaps" +"repulsiveforce" +"resolution" +"root" +"rotate" +"rotation" +"samehead" +"sametail" +"samplepoints" +"scale" +"searchsize" +"sep" +"setlinewidth" +"shape" +"shapefile" +"showboxes" +"sides" +"size" +"skew" +"smoothing" +"sortv" +"splines" +"string" +"start" +"style" +"stylesheet" +"tailURL" +"tail_lp" +"tailclip" +"tailhref" +"taillabel" +"tailport" +"tailtarget" +"tailtooltip" +"target" +"tooltip" +"truecolor" +"vertices" +"viewport" +"voro_margin" +"weight" +"width" +"xdotversion" +"xlabel" +"xlp" +"z" + +# Shapes (from shapes.c) +"box" +"polygon" +"ellipse" +"oval" +"circle" +"point" +"egg" +"triangle" +"none" +"plaintext" +"plain" +"diamond" +"trapezium" +"parallelogram" +"house" +"pentagon" +"hexagon" +"septagon" +"octagon" +"note" +"tab" +"folder" +"box3d" +"component" +"cylinder" +"rect" +"rectangle" +"square" +"doublecircle" +"doubleoctagon" +"tripleoctagon" +"invtriangle" +"invtrapezium" +"invhouse" +"underline" +"Mdiamond" +"Msquare" +"Mcircle" +"DotGraphs" + +"promoter" +"cds" +"terminator" +"utr" +"insulator" +"ribosite" +"rnastab" +"proteasesite" +"proteinstab" + +"primersite" +"restrictionsite" +"fivepoverhang" +"threepoverhang" +"noverhang" +"assembly" +"signature" +"rpromoter" +"larrow" +"rarrow" +"lpromoter" + +"record" +"Mrecord" +"epsf" +"star" + +# styles +"bold" +"dashed" +"diagonals" +"dotted" +"filled" +"invis" +"radial" +"rounded" +"solid" +"striped" +"tapered" +"wedged" + + +# misc -- https://graphviz.gitlab.io/_pages/doc/info/lang.html +"node" +"edge" +"digraph" +"subgraph" +"strict" +"same" +"->" +"--" +" {A B} " +" a -- b " +# Special value for the "shape" attribute +"epsf" + +# html +"=\"" +"<table" +"<tr" +"<td" +"<font" +"<br" +"<img" +"<i" +"<b" +"<u" +"<o" +"<sub" +"<sup" +"<s" +"<hr" +"<vr" + +# html attributes +"align" +"balign" +"bgcolor" +"border" +"cellborder" +"cellpadding" +"cellspacing" +"color" +"colspan" +"columns" +"face" +"fixedsize" +"gradientangle" +"height" +"href" +"id" +"point-size" +"port" +"rows" +"rowspan" +"scale" +"sides" +"src" +"style" +"target" +"title" +"tooltip" +"valign" +"width" + +# arrow spaces +"box" +"crow" +"curve" +"icurve" +"diamond" +"dot" +"inv" +"none" +"normal" +"tee" +"vee" + + +# Examples of parameters +"%f" +"50,50,.5,'2.8 BSD'" +"100,100,2,450,-1" +"none" +"avg_dist" +"graph_dist" +"power_dist" +"rng" +"spring" +"triangle" +"same" +"min" +"source" +"max" +"sink" +"node" +"clust" +"graph" +"array_flags" +"%2x" +"%s" +"%99$p" +"%n" diff --git a/dictionaries/heif.dict b/dictionaries/heif.dict new file mode 100644 index 00000000..ec279df7 --- /dev/null +++ b/dictionaries/heif.dict @@ -0,0 +1,76 @@ +# https://standards.iso.org/ittf/PubliclyAvailableStandards/c066067_ISO_IEC_23008-12_2017.zip + +"altr" +"auxC" +"auxc" +"auxi" +"auxv" +"avcC" +"avci" +"avcs" +"ccst" +"cdsc" +"clap" +"colr" +"dimg" +"dinf" +"dref" +"elst" +"equi" +"free" +"frma" +"ftyp" +"grid" +"grp1" +"hdlr" +"heic" +"heim" +"heis" +"heix" +"hevc" +"hevx" +"hvc1" +"hvc2" +"hvcC" +"idat" +"iden" +"iinf" +"iloc" +"imir" +"infe" +"iovl" +"ipro" +"iprp" +"iref" +"irot" +"ispe" +"jpeg" +"jpgC" +"jpgs" +"lhv1" +"lhvC" +"lsel" +"mdat" +"meta" +"mif1" +"mime" +"mjpg" +"msf1" +"oinf" +"pasp" +"pict" +"pitm" +"pixi" +"refs" +"rloc" +"schi" +"schm" +"sgpd" +"sinf" +"skip" +"stsz" +"subs" +"thmb" +"tkhd" +"tols" +"trak" diff --git a/dictionaries/hoextdown.dict b/dictionaries/hoextdown.dict new file mode 100644 index 00000000..b06783c9 --- /dev/null +++ b/dictionaries/hoextdown.dict @@ -0,0 +1,49 @@ +asterisk="*" +attr_generic=" a=\"1\"" +attr_href=" href=\"1\"" +attr_xml_lang=" xml:lang=\"1\"" +attr_xmlns=" xmlns=\"1\"" +backslash="\\" +backtick="`" +colon=":" +dashes="---" +double_quote="\"" +entity_builtin="<" +entity_decimal="" +entity_external="&a;" +entity_hex="" +equals="===" +exclamation="!" +greater_than=">" +hash="#" +hyphen="-" +indent=" " +left_bracket="[" +left_paren="(" +less_than="<" +plus="+" +right_bracket="]" +right_paren=")" +single_quote="'" +string_any="ANY" +string_brackets="[]" +string_cdata="CDATA" +string_dashes="--" +string_empty_dblquotes="\"\"" +string_empty_quotes="''" +string_idrefs="IDREFS" +string_parentheses="()" +string_pcdata="#PCDATA" +tag_cdata="<![CDATA[" +tag_close="</a>" +tag_doctype="<!DOCTYPE" +tag_element="<!ELEMENT" +tag_entity="<!ENTITY" +tag_notation="<!NOTATION" +tag_open="<a>" +tag_open_close="<a />" +tag_open_exclamation="<!" +tag_open_q="<?" +tag_sq2_close="]]>" +tag_xml_q="<?xml?>" +underscore="_" diff --git a/dictionaries/http.dict b/dictionaries/http.dict new file mode 100644 index 00000000..60ed1fbf --- /dev/null +++ b/dictionaries/http.dict @@ -0,0 +1,119 @@ +# Sources: https://en.wikipedia.org/wiki/List_of_HTTP_header_fields + +# misc +"HTTP/1.1" + +# verbs +"CONNECT" +"DELETE" +"GET" +"HEAD" +"OPTIONS" +"PATCH" +"POST" +"PUT" +"TRACE" + + +# Fields +"A-IM" +"Accept" +"Accept-Charset" +"Accept-Datetime" +"Accept-Encoding" +"Accept-Language" +"Accept-Patch" +"Accept-Ranges" +"Access-Control-Allow-Credentials" +"Access-Control-Allow-Headers" +"Access-Control-Allow-Methods" +"Access-Control-Allow-Origin" +"Access-Control-Expose-Headers" +"Access-Control-Max-Age" +"Access-Control-Request-Headers" +"Access-Control-Request-Method" +"Age" +"Allow" +"Alt-Svc" +"Authorization" +"Cache-Control" +"Connection" +"Connection:" +"Content-Disposition" +"Content-Encoding" +"Content-Language" +"Content-Length" +"Content-Location" +"Content-MD5" +"Content-Range" +"Content-Security-Policy" +"Content-Type" +"Cookie" +"DNT" +"Date" +"Delta-Base" +"ETag" +"Expect" +"Expires" +"Forwarded" +"From" +"Front-End-Https" +"HTTP2-Settings" +"Host" +"IM" +"If-Match" +"If-Modified-Since" +"If-None-Match" +"If-Range" +"If-Unmodified-Since" +"Last-Modified" +"Link" +"Location" +"Max-Forwards" +"Origin" +"P3P " +"Pragma" +"Proxy-Authenticate" +"Proxy-Authorization" +"Proxy-Connection" +"Public-Key-Pins" +"Range" +"Referer" +"Refresh" +"Retry-After" +"Save-Data" +"Server" +"Set-Cookie" +"Status" +"Strict-Transport-Security" +"TE" +"Timing-Allow-Origin" +"Tk" +"Trailer" +"Transfer-Encoding" +"Upgrade" +"Upgrade-Insecure-Requests" +"User-Agent" +"Vary" +"Via" +"WWW-Authenticate" +"Warning" +"X-ATT-DeviceId" +"X-Content-Duration" +"X-Content-Security-Policy" +"X-Content-Type-Options" +"X-Correlation-ID" +"X-Csrf-Token" +"X-Forwarded-For" +"X-Forwarded-Host" +"X-Forwarded-Proto" +"X-Frame-Options" +"X-Http-Method-Override" +"X-Powered-By" +"X-Request-ID" +"X-Requested-With" +"X-UA-Compatible" +"X-UIDH" +"X-Wap-Profile" +"X-WebKit-CSP" +"X-XSS-Protection" diff --git a/dictionaries/icc.dict b/dictionaries/icc.dict new file mode 100644 index 00000000..058704c0 --- /dev/null +++ b/dictionaries/icc.dict @@ -0,0 +1,591 @@ +# See http://www.color.org/specification/ICC.2-2019.pdf + +magic="acsp" + +# spectral encoding +"rs" +"ts" +"es" +"bs" +"sm" +"mc" + +# Profile classes +"scnr" +"mntr" +"prtr" +"link" +"spac" +"abst" +"nmcl" +"cenc" +"mod " +"mlnk" +"mvis" + +# Data colour space field +"XYZ " +"Lab " +"Luv " +"YVbr" +"Yxy " +"LMS " +"RGB " +"GRAY" +"HSV " +"HLS " +"CMYK" +"CMY " +"2CLR" +"3CLR" +"4CLR" +"5CLR" +"6CLR" +"7CLR" +"8CLR" +"9CLR" +"ACLR" +"BCLR" +"CCLR" +"DCLR" +"ECLR" +"FCLR" +"nc" +"YCC" + +# primary platforms +"APPL" +"MSFT" +"SGI " +"SUNW" + + +# Tags +"A2B0" +"A2B1" +"A2B2" +"A2B3" +"A2M0" +"bcp0" +"bcp1" +"bcp2" +"bcp3" +"bsp0" +"bsp1" +"bsp2" +"bsp3" +"bAB0" +"bAB1" +"bAB2" +"bAB3" +"bBA0" +"bBA1" +"bBA2" +"bBA3" +"bBD0" +"bBD1" +"bBD2" +"bBD3" +"bDB0" +"bDB1" +"bDB2" +"bDB3" +"bMB0" +"bMB1" +"bMB2" +"bMB3" +"bMS0" +"bMS1" +"bMS2" +"bMS3" +"B2A0" +"B2A1" +"B2A2" +"B2A3" +"B2D0" +"B2D1" +"B2D2" +"B2D3" +"calt" +"targ" +"cept" +"csnm" +"clro" +"cloo" +"clin" +"clio" +"ciis" +"cprt" +"c2sp" +"cxF " +"dmnd" +"dmdd" +"dAB0" +"dAB2" +"dAB3" +"dAB4" +"dBA0" +"dBA1" +"dBA2" +"dBA3" +"dBD0" +"dBD1" +"dBD2" +"dBD3" +"dDB0" +"dDB1" +"dDB2" +"dDB3" +"d2B0" +"d2B1" +"d2B2" +"d2B3" +"gbd0" +"gbd1" +"gbd2" +"gbd3" +"mdv " +"mcta" +"minf" +"miin" +"wtpt" +"meta" +"M2A0" +"M2B0" +"M2B1" +"M2B2" +"M2B3" +"M2S0" +"M2S1" +"M2S2" +"M2S3" +"nmcl" +"rig0" +"desc" +"psin" +"rfnm" +"rig2" +"svcn" +"swpt" +"s2cp" +"smap" +"tech" + +# tag types +"clro" +"curv" +"data" +"dtim" +"dict" +"ehim" +"enim" +"fl16" +"fl32" +"fl64" +"gbd " +"mAB " +"mBA " +"meas" +"mluc" +"mpet" +"para" +"sf32" +"sig " +"smat" +"tary" +"tstr" +"ui32" +"ui64" +"ui08" +"ut16" +"utf8" +"zut8" +"zxml" + +# Function operands +"calc" +"func" +"true" +"ndef" +"env " +"in " +"out " +"tget" +"tput" +"tsav" +"curv" +"mtx " +"clut" +"tint" +"elem" +"copy" +"rotl" +"rotr" +"posd" +"flip" +"pop " +"solv" +"tran" +"sum " +"prod" +"min " +"max " +"and " +"or " +"pi " +"+INF" +"-INF" +"NaN " +"add " +"sub " +"mul " +"dic " +"mod " +"pow " +"gama" +"sadd" +"ssub" +"sdiv" +"smul" +"sq " +"sqrt" +"cb " +"cbrt" +"abs " +"neg " +"rond" +"flor" +"ceil" +"trnc" +"sign" +"exp " +"log " +"ln " +"sin " +"cos " +"tan " +"asin" +"acos" +"atan" +"atn2" +"ctop" +"ptoc" +"rnum" +"lt " +"le " +"eq" +"near" +"ge " +"gt " +"vmin" +"vmax" +"vand" +"vor " +"tLab" +"tXYZ" +"if " +"else" +"sel " +"case" +"dflt" +"cvst" +"sngf" +"curf" +"parf" +"smaf" +"clut" +"eclt" +"emtx" +"eobs" +"xclt" +"iemx" +"JtoX" +"matf" +"smet" +"rclt" +"robs" +"tint" +"XtoJ" +"bACS" +"eACS" +"brdf" +"type" +"func" +"nump" +"xfrm" +"BPh0" +"BPh1" +"CT10" +"CT20" +"CT30" +"CT11" +"CT21" +"CT31" +"War0" +"War1" +"La10" +"La20" +"La30" +"La11" +"La21" +"La31" +"name" +"lcnm" +"pcs " +"spec" +"spcb" +"spcg" +"ncol" +"pinf" + +# from oss-fuzz, some duplicates +# Fuzzing dictionary for icc +# Extracted from lcms2.h of Little-CMS project 2.8. + +magic="acsp" +sig="lcms" + +# Base ICC type definitions +"chrm" +"clro" +"clrt" +"crdi" +"curv" +"data" +"dict" +"dtim" +"devs" +"mft2" +"mft1" +"mAB " +"mBA " +"meas" +"mluc" +"mpet" +"ncol" +"ncl2" +"para" +"pseq" +"psid" +"rcs2" +"sf32" +"scrn" +"sig " +"text" +"desc" +"uf32" +"bfd " +"ui16" +"ui32" +"ui64" +"ui08" +"vcgt" +"view" +"XYZ " + +# Base ICC tag definitions +"A2B0" +"A2B1" +"A2B2" +"bXYZ" +"bXYZ" +"bTRC" +"B2A0" +"B2A1" +"B2A2" +"calt" +"targ" +"chad" +"chrm" +"clro" +"clrt" +"clot" +"ciis" +"cprt" +"crdi" +"data" +"dtim" +"dmnd" +"dmdd" +"devs" +"D2B0" +"D2B1" +"D2B2" +"D2B3" +"B2D0" +"B2D1" +"B2D2" +"B2D3" +"gamt" +"kTRC" +"gXYZ" +"gXYZ" +"gTRC" +"lumi" +"meas" +"bkpt" +"wtpt" +"ncol" +"ncl2" +"resp" +"rig0" +"pre0" +"pre1" +"pre2" +"desc" +"dscm" +"pseq" +"psid" +"psd0" +"psd1" +"psd2" +"psd3" +"ps2s" +"ps2i" +"rXYZ" +"rXYZ" +"rTRC" +"rig2" +"scrd" +"scrn" +"tech" +"bfd " +"vued" +"view" +"vcgt" +"meta" +"arts" + +# ICC Technology tag +"dcam" +"fscn" +"rscn" +"ijet" +"twax" +"epho" +"esta" +"dsub" +"rpho" +"fprn" +"vidm" +"vidc" +"pjtv" +"CRT " +"PMD " +"AMD " +"KPCD" +"imgs" +"grav" +"offs" +"silk" +"flex" +"mpfs" +"mpfr" +"dmpc" +"dcpj" + +# ICC Color spaces +"XYZ " +"Lab " +"Luv " +"YCbr" +"Yxy " +"RGB " +"GRAY" +"HSV " +"HLS " +"CMYK" +"CMY " +"MCH1" +"MCH2" +"MCH3" +"MCH4" +"MCH5" +"MCH6" +"MCH7" +"MCH8" +"MCH9" +"MCHA" +"MCHB" +"MCHC" +"MCHD" +"MCHE" +"MCHF" +"nmcl" +"1CLR" +"2CLR" +"3CLR" +"4CLR" +"5CLR" +"6CLR" +"7CLR" +"8CLR" +"9CLR" +"ACLR" +"BCLR" +"CCLR" +"DCLR" +"ECLR" +"FCLR" +"LuvK" + +# ICC Profile Class +"scnr" +"mntr" +"prtr" +"link" +"abst" +"spac" +"nmcl" + +# ICC Platforms +"APPL" +"MSFT" +"SUNW" +"SGI " +"TGNT" +"*nix" + +# Reference gamut +"prmg" + +# For cmsSigColorimetricIntentImageStateTag +"scoe" +"sape" +"fpce" +"rhoc" +"rpoc" + +# Multi process elements types +"cvst" +"matf" +"clut" +"bACS" +"eACS" +"l2x " +"x2l " +"ncl " +"2 4 " +"4 2 " +"idn " +"d2l " +"l2d " +"d2x " +"x2d " +"clp " + +# Types of CurveElements +"parf" +"samf" +"curf" + +# Used in ResponseCurveType +"StaA" +"StaE" +"StaI" +"StaT" +"StaM" +"DN " +"DN P" +"DNN " +"DNNP" diff --git a/dictionaries/iccprofile.dict b/dictionaries/iccprofile.dict new file mode 100644 index 00000000..26dd973e --- /dev/null +++ b/dictionaries/iccprofile.dict @@ -0,0 +1,25 @@ +# Dict for ICC profiles parsed by skcms. + +"mft1" +"mft2" +"mAB " +"rXYZ" +"gXYZ" +"bXYZ" +"rTRC" +"gTRC" +"bTRC" +"kTRC" +"A2B0" +"curv" +"para" +"mluc" +"XYZ " +"Lab " +"RGB " +"CMYK" +"GRAY" +"mntr" +"scnr" +"prtr" +"spac" diff --git a/dictionaries/icns.dict b/dictionaries/icns.dict new file mode 100644 index 00000000..f9da1c83 --- /dev/null +++ b/dictionaries/icns.dict @@ -0,0 +1,43 @@ +# https://en.wikipedia.org/wiki/Apple_Icon_Image_format + +"ICN#" +"ICON" +"TOC " +"h8mk" +"ic04" +"ic05" +"ic07" +"ic08" +"ic09" +"ic10" +"ic11" +"ic12" +"ic13" +"ic14" +"ich#" +"ich4" +"ich8" +"icl4" +"icl8" +"icm#" +"icm4" +"icm8" +"icnV" +"icns" +"icp4" +"icp5" +"icp6" +"ics#" +"ics4" +"ics8" +"icsB" +"icsb" +"ih32" +"il32" +"info" +"is32" +"it32" +"l8mk" +"name" +"s8mk" +"t8mk" \ No newline at end of file diff --git a/dictionaries/initfile.dict b/dictionaries/initfile.dict new file mode 100644 index 00000000..2d88ebc0 --- /dev/null +++ b/dictionaries/initfile.dict @@ -0,0 +1,688 @@ +#SELECT WORD FROM INFORMATION_SCHEMA.KEYWORDS; +ACCESSIBLE="ACCESSIBLE" +ACCOUNT="ACCOUNT" +ACTION="ACTION" +ACTIVE="ACTIVE" +ADD="ADD" +ADMIN="ADMIN" +AFTER="AFTER" +AGAINST="AGAINST" +AGGREGATE="AGGREGATE" +ALGORITHM="ALGORITHM" +ALL="ALL" +ALTER="ALTER" +ALWAYS="ALWAYS" +ANALYZE="ANALYZE" +AND="AND" +ANY="ANY" +AS="AS" +ASC="ASC" +ASCII="ASCII" +ASENSITIVE="ASENSITIVE" +AT="AT" +AUTOEXTEND_SIZE="AUTOEXTEND_SIZE" +AUTO_INCREMENT="AUTO_INCREMENT" +AVG="AVG" +AVG_ROW_LENGTH="AVG_ROW_LENGTH" +BACKUP="BACKUP" +BEFORE="BEFORE" +BEGIN="BEGIN" +BETWEEN="BETWEEN" +BIGINT="BIGINT" +BINARY="BINARY" +BINLOG="BINLOG" +BIT="BIT" +BLOB="BLOB" +BLOCK="BLOCK" +BOOL="BOOL" +BOOLEAN="BOOLEAN" +BOTH="BOTH" +BTREE="BTREE" +BUCKETS="BUCKETS" +BY="BY" +BYTE="BYTE" +CACHE="CACHE" +CALL="CALL" +CASCADE="CASCADE" +CASCADED="CASCADED" +CASE="CASE" +CATALOG_NAME="CATALOG_NAME" +CHAIN="CHAIN" +CHANGE="CHANGE" +CHANGED="CHANGED" +CHANNEL="CHANNEL" +CHAR="CHAR" +CHARACTER="CHARACTER" +CHARSET="CHARSET" +CHECK="CHECK" +CHECKSUM="CHECKSUM" +CIPHER="CIPHER" +CLASS_ORIGIN="CLASS_ORIGIN" +CLIENT="CLIENT" +CLONE="CLONE" +CLOSE="CLOSE" +COALESCE="COALESCE" +CODE="CODE" +COLLATE="COLLATE" +COLLATION="COLLATION" +COLUMN="COLUMN" +COLUMNS="COLUMNS" +COLUMN_FORMAT="COLUMN_FORMAT" +COLUMN_NAME="COLUMN_NAME" +COMMENT="COMMENT" +COMMIT="COMMIT" +COMMITTED="COMMITTED" +COMPACT="COMPACT" +COMPLETION="COMPLETION" +COMPONENT="COMPONENT" +COMPRESSED="COMPRESSED" +COMPRESSION="COMPRESSION" +CONCURRENT="CONCURRENT" +CONDITION="CONDITION" +CONNECTION="CONNECTION" +CONSISTENT="CONSISTENT" +CONSTRAINT="CONSTRAINT" +CONSTRAINT_CATALOG="CONSTRAINT_CATALOG" +CONSTRAINT_NAME="CONSTRAINT_NAME" +CONSTRAINT_SCHEMA="CONSTRAINT_SCHEMA" +CONTAINS="CONTAINS" +CONTEXT="CONTEXT" +CONTINUE="CONTINUE" +CONVERT="CONVERT" +CPU="CPU" +CREATE="CREATE" +CROSS="CROSS" +CUBE="CUBE" +CUME_DIST="CUME_DIST" +CURRENT="CURRENT" +CURRENT_DATE="CURRENT_DATE" +CURRENT_TIME="CURRENT_TIME" +CURRENT_TIMESTAMP="CURRENT_TIMESTAMP" +CURRENT_USER="CURRENT_USER" +CURSOR="CURSOR" +CURSOR_NAME="CURSOR_NAME" +DATA="DATA" +DATABASE="DATABASE" +DATABASES="DATABASES" +DATAFILE="DATAFILE" +DATE="DATE" +DATETIME="DATETIME" +DAY="DAY" +DAY_HOUR="DAY_HOUR" +DAY_MICROSECOND="DAY_MICROSECOND" +DAY_MINUTE="DAY_MINUTE" +DAY_SECOND="DAY_SECOND" +DEALLOCATE="DEALLOCATE" +DEC="DEC" +DECIMAL="DECIMAL" +DECLARE="DECLARE" +DEFAULT="DEFAULT" +DEFAULT_AUTH="DEFAULT_AUTH" +DEFINER="DEFINER" +DEFINITION="DEFINITION" +DELAYED="DELAYED" +DELAY_KEY_WRITE="DELAY_KEY_WRITE" +DELETE="DELETE" +DENSE_RANK="DENSE_RANK" +DESC="DESC" +DESCRIBE="DESCRIBE" +DESCRIPTION="DESCRIPTION" +DETERMINISTIC="DETERMINISTIC" +DIAGNOSTICS="DIAGNOSTICS" +DIRECTORY="DIRECTORY" +DISABLE="DISABLE" +DISCARD="DISCARD" +DISK="DISK" +DISTINCT="DISTINCT" +DISTINCTROW="DISTINCTROW" +DIV="DIV" +DO="DO" +DOUBLE="DOUBLE" +DROP="DROP" +DUAL="DUAL" +DUMPFILE="DUMPFILE" +DUPLICATE="DUPLICATE" +DYNAMIC="DYNAMIC" +EACH="EACH" +ELSE="ELSE" +ELSEIF="ELSEIF" +EMPTY="EMPTY" +ENABLE="ENABLE" +ENCLOSED="ENCLOSED" +ENCRYPTION="ENCRYPTION" +END="END" +ENDS="ENDS" +ENFORCED="ENFORCED" +ENGINE="ENGINE" +ENGINES="ENGINES" +ENUM="ENUM" +ERROR="ERROR" +ERRORS="ERRORS" +ESCAPE="ESCAPE" +ESCAPED="ESCAPED" +EVENT="EVENT" +EVENTS="EVENTS" +EVERY="EVERY" +EXCEPT="EXCEPT" +EXCHANGE="EXCHANGE" +EXCLUDE="EXCLUDE" +EXECUTE="EXECUTE" +EXISTS="EXISTS" +EXIT="EXIT" +EXPANSION="EXPANSION" +EXPIRE="EXPIRE" +EXPLAIN="EXPLAIN" +EXPORT="EXPORT" +EXTENDED="EXTENDED" +EXTENT_SIZE="EXTENT_SIZE" +FALSE="FALSE" +FAST="FAST" +FAULTS="FAULTS" +FETCH="FETCH" +FIELDS="FIELDS" +FILE="FILE" +FILE_BLOCK_SIZE="FILE_BLOCK_SIZE" +FILTER="FILTER" +FIRST="FIRST" +FIRST_VALUE="FIRST_VALUE" +FIXED="FIXED" +FLOAT="FLOAT" +FLOAT4="FLOAT4" +FLOAT8="FLOAT8" +FLUSH="FLUSH" +FOLLOWING="FOLLOWING" +FOLLOWS="FOLLOWS" +FOR="FOR" +FORCE="FORCE" +FOREIGN="FOREIGN" +FORMAT="FORMAT" +FOUND="FOUND" +FROM="FROM" +FULL="FULL" +FULLTEXT="FULLTEXT" +FUNCTION="FUNCTION" +GENERAL="GENERAL" +GENERATED="GENERATED" +GEOMCOLLECTION="GEOMCOLLECTION" +GEOMETRY="GEOMETRY" +GEOMETRYCOLLECTION="GEOMETRYCOLLECTION" +GET="GET" +GET_FORMAT="GET_FORMAT" +GET_MASTER_PUBLIC_KEY="GET_MASTER_PUBLIC_KEY" +GLOBAL="GLOBAL" +GRANT="GRANT" +GRANTS="GRANTS" +GROUP="GROUP" +GROUPING="GROUPING" +GROUPS="GROUPS" +GROUP_REPLICATION="GROUP_REPLICATION" +HANDLER="HANDLER" +HASH="HASH" +HAVING="HAVING" +HELP="HELP" +HIGH_PRIORITY="HIGH_PRIORITY" +HISTOGRAM="HISTOGRAM" +HISTORY="HISTORY" +HOST="HOST" +HOSTS="HOSTS" +HOUR="HOUR" +HOUR_MICROSECOND="HOUR_MICROSECOND" +HOUR_MINUTE="HOUR_MINUTE" +HOUR_SECOND="HOUR_SECOND" +IDENTIFIED="IDENTIFIED" +IF="IF" +IGNORE="IGNORE" +IGNORE_SERVER_IDS="IGNORE_SERVER_IDS" +IMPORT="IMPORT" +IN="IN" +INACTIVE="INACTIVE" +INDEX="INDEX" +INDEXES="INDEXES" +INFILE="INFILE" +INITIAL_SIZE="INITIAL_SIZE" +INNER="INNER" +INOUT="INOUT" +INSENSITIVE="INSENSITIVE" +INSERT="INSERT" +INSERT_METHOD="INSERT_METHOD" +INSTALL="INSTALL" +INSTANCE="INSTANCE" +INT="INT" +INT1="INT1" +INT2="INT2" +INT3="INT3" +INT4="INT4" +INT8="INT8" +INTEGER="INTEGER" +INTERVAL="INTERVAL" +INTO="INTO" +INVISIBLE="INVISIBLE" +INVOKER="INVOKER" +IO="IO" +IO_AFTER_GTIDS="IO_AFTER_GTIDS" +IO_BEFORE_GTIDS="IO_BEFORE_GTIDS" +IO_THREAD="IO_THREAD" +IPC="IPC" +IS="IS" +ISOLATION="ISOLATION" +ISSUER="ISSUER" +ITERATE="ITERATE" +JOIN="JOIN" +JSON="JSON" +JSON_TABLE="JSON_TABLE" +KEY="KEY" +KEYS="KEYS" +KEY_BLOCK_SIZE="KEY_BLOCK_SIZE" +KILL="KILL" +LAG="LAG" +LANGUAGE="LANGUAGE" +LAST="LAST" +LAST_VALUE="LAST_VALUE" +LATERAL="LATERAL" +LEAD="LEAD" +LEADING="LEADING" +LEAVE="LEAVE" +LEAVES="LEAVES" +LEFT="LEFT" +LESS="LESS" +LEVEL="LEVEL" +LIKE="LIKE" +LIMIT="LIMIT" +LINEAR="LINEAR" +LINES="LINES" +LINESTRING="LINESTRING" +LIST="LIST" +LOAD="LOAD" +LOCAL="LOCAL" +LOCALTIME="LOCALTIME" +LOCALTIMESTAMP="LOCALTIMESTAMP" +LOCK="LOCK" +LOCKED="LOCKED" +LOCKS="LOCKS" +LOGFILE="LOGFILE" +LOGS="LOGS" +LONG="LONG" +LONGBLOB="LONGBLOB" +LONGTEXT="LONGTEXT" +LOOP="LOOP" +LOW_PRIORITY="LOW_PRIORITY" +MASTER="MASTER" +MASTER_AUTO_POSITION="MASTER_AUTO_POSITION" +MASTER_BIND="MASTER_BIND" +MASTER_CONNECT_RETRY="MASTER_CONNECT_RETRY" +MASTER_DELAY="MASTER_DELAY" +MASTER_HEARTBEAT_PERIOD="MASTER_HEARTBEAT_PERIOD" +MASTER_HOST="MASTER_HOST" +MASTER_LOG_FILE="MASTER_LOG_FILE" +MASTER_LOG_POS="MASTER_LOG_POS" +MASTER_PASSWORD="MASTER_PASSWORD" +MASTER_PORT="MASTER_PORT" +MASTER_PUBLIC_KEY_PATH="MASTER_PUBLIC_KEY_PATH" +MASTER_RETRY_COUNT="MASTER_RETRY_COUNT" +MASTER_SERVER_ID="MASTER_SERVER_ID" +MASTER_SSL="MASTER_SSL" +MASTER_SSL_CA="MASTER_SSL_CA" +MASTER_SSL_CAPATH="MASTER_SSL_CAPATH" +MASTER_SSL_CERT="MASTER_SSL_CERT" +MASTER_SSL_CIPHER="MASTER_SSL_CIPHER" +MASTER_SSL_CRL="MASTER_SSL_CRL" +MASTER_SSL_CRLPATH="MASTER_SSL_CRLPATH" +MASTER_SSL_KEY="MASTER_SSL_KEY" +MASTER_SSL_VERIFY_SERVER_CERT="MASTER_SSL_VERIFY_SERVER_CERT" +MASTER_TLS_VERSION="MASTER_TLS_VERSION" +MASTER_USER="MASTER_USER" +MATCH="MATCH" +MAXVALUE="MAXVALUE" +MAX_CONNECTIONS_PER_HOUR="MAX_CONNECTIONS_PER_HOUR" +MAX_QUERIES_PER_HOUR="MAX_QUERIES_PER_HOUR" +MAX_ROWS="MAX_ROWS" +MAX_SIZE="MAX_SIZE" +MAX_UPDATES_PER_HOUR="MAX_UPDATES_PER_HOUR" +MAX_USER_CONNECTIONS="MAX_USER_CONNECTIONS" +MEDIUM="MEDIUM" +MEDIUMBLOB="MEDIUMBLOB" +MEDIUMINT="MEDIUMINT" +MEDIUMTEXT="MEDIUMTEXT" +MEMORY="MEMORY" +MERGE="MERGE" +MESSAGE_TEXT="MESSAGE_TEXT" +MICROSECOND="MICROSECOND" +MIDDLEINT="MIDDLEINT" +MIGRATE="MIGRATE" +MINUTE="MINUTE" +MINUTE_MICROSECOND="MINUTE_MICROSECOND" +MINUTE_SECOND="MINUTE_SECOND" +MIN_ROWS="MIN_ROWS" +MOD="MOD" +MODE="MODE" +MODIFIES="MODIFIES" +MODIFY="MODIFY" +MONTH="MONTH" +MULTILINESTRING="MULTILINESTRING" +MULTIPOINT="MULTIPOINT" +MULTIPOLYGON="MULTIPOLYGON" +MUTEX="MUTEX" +MYSQL_ERRNO="MYSQL_ERRNO" +NAME="NAME" +NAMES="NAMES" +NATIONAL="NATIONAL" +NATURAL="NATURAL" +NCHAR="NCHAR" +NDB="NDB" +NDBCLUSTER="NDBCLUSTER" +NESTED="NESTED" +NETWORK_NAMESPACE="NETWORK_NAMESPACE" +NEVER="NEVER" +NEW="NEW" +NEXT="NEXT" +NO="NO" +NODEGROUP="NODEGROUP" +NONE="NONE" +NOT="NOT" +NOWAIT="NOWAIT" +NO_WAIT="NO_WAIT" +NO_WRITE_TO_BINLOG="NO_WRITE_TO_BINLOG" +NTH_VALUE="NTH_VALUE" +NTILE="NTILE" +NULL="NULL" +NULLS="NULLS" +NUMBER="NUMBER" +NUMERIC="NUMERIC" +NVARCHAR="NVARCHAR" +OF="OF" +OFFSET="OFFSET" +OJ="OJ" +OLD="OLD" +ON="ON" +ONE="ONE" +ONLY="ONLY" +OPEN="OPEN" +OPTIMIZE="OPTIMIZE" +OPTIMIZER_COSTS="OPTIMIZER_COSTS" +OPTION="OPTION" +OPTIONAL="OPTIONAL" +OPTIONALLY="OPTIONALLY" +OPTIONS="OPTIONS" +OR="OR" +ORDER="ORDER" +ORDINALITY="ORDINALITY" +ORGANIZATION="ORGANIZATION" +OTHERS="OTHERS" +OUT="OUT" +OUTER="OUTER" +OUTFILE="OUTFILE" +OVER="OVER" +OWNER="OWNER" +PACK_KEYS="PACK_KEYS" +PAGE="PAGE" +PARSER="PARSER" +PARTIAL="PARTIAL" +PARTITION="PARTITION" +PARTITIONING="PARTITIONING" +PARTITIONS="PARTITIONS" +PASSWORD="PASSWORD" +PATH="PATH" +PERCENT_RANK="PERCENT_RANK" +PERSIST="PERSIST" +PERSIST_ONLY="PERSIST_ONLY" +PHASE="PHASE" +PLUGIN="PLUGIN" +PLUGINS="PLUGINS" +PLUGIN_DIR="PLUGIN_DIR" +POINT="POINT" +POLYGON="POLYGON" +PORT="PORT" +PRECEDES="PRECEDES" +PRECEDING="PRECEDING" +PRECISION="PRECISION" +PREPARE="PREPARE" +PRESERVE="PRESERVE" +PREV="PREV" +PRIMARY="PRIMARY" +PRIVILEGES="PRIVILEGES" +PROCEDURE="PROCEDURE" +PROCESS="PROCESS" +PROCESSLIST="PROCESSLIST" +PROFILE="PROFILE" +PROFILES="PROFILES" +PROXY="PROXY" +PURGE="PURGE" +QUARTER="QUARTER" +QUERY="QUERY" +QUICK="QUICK" +RANGE="RANGE" +RANK="RANK" +READ="READ" +READS="READS" +READ_ONLY="READ_ONLY" +READ_WRITE="READ_WRITE" +REAL="REAL" +REBUILD="REBUILD" +RECOVER="RECOVER" +RECURSIVE="RECURSIVE" +REDO_BUFFER_SIZE="REDO_BUFFER_SIZE" +REDUNDANT="REDUNDANT" +REFERENCE="REFERENCE" +REFERENCES="REFERENCES" +REGEXP="REGEXP" +RELAY="RELAY" +RELAYLOG="RELAYLOG" +RELAY_LOG_FILE="RELAY_LOG_FILE" +RELAY_LOG_POS="RELAY_LOG_POS" +RELAY_THREAD="RELAY_THREAD" +RELEASE="RELEASE" +RELOAD="RELOAD" +REMOVE="REMOVE" +RENAME="RENAME" +REORGANIZE="REORGANIZE" +REPAIR="REPAIR" +REPEAT="REPEAT" +REPEATABLE="REPEATABLE" +REPLACE="REPLACE" +REPLICATE_DO_DB="REPLICATE_DO_DB" +REPLICATE_DO_TABLE="REPLICATE_DO_TABLE" +REPLICATE_IGNORE_DB="REPLICATE_IGNORE_DB" +REPLICATE_IGNORE_TABLE="REPLICATE_IGNORE_TABLE" +REPLICATE_REWRITE_DB="REPLICATE_REWRITE_DB" +REPLICATE_WILD_DO_TABLE="REPLICATE_WILD_DO_TABLE" +REPLICATE_WILD_IGNORE_TABLE="REPLICATE_WILD_IGNORE_TABLE" +REPLICATION="REPLICATION" +REQUIRE="REQUIRE" +RESET="RESET" +RESIGNAL="RESIGNAL" +RESOURCE="RESOURCE" +RESPECT="RESPECT" +RESTART="RESTART" +RESTORE="RESTORE" +RESTRICT="RESTRICT" +RESUME="RESUME" +RETAIN="RETAIN" +RETURN="RETURN" +RETURNED_SQLSTATE="RETURNED_SQLSTATE" +RETURNS="RETURNS" +REUSE="REUSE" +REVERSE="REVERSE" +REVOKE="REVOKE" +RIGHT="RIGHT" +RLIKE="RLIKE" +ROLE="ROLE" +ROLLBACK="ROLLBACK" +ROLLUP="ROLLUP" +ROTATE="ROTATE" +ROUTINE="ROUTINE" +ROW="ROW" +ROWS="ROWS" +ROW_COUNT="ROW_COUNT" +ROW_FORMAT="ROW_FORMAT" +ROW_NUMBER="ROW_NUMBER" +RTREE="RTREE" +SAVEPOINT="SAVEPOINT" +SCHEDULE="SCHEDULE" +SCHEMA="SCHEMA" +SCHEMAS="SCHEMAS" +SCHEMA_NAME="SCHEMA_NAME" +SECOND="SECOND" +SECONDARY="SECONDARY" +SECONDARY_ENGINE="SECONDARY_ENGINE" +SECONDARY_LOAD="SECONDARY_LOAD" +SECONDARY_UNLOAD="SECONDARY_UNLOAD" +SECOND_MICROSECOND="SECOND_MICROSECOND" +SECURITY="SECURITY" +SELECT="SELECT" +SENSITIVE="SENSITIVE" +SEPARATOR="SEPARATOR" +SERIAL="SERIAL" +SERIALIZABLE="SERIALIZABLE" +SERVER="SERVER" +SESSION="SESSION" +SET="SET" +SHARE="SHARE" +SHOW="SHOW" +SHUTDOWN="SHUTDOWN" +SIGNAL="SIGNAL" +SIGNED="SIGNED" +SIMPLE="SIMPLE" +SKIP="SKIP" +SLAVE="SLAVE" +SLOW="SLOW" +SMALLINT="SMALLINT" +SNAPSHOT="SNAPSHOT" +SOCKET="SOCKET" +SOME="SOME" +SONAME="SONAME" +SOUNDS="SOUNDS" +SOURCE="SOURCE" +SPATIAL="SPATIAL" +SPECIFIC="SPECIFIC" +SQL="SQL" +SQLEXCEPTION="SQLEXCEPTION" +SQLSTATE="SQLSTATE" +SQLWARNING="SQLWARNING" +SQL_AFTER_GTIDS="SQL_AFTER_GTIDS" +SQL_AFTER_MTS_GAPS="SQL_AFTER_MTS_GAPS" +SQL_BEFORE_GTIDS="SQL_BEFORE_GTIDS" +SQL_BIG_RESULT="SQL_BIG_RESULT" +SQL_BUFFER_RESULT="SQL_BUFFER_RESULT" +SQL_CALC_FOUND_ROWS="SQL_CALC_FOUND_ROWS" +SQL_NO_CACHE="SQL_NO_CACHE" +SQL_SMALL_RESULT="SQL_SMALL_RESULT" +SQL_THREAD="SQL_THREAD" +SQL_TSI_DAY="SQL_TSI_DAY" +SQL_TSI_HOUR="SQL_TSI_HOUR" +SQL_TSI_MINUTE="SQL_TSI_MINUTE" +SQL_TSI_MONTH="SQL_TSI_MONTH" +SQL_TSI_QUARTER="SQL_TSI_QUARTER" +SQL_TSI_SECOND="SQL_TSI_SECOND" +SQL_TSI_WEEK="SQL_TSI_WEEK" +SQL_TSI_YEAR="SQL_TSI_YEAR" +SRID="SRID" +SSL="SSL" +STACKED="STACKED" +START="START" +STARTING="STARTING" +STARTS="STARTS" +STATS_AUTO_RECALC="STATS_AUTO_RECALC" +STATS_PERSISTENT="STATS_PERSISTENT" +STATS_SAMPLE_PAGES="STATS_SAMPLE_PAGES" +STATUS="STATUS" +STOP="STOP" +STORAGE="STORAGE" +STORED="STORED" +STRAIGHT_JOIN="STRAIGHT_JOIN" +STRING="STRING" +SUBCLASS_ORIGIN="SUBCLASS_ORIGIN" +SUBJECT="SUBJECT" +SUBPARTITION="SUBPARTITION" +SUBPARTITIONS="SUBPARTITIONS" +SUPER="SUPER" +SUSPEND="SUSPEND" +SWAPS="SWAPS" +SWITCHES="SWITCHES" +SYSTEM="SYSTEM" +TABLE="TABLE" +TABLES="TABLES" +TABLESPACE="TABLESPACE" +TABLE_CHECKSUM="TABLE_CHECKSUM" +TABLE_NAME="TABLE_NAME" +TEMPORARY="TEMPORARY" +TEMPTABLE="TEMPTABLE" +TERMINATED="TERMINATED" +TEXT="TEXT" +THAN="THAN" +THEN="THEN" +THREAD_PRIORITY="THREAD_PRIORITY" +TIES="TIES" +TIME="TIME" +TIMESTAMP="TIMESTAMP" +TIMESTAMPADD="TIMESTAMPADD" +TIMESTAMPDIFF="TIMESTAMPDIFF" +TINYBLOB="TINYBLOB" +TINYINT="TINYINT" +TINYTEXT="TINYTEXT" +TO="TO" +TRAILING="TRAILING" +TRANSACTION="TRANSACTION" +TRIGGER="TRIGGER" +TRIGGERS="TRIGGERS" +TRUE="TRUE" +TRUNCATE="TRUNCATE" +TYPE="TYPE" +TYPES="TYPES" +UNBOUNDED="UNBOUNDED" +UNCOMMITTED="UNCOMMITTED" +UNDEFINED="UNDEFINED" +UNDO="UNDO" +UNDOFILE="UNDOFILE" +UNDO_BUFFER_SIZE="UNDO_BUFFER_SIZE" +UNICODE="UNICODE" +UNINSTALL="UNINSTALL" +UNION="UNION" +UNIQUE="UNIQUE" +UNKNOWN="UNKNOWN" +UNLOCK="UNLOCK" +UNSIGNED="UNSIGNED" +UNTIL="UNTIL" +UPDATE="UPDATE" +UPGRADE="UPGRADE" +USAGE="USAGE" +USE="USE" +USER="USER" +USER_RESOURCES="USER_RESOURCES" +USE_FRM="USE_FRM" +USING="USING" +UTC_DATE="UTC_DATE" +UTC_TIME="UTC_TIME" +UTC_TIMESTAMP="UTC_TIMESTAMP" +VALIDATION="VALIDATION" +VALUE="VALUE" +VALUES="VALUES" +VARBINARY="VARBINARY" +VARCHAR="VARCHAR" +VARCHARACTER="VARCHARACTER" +VARIABLES="VARIABLES" +VARYING="VARYING" +VCPU="VCPU" +VIEW="VIEW" +VIRTUAL="VIRTUAL" +VISIBLE="VISIBLE" +WAIT="WAIT" +WARNINGS="WARNINGS" +WEEK="WEEK" +WEIGHT_STRING="WEIGHT_STRING" +WHEN="WHEN" +WHERE="WHERE" +WHILE="WHILE" +WINDOW="WINDOW" +WITH="WITH" +WITHOUT="WITHOUT" +WORK="WORK" +WRAPPER="WRAPPER" +WRITE="WRITE" +X509="X509" +XA="XA" +XID="XID" +XML="XML" +XOR="XOR" +YEAR="YEAR" +YEAR_MONTH="YEAR_MONTH" +ZEROFILL="ZEROFILL" diff --git a/dictionaries/jbig2.dict b/dictionaries/jbig2.dict new file mode 100644 index 00000000..97f31b39 --- /dev/null +++ b/dictionaries/jbig2.dict @@ -0,0 +1,98 @@ +# AFL dictionary for jbig2 images +# by Sebastian Rasmussen <sebras@gmail.com> + +id_string="\x97\x4a\x42\x32\x0d\x0a\x1a\x0a" + +# segments + +noretain_allpages_symbol_dictionary="\x00" +noretain_allpages_intermediate_text_region="\x04" +noretain_allpages_immediate_text_region="\x06" +noretain_allpages_immediate_lossless_text_region="\x07" +noretain_allpages_pattern_dictionary="\x10" +noretain_allpages_intermediate_halftone_region="\x14" +noretain_allpages_immediate_halftone_region="\x16" +noretain_allpages_immediate_lossless_halftone_region="\x17" +noretain_allpages_intermediate_generic_region="\x24" +noretain_allpages_immediate_generic_region="\x26" +noretain_allpages_immediate_lossless_generic_region="\x27" +noretain_allpages_intermediate_generic_refinement_region="\x28" +noretain_allpages_immediate_generic_refinement_region="\x2a" +noretain_allpages_immediate_lossless_generic_refinement_region="\x2b" +noretain_allpages_page_information="\x30" +noretain_allpages_end_of_page="\x31" +noretain_allpages_end_of_stripe="\x32" +noretain_allpages_end_of_file="\x33" +noretain_allpages_profiles="\x34" +noretain_allpages_tables="\x35" +noretain_allpages_color_palette="\x36" +noretain_allpages_extension="\x3e" + +noretain_specificpage_symbol_dictionary="\x40" +noretain_specificpage_intermediate_text_region="\x44" +noretain_specificpage_immediate_text_region="\x46" +noretain_specificpage_immediate_lossless_text_region="\x47" +noretain_specificpage_pattern_dictionary="\x50" +noretain_specificpage_intermediate_halftone_region="\x54" +noretain_specificpage_immediate_halftone_region="\x56" +noretain_specificpage_immediate_lossless_halftone_region="\x57" +noretain_specificpage_intermediate_generic_region="\x64" +noretain_specificpage_immediate_generic_region="\x66" +noretain_specificpage_immediate_lossless_generic_region="\x67" +noretain_specificpage_intermediate_generic_refinement_region="\x68" +noretain_specificpage_immediate_generic_refinement_region="\x6a" +noretain_specificpage_immediate_lossless_generic_refinement_regio6="\x6b" +noretain_specificpage_page_information="\x70" +noretain_specificpage_end_of_page="\x71" +noretain_specificpage_end_of_stripe="\x72" +noretain_specificpage_end_of_file="\x73" +noretain_specificpage_profiles="\x74" +noretain_specificpage_tables="\x75" +noretain_specificpage_color_palette="\x76" +noretain_specificpage_extension="\x7e" + +retain_allpages_symbol_dictionary="\x80" +retain_allpages_intermediate_text_region="\x84" +retain_allpages_immediate_text_region="\x86" +retain_allpages_immediate_lossless_text_region="\x87" +retain_allpages_pattern_dictionary="\x90" +retain_allpages_intermediate_halftone_region="\x94" +retain_allpages_immediate_halftone_region="\x96" +retain_allpages_immediate_lossless_halftone_region="\x97" +retain_allpages_intermediate_generic_region="\xa4" +retain_allpages_immediate_generic_region="\xa6" +retain_allpages_immediate_lossless_generic_region="\xa7" +retain_allpages_intermediate_generic_refinement_region="\xa8" +retain_allpages_immediate_generic_refinement_region="\xaa" +retain_allpages_immediate_lossless_generic_refinement_regio6="\xab" +retain_allpages_page_information="\xb0" +retain_allpages_end_of_page="\xb1" +retain_allpages_end_of_stripe="\xb2" +retain_allpages_end_of_file="\xb3" +retain_allpages_profiles="\xb4" +retain_allpages_tables="\xb5" +retain_allpages_color_palette="\xb6" +retain_allpages_extension="\xbe" + +retain_specificpage_symbol_dictionary="\xc0" +retain_specificpage_intermediate_text_region="\xc4" +retain_specificpage_immediate_text_region="\xc6" +retain_specificpage_immediate_lossless_text_region="\xc7" +retain_specificpage_pattern_dictionary="\xd0" +retain_specificpage_intermediate_halftone_region="\xd4" +retain_specificpage_immediate_halftone_region="\xd6" +retain_specificpage_immediate_lossless_halftone_region="\xd7" +retain_specificpage_intermediate_generic_region="\xe4" +retain_specificpage_immediate_generic_region="\xe6" +retain_specificpage_immediate_lossless_generic_region="\xe7" +retain_specificpage_intermediate_generic_refinement_region="\xe8" +retain_specificpage_immediate_generic_refinement_region="\xea" +retain_specificpage_immediate_lossless_generic_refinement_regio6="\xeb" +retain_specificpage_page_information="\xf0" +retain_specificpage_end_of_page="\xf1" +retain_specificpage_end_of_stripe="\xf2" +retain_specificpage_end_of_file="\xf3" +retain_specificpage_profiles="\xf4" +retain_specificpage_tables="\xf5" +retain_specificpage_color_palette="\xf6" +retain_specificpage_extension="\xfe" diff --git a/dictionaries/jpeg2000.dict b/dictionaries/jpeg2000.dict new file mode 100644 index 00000000..10dafc63 --- /dev/null +++ b/dictionaries/jpeg2000.dict @@ -0,0 +1,22 @@ +type="jP " +ftyp="ftyp" +subtype1="jp2 " +subtype2="jp20" +subtype3="jpm " +subtype4="jpx " +subtype5="jp2h" +subtype6="jpxb" +subtype7="mjp2" +subtype8="mj2s" +subtype9="jp2c" +subtype10="jpch" +subtype11="jplh" +codestream="\xFF\x4F\xFF\x51" +signature="\x0d\x0a\x87\x0a" +tag1="hdr" +tag2="colr" +tag3="url" +tag4="req" +tag5="res" +tag6="page" +tag7="obj" \ No newline at end of file diff --git a/dictionaries/json.dict b/dictionaries/json.dict index e08245a2..b7604fb9 100644 --- a/dictionaries/json.dict +++ b/dictionaries/json.dict @@ -50,3 +50,12 @@ "\"\":0" "//" "/**/" + +"$ref" +"type" +"coordinates" +"@context" +"@id" + +"," +":" diff --git a/dictionaries/jsonnet.dict b/dictionaries/jsonnet.dict new file mode 100644 index 00000000..d209328a --- /dev/null +++ b/dictionaries/jsonnet.dict @@ -0,0 +1,60 @@ +# https://jsonnet.org/ref/spec.html + +# Keywords +"assert" +"else" +"error" +"false" +"for" +"function" +"if" +"import" +"importstr" +"in" +"local" +"null" +"self" +"super" +"tailstrict" +"then" +"true" +"super" +"local" + +# operators +"|||" +"@\"" +"@'" +"!=" +"==" +"[::]" +"+:::" + +# functions +"std.acos(" +"std.asin(" +"std.atan(" +"std.ceil(" +"std.char(" +"std.codepoint(" +"std.cos(" +"std.equals(" +"std.exp(" +"std.exponent(" +"std.floor(" +"std.join(" +"std.length(" +"std.log(" +"std.makeArray(" +"std.mantissa(" +"std.mod" +"std.modulo(" +"std.objectFiledsEx(" +"std.objectsHasEx(" +"std.pow(" +"std.primitiveEquals(" +"std.sin(" +"std.slice(" +"std.sqrt(" +"std.tan(" +"std.type(" diff --git a/dictionaries/markdown.dict b/dictionaries/markdown.dict new file mode 100644 index 00000000..be94db29 --- /dev/null +++ b/dictionaries/markdown.dict @@ -0,0 +1,28 @@ +strike="~~" +list="2." +link="[a](" +link_without_ref="[a][" +image="![b](" +bold="**" +separator="---" +title="# " +fence="```" +link_bottom="[a]:" +link_inline="<http://" +link_bottom_title="[1]: http://a.com" +checklist="- [x" +toc="[TOC]" +highlight_rst=":::python" + + +# GFM - https://github.github.com/gfm/ +"| ---" +leaf1="***" +leaf2="___" +code_hl="```html" +task="- [ ]" + + +# Extended syntax: https://www.markdownguide.org/extended-syntax/ +footnote="[^a]" +title_id="#a {#b}" diff --git a/dictionaries/math.dict b/dictionaries/math.dict new file mode 100644 index 00000000..ca0e0ee8 --- /dev/null +++ b/dictionaries/math.dict @@ -0,0 +1,20 @@ +"{" +"}" +"," +"[" +"]" +"," +":" +"e" +"e+" +"e-" +"E" +"E+" +"E-" +"\"" +"\\" +" " +"null" +"1" +"1.234" +"3e4" diff --git a/dictionaries/mathml.dict b/dictionaries/mathml.dict new file mode 100644 index 00000000..56c7a209 --- /dev/null +++ b/dictionaries/mathml.dict @@ -0,0 +1,279 @@ +#https://developer.mozilla.org/en-US/docs/Web/MathML/Element +# https://www.w3.org/TR/MathML3/chapter4.html + +header="<math xmlns='http://www.w3.org/1998/Math/MathML'>" + +# presentation mathml +"<annotation-xml>" +"<annotation>" +"<apply>" +"<maction>" +"<maligngroup>" +"<malignmark>" +"<math>" +"<menclose>" +"<merror>" +"<mfenced> " +"<mfrac>" +"<mglyph>" +"<mi>" +"<mlabeledtr>" +"<mlongdiv>" +"<mmultiscripts>" +"<mn>" +"<mo>" +"<mover>" +"<mpadded>" +"<mphantom>" +"<mprescripts>" +"<mroot>" +"<mrow>" +"<ms>" +"<mscarries>" +"<mscarry>" +"<msgroup>" +"<msline>" +"<mspace>" +"<msqrt>" +"<msrow>" +"<mstack>" +"<mstyle>" +"<msub>" +"<msubsup>" +"<msup>" +"<mtable>" +"<mtd>" +"<mtext>" +"<mtr>" +"<munder>" +"<munderover>" +"<none>" +"<semantics>" + +# attributes +"accent" +"accentunder" +"actiontype" +"align" +"alignmentscope" +"altimg" +"altimg-height" +"alttext" +"bevelled" +"charalign" +"close" +"columnalign" +"columnlines" +"columnspacing" +"columnspan" +"columnwidth" +"crossout" +"decimalpoint" +"denomalign" +"depth" +"dir" +"display" +"displaystyle" +"edge" +"equalcolumns" +"equalrows" +"fence" +"form" +"frame" +"framespacing" +"groupalign" +"height" +"href" +"id" +"indentalign" +"indentalignfirst" +"indentalignlast" +"indentshift" +"indentshiftfirst" +"indentshiftlast" +"indenttarget" +"infixlinebreakstyle" +"largeop" +"length" +"linebreak" +"linebreakmultchar" +"linebreakstyle" +"lineleading" +"linethickness" +"location" +"longdivstyle" +"lquote" +"lspace" +"mathbackground" +"mathcolor" +"mathsize" +"mathvariant" +"maxsize" +"minlabelspacing" +"minsize" +"movablelimits" +"notation" +"numalign" +"open" +"overflow" +"position" +"rowalign" +"rowlines" +"rowspacing" +"rowspan" +"rquote" +"rspace" +"scriptlevel" +"scriptminsize" +"scriptsizemultiplier" +"selection" +"separator" +"separators" +"shift" +"side" +"src" +"stackalign" +"stretchy" +"subscriptshift" +"supscriptshift" +"symmetric" +"voffset" +"width" +"xlink:href" +"xmlns" + +# content mathml +"<interval>" +"<inverse>" +"<lambda>" +"<compose/>" +"<ident/>" +"<domain/>" +"<codomain/>" +"<image/>" +"<piecewise>" +"<piece>" +"<otherwise>" +"<quotient/>" +"<factorial/>" +"<divide/>" +"<max/>" +"<min/>" +"<minus/>" +"<plus/>" +"<power/>" +"<rem/>" +"<times/>" +"<root/>" +"<gcd/>" +"<and/>" +"<or/>" +"<xor/>" +"<not/>" +"<implies/>" +"<forall/>" +"<exists/>" +"<abs/>" +"<conjugate/>" +"<arg/>" +"<real/>" +"<imaginary/>" +"<lcm/>" +"<floor/>" +"<ceiling/>" +"Relations" +"<eq/>" +"<neq/>" +"<gt/>" +"<lt/>" +"<geq/>" +"<leq/>" +"<equivalent/>" +"<approx/>" +"<factorof/>" +"<int/>" +"<diff/>" +"<partialdiff/>" +"<divergence/>" +"<grad/>" +"<curl/>" +"<laplacian/>" +"<set>" +"<list>" +"<union/>" +"<intersect/>" +"<in/>" +"<notin/>" +"<subset/>" +"<prsubset/>" +"<notsubset/>" +"<notprsubset/>" +"<setdiff/>" +"<card/>" +"<cartesianproduct/>" +"<sum/>" +"<product/>" +"<limit/>" +"<tendsto/>" +"<sin/>" +"<cos/>" +"<tan/>" +"<sec/>" +"<csc/>" +"<cot/>" +"<arcsin/>" +"<arccos/>" +"<arctan/>" +"<arcsec/>" +"<arccsc/>" +"<arccot/>" +"<sinh/>" +"<cosh/>" +"<tanh/>" +"<sech/>" +"<csch/>" +"<coth/>" +"<arcsinh/>" +"<arccosh/>" +"<arctanh/>" +"<arcsech/>" +"<arccsch/>" +"<arccoth/>" +"<exp/>" +"<ln/>" +"<log/>" +"<logbase>" +"<mean/>" +"<sdev/>" +"<variance/>" +"<median/>" +"<mode/>" +"<moment/>" +"<momentabout>" +"<vector>" +"<matrix>" +"<matrixrow>" +"<determinant/>" +"<transpose/>" +"<selector/>" +"<vectorproduct/>" +"<scalarproduct/>" +"<outerproduct/>" +"<integers/>" +"<reals/>" +"<rationals/>" +"<naturalnumbers/>" +"<complexes/>" +"<primes/>" +"<exponentiale/>" +"<imaginaryi/>" +"<notanumber/>" +"<true/>" +"<false/>" +"<emptyset/>" +"<pi/>" +"<eulergamma/>" +"<infinity/>" +"<declare>" +"<reln>" +"<fn>" diff --git a/dictionaries/mp4.dict b/dictionaries/mp4.dict new file mode 100644 index 00000000..e706fe24 --- /dev/null +++ b/dictionaries/mp4.dict @@ -0,0 +1,82 @@ +# Taken from https://chromium.googlesource.com/chromium/src/+/master/media/test/mp4.dict + +FOURCC_NULL="\x00\x00\x00\x00" +FOURCC_AC3 ="\x61\x63\x2d\x33" +FOURCC_EAC3="\x65\x63\x2d\x33" +FOURCC_AVC1="\x61\x76\x63\x31" +FOURCC_AVC3="\x61\x76\x63\x33" +FOURCC_AVCC="\x61\x76\x63\x43" +FOURCC_BLOC="\x62\x6C\x6F\x63" +FOURCC_CENC="\x63\x65\x6e\x63" +FOURCC_CO64="\x63\x6f\x36\x34" +FOURCC_CTTS="\x63\x74\x74\x73" +FOURCC_DINF="\x64\x69\x6e\x66" +FOURCC_EDTS="\x65\x64\x74\x73" +FOURCC_EMSG="\x65\x6d\x73\x67" +FOURCC_ELST="\x65\x6c\x73\x74" +FOURCC_ENCA="\x65\x6e\x63\x61" +FOURCC_ENCV="\x65\x6e\x63\x76" +FOURCC_ESDS="\x65\x73\x64\x73" +FOURCC_FREE="\x66\x72\x65\x65" +FOURCC_FRMA="\x66\x72\x6d\x61" +FOURCC_FTYP="\x66\x74\x79\x70" +FOURCC_HDLR="\x68\x64\x6c\x72" +FOURCC_HINT="\x68\x69\x6e\x74" +FOURCC_HVC1="\x68\x76\x63\x31" +FOURCC_HVCC="\x68\x76\x63\x43" +FOURCC_IODS="\x69\x6f\x64\x73" +FOURCC_MDAT="\x6d\x64\x61\x74" +FOURCC_MDHD="\x6d\x64\x68\x64" +FOURCC_MDIA="\x6d\x64\x69\x61" +FOURCC_MECO="\x6d\x65\x63\x6f" +FOURCC_MEHD="\x6d\x65\x68\x64" +FOURCC_META="\x6d\x65\x74\x61" +FOURCC_MFHD="\x6d\x66\x68\x64" +FOURCC_MFRA="\x6d\x66\x72\x61" +FOURCC_MINF="\x6d\x69\x6e\x66" +FOURCC_MOOF="\x6d\x6f\x6f\x66" +FOURCC_MOOV="\x6d\x6f\x6f\x76" +FOURCC_MP4A="\x6d\x70\x34\x61" +FOURCC_MP4V="\x6d\x70\x34\x76" +FOURCC_MVEX="\x6d\x76\x65\x78" +FOURCC_MVHD="\x6d\x76\x68\x64" +FOURCC_PASP="\x70\x61\x73\x70" +FOURCC_PDIN="\x70\x64\x69\x6e" +FOURCC_PRFT="\x70\x72\x66\x74" +FOURCC_PSSH="\x70\x73\x73\x68" +FOURCC_SAIO="\x73\x61\x69\x6f" +FOURCC_SAIZ="\x73\x61\x69\x7a" +FOURCC_SBGP="\x73\x62\x67\x70" +FOURCC_SCHI="\x73\x63\x68\x69" +FOURCC_SCHM="\x73\x63\x68\x6d" +FOURCC_SDTP="\x73\x64\x74\x70" +FOURCC_SEIG="\x73\x65\x69\x67" +FOURCC_SENC="\x73\x65\x6e\x63" +FOURCC_SGPD="\x73\x67\x70\x64" +FOURCC_SIDX="\x73\x69\x64\x78" +FOURCC_SINF="\x73\x69\x6e\x66" +FOURCC_SKIP="\x73\x6b\x69\x70" +FOURCC_SMHD="\x73\x6d\x68\x64" +FOURCC_SOUN="\x73\x6f\x75\x6e" +FOURCC_SSIX="\x73\x73\x69\x78" +FOURCC_STBL="\x73\x74\x62\x6c" +FOURCC_STCO="\x73\x74\x63\x6f" +FOURCC_STSC="\x73\x74\x73\x63" +FOURCC_STSD="\x73\x74\x73\x64" +FOURCC_STSS="\x73\x74\x73\x73" +FOURCC_STSZ="\x73\x74\x73\x7a" +FOURCC_STTS="\x73\x74\x74\x73" +FOURCC_STYP="\x73\x74\x79\x70" +FOURCC_TENC="\x74\x65\x6e\x63" +FOURCC_TFDT="\x74\x66\x64\x74" +FOURCC_TFHD="\x74\x66\x68\x64" +FOURCC_TKHD="\x74\x6b\x68\x64" +FOURCC_TRAF="\x74\x72\x61\x66" +FOURCC_TRAK="\x74\x72\x61\x6b" +FOURCC_TREX="\x74\x72\x65\x78" +FOURCC_TRUN="\x74\x72\x75\x6e" +FOURCC_UDTA="\x75\x64\x74\x61" +FOURCC_UUID="\x75\x75\x69\x64" +FOURCC_VIDE="\x76\x69\x64\x65" +FOURCC_VMHD="\x76\x6d\x68\x64" +FOURCC_WIDE="\x77\x69\x64\x65" \ No newline at end of file diff --git a/dictionaries/mysqld.dict b/dictionaries/mysqld.dict new file mode 100644 index 00000000..33c97f6e --- /dev/null +++ b/dictionaries/mysqld.dict @@ -0,0 +1 @@ +user="root" diff --git a/dictionaries/ogg.dict b/dictionaries/ogg.dict new file mode 100644 index 00000000..2ecfe453 --- /dev/null +++ b/dictionaries/ogg.dict @@ -0,0 +1,36 @@ +# https://xiph.org/vorbis/doc/Vorbis_I_spec.html + +header="OggS" + +# Codecs +"BBCD\x00" +"\x7fFLAC" +"\x80theora" +"\x01vorbis" +"CELT " +"CMML\x00\x00\x00\x00" +"\x8bJNG\x0d\x0a\x1a\x0a" +"\x80kate\x00\x00\x00" +"OggMIDI\x00" +"\x8aMNG\x0d\x0a\x1a\x0a" +"PCM " +"\x89PNG\x0d\x0a\x1a\x0a" +"Speex " +"YUV4MPEG" + +# Metadata +"TITLE=" +"VERSION=" +"ALBUM=" +"TRACKNUMBER=" +"ARTIST=" +"PERFORMER=" +"COPYRIGHT=" +"LICENSE=" +"ORGANIZATION=" +"DESCRIPTION=" +"GENRE=" +"DATE=" +"LOCATION=" +"CONTACT=" +"ISRC=" \ No newline at end of file diff --git a/dictionaries/openexr.dict b/dictionaries/openexr.dict new file mode 100644 index 00000000..39e1247d --- /dev/null +++ b/dictionaries/openexr.dict @@ -0,0 +1,57 @@ +# specs: +# - https://www.openexr.com/documentation/openexrfilelayout.pdf +# - https://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/OpenEXR.html + +lay="_lay" +ver="_ver" +adoptNeutral="AdoptNeutral" +altitude="altitude" +aperture="aperture" +box2f="box2f" +box2i="box2i" +capdate="capDate" +channels="channels" +chlist="chlist" +chromaticities="chromaticities" +comments="comments" +compression="compression" +dataWindow="dataWindow" +displayWindow="displayWindow" +double="double" +envmap="envmap" +expTime="expTime" +focus="focus" +framesPerSecond="framesPerSecond" +float="float" +header="\x76\x2F\x31\x01" +int="int" +isoSpeed="isoSpeed" +keycode="keyCode" +latitude="latitude" +lineOrder="lineOrder" +longitude="longitude" +lookModTransform="lookModTransform" +m33f="m33f" +m44f="m44f" +owner="owner" +pixelAspectRatio="pixelAspectRatio" +preview="preview" +renderingTransform="renderingTransform" +rational="rational" +screenWindowCenter="screenWindowCenter" +screenWindowWidth="screenWindowWidth" +string="string" +stringvector="stringvector" +tiles="tiles" +tiledesc="tileDesc" +timecode="timeCode" +utcOffset="itcOffset" +whiteLuminance="whiteLuminance" +worldToCamera="worldToCamera" +worldToNDC="worldToNDC" +v2f="v2f" +v2i="v2i" +v3f="v3f" +v3i="v3i" +wrapmodes="wrapmodes" +xDensity="xDensity" \ No newline at end of file diff --git a/dictionaries/otf.dict b/dictionaries/otf.dict new file mode 100644 index 00000000..cb9cf650 --- /dev/null +++ b/dictionaries/otf.dict @@ -0,0 +1,963 @@ +# https://docs.microsoft.com/en-us/typography/opentype/spec/ + +# magic +"ttcf" + +# feature tags +"aalt" +"abvf" +"abvm" +"abvs" +"afrc" +"akhn" +"blwf" +"blwm" +"blws" +"calt" +"case" +"ccmp" +"cfar" +"cjct" +"clig" +"cpct" +"cpsp" +"cswh" +"curs" +"cv01" +"c2pc" +"c2sc" +"dist" +"dlig" +"dnom" +"dtls" +"expt" +"falt" +"fin2" +"fin3" +"fina" +"flac" +"frac" +"fwid" +"half" +"haln" +"halt" +"hist" +"hkna" +"hlig" +"hngl" +"hojo" +"hwid" +"init" +"isol" +"ital" +"jalt" +"jp78" +"jp83" +"jp90" +"jp04" +"kern" +"lfbd" +"liga" +"ljmo" +"lnum" +"locl" +"ltra" +"ltrm" +"mark" +"med2" +"medi" +"mgrk" +"mkmk" +"mset" +"nalt" +"nlck" +"nukt" +"numr" +"onum" +"opbd" +"ordn" +"ornm" +"palt" +"pcap" +"pkna" +"pnum" +"pref" +"pres" +"pstf" +"psts" +"pwid" +"qwid" +"rand" +"rclt" +"rlig" +"rkrf" +"rphf" +"rtbd" +"rtla" +"rtlm" +"ruby" +"rvrn" +"salt" +"sinf" +"size" +"smcp" +"smpl" +"ss01" +"ssty" +"stch" +"subs" +"sups" +"swsh" +"titl" +"tjmo" +"tnam" +"tnum" +"trad" +"twid" +"unic" +"valt" +"vatu" +"vert" +"vhal" +"vjmo" +"vkna" +"vkrn" +"vpal" +"vrt2" +"vrtr" +"zero" + +# baseline tags +"hang" +"icfb" +"ictf" +"ideo" +"idtp" +"math" +"romn" + +# axis tags +"ital" +"opsz" +"slnt" +"wdth" +"wght" + +# tables +"BASE" +"CBDT" +"CBLC" +"CFF" +"CFF2" +"COLR" +"CPAL" +"DSIG" +"EBDT" +"EBLC" +"EBSC" +"GDEF" +"GPOS" +"GSUB" +"HVAR" +"JSTF" +"LTSH" +"MATH" +"MERG" +"MVAR" +"OTTO" +"PCLT" +"STAT" +"SVG" +"VDMX" +"VORG" +"VVAR" +"avar" +"cmap" +"cmat" +"cvar" +"cvt" +"fpgm" +"fvar" +"gasp" +"glyf" +"gvar" +"hdmx" +"head" +"hhea" +"hmtx" +"kern" +"loca" +"maxp" +"meta" +"name" +"post" +"prep" +"sbix" +"vhea" +"vmtx" + +# script tags +"adlm" +"ahom" +"hluw" +"arab" +"armn" +"avst" +"bali" +"bamu" +"bass" +"batk" +"beng" +"bng2" +"bhks" +"bopo" +"brah" +"brai" +"bugi" +"buhd" +"byzm" +"cans" +"cari" +"aghb" +"cakm" +"cham" +"cher" +"hani" +"copt" +"cprt" +"cyrl" +"dsrt" +"deva" +"dev2" +"dogr" +"dupl" +"egyp" +"elba" +"ethi" +"geor" +"glag" +"goth" +"gran" +"grek" +"gujr" +"gjr2" +"gong" +"guru" +"gur2" +"hang" +"jamo" +"rohg" +"hano" +"hatr" +"hebr" +"kana" +"armi" +"phli" +"prti" +"java" +"kthi" +"knda" +"knd2" +"kana" +"kali" +"khar" +"khmr" +"khoj" +"sind" +"lao " +"latn" +"lepc" +"limb" +"lina" +"linb" +"lisu" +"lyci" +"lydi" +"mahj" +"maka" +"mlym" +"mlm2" +"mand" +"mani" +"marc" +"gonm" +"math" +"medf" +"mtei" +"mend" +"merc" +"mero" +"plrd" +"modi" +"mong" +"mroo" +"mult" +"musc" +"mymr" +"mym2" +"nbat" +"newa" +"talu" +"nko " +"nshu" +"orya" +"ory2" +"ogam" +"olck" +"ital" +"hung" +"narb" +"perm" +"xpeo" +"sogo" +"sarb" +"orkh" +"osge" +"osma" +"hmng" +"palm" +"pauc" +"phag" +"phnx" +"phlp" +"rjng" +"runr" +"samr" +"saur" +"shrd" +"shaw" +"sidd" +"sgnw" +"sinh" +"sogd" +"sora" +"soyo" +"xsux" +"sund" +"sylo" +"syrc" +"tglg" +"tagb" +"tale" +"lana" +"tavt" +"takr" +"taml" +"tml2" +"tang" +"telu" +"tel2" +"thaa" +"thai" +"tibt" +"tfng" +"tirh" +"ugar" +"vai " +"wara" +"yi " +"zanb" + +# language tags +"ABA " +"ABK " +"ACH " +"ACR " +"ADY " +"AFK " +"AFR " +"AGW " +"AIO " +"AKA " +"ALS " +"ALT " +"AMH " +"ANG " +"APPH" +"ARA " +"ARG " +"ARI " +"ARK " +"ASM " +"AST " +"ATH " +"AVR " +"AWA " +"AYM " +"AZB " +"AZE " +"BAD " +"BAD0" +"BAG " +"BAL " +"BAN " +"BAR " +"BAU " +"BBC " +"BBR " +"BCH " +"BCR " +"BDY " +"BEL " +"BEM " +"BEN " +"BGC " +"BGQ " +"BGR " +"BHI " +"BHO " +"BIK " +"BIL " +"BIS " +"BJJ " +"BKF " +"BLI " +"BLK " +"BLN " +"BLT " +"BMB " +"BML " +"BOS " +"BPY " +"BRE " +"BRH " +"BRI " +"BRM " +"BRX " +"BSH " +"BSK " +"BTI " +"BTS " +"BUG " +"BYV " +"CAK " +"CAT " +"CBK " +"CCHN" +"CEB " +"CHE " +"CHG " +"CHH " +"CHI " +"CHK " +"CHK0" +"CHO " +"CHP " +"CHR " +"CHA " +"CHU " +"CHY " +"CGG " +"CJA " +"CJM " +"CMR " +"COP " +"COR " +"COS " +"CPP " +"CRE " +"CRR " +"CRT " +"CSB " +"CSL " +"CSY " +"CTG " +"CUK " +"DAN " +"DAR " +"DAX " +"DCR " +"DEU " +"DGO " +"DGR " +"DHG " +"DHV " +"DIQ " +"DIV " +"DJR " +"DJR0" +"DNG " +"DNJ " +"DNK " +"DRI " +"DUJ " +"DUN " +"DZN " +"EBI " +"ECR " +"EDO " +"EFI " +"ELL " +"EMK " +"ENG " +"ERZ " +"ESP " +"ESU " +"ETI " +"EUQ " +"EVK " +"EVN " +"EWE " +"FAN " +"FAN0" +"FAR " +"FAT " +"FIN " +"FJI " +"FLE " +"FMP " +"FNE " +"FON " +"FOS " +"FRA " +"FRC " +"FRI " +"FRL " +"FRP " +"FTA " +"FUL " +"FUV " +"GAD " +"GAE " +"GAG " +"GAL " +"GAR " +"GAW " +"GEZ " +"GIH " +"GIL " +"GIL0" +"GKP " +"GLK " +"GMZ " +"GNN " +"GOG " +"GON " +"GRN " +"GRO " +"GUA " +"GUC " +"GUF " +"GUJ " +"GUZ " +"HAI " +"HAL " +"HAR " +"HAU " +"HAW " +"HAY " +"HAZ " +"HBN " +"HER " +"HIL " +"HIN " +"HMA " +"HMN " +"HMO " +"HND " +"HO " +"HRI " +"HRV " +"HUN " +"HYE " +"HYE0" +"IBA " +"IBB " +"IBO " +"IJO " +"IDO " +"ILE " +"ILO " +"INA " +"IND " +"ING " +"INU " +"IPK " +"IPPH" +"IRT " +"ISL " +"ISM " +"ITA " +"IWR " +"JAM " +"JAN " +"JAV " +"JBO " +"JCT " +"JII " +"JUD " +"JUL " +"KAB " +"KAB0" +"KAC " +"KAL " +"KAN " +"KAR " +"KAT " +"KAZ " +"KDE " +"KEA " +"KEB " +"KEK " +"KGE " +"KHA " +"KHK " +"KHM " +"KHS " +"KHT " +"KHV " +"KHW " +"KIK " +"KIR " +"KIS " +"KIU " +"KJD " +"KJP " +"KJZ " +"KKN " +"KLM " +"KMB " +"KMN " +"KMO " +"KMS " +"KMZ " +"KNR " +"KOD " +"KOH " +"KOK " +"KON " +"KOM " +"KON0" +"KOP " +"KOR " +"KOS " +"KOZ " +"KPL " +"KRI " +"KRK " +"KRL " +"KRM " +"KRN " +"KRT " +"KSH " +"KSH0" +"KSI " +"KSM " +"KSW " +"KUA " +"KUI " +"KUL " +"KUM " +"KUR " +"KUU " +"KUY " +"KYK " +"KYU " +"LAD " +"LAH " +"LAK " +"LAM " +"LAO " +"LAT " +"LAZ " +"LCR " +"LDK " +"LEZ " +"LIJ " +"LIM " +"LIN " +"LIS " +"LJP " +"LKI " +"LMA " +"LMB " +"LMO " +"LMW " +"LOM " +"LRC " +"LSB " +"LSM " +"LTH " +"LTZ " +"LUA " +"LUB " +"LUG " +"LUH " +"LUO " +"LVI " +"MAD " +"MAG " +"MAH " +"MAJ " +"MAK " +"MAL " +"MAM " +"MAN " +"MAP " +"MAR " +"MAW " +"MBN " +"MBO " +"MCH " +"MCR " +"MDE " +"MDR " +"MEN " +"MER " +"MFA " +"MFE " +"MIN " +"MIZ " +"MKD " +"MKR " +"MKW " +"MLE " +"MLG " +"MLN " +"MLR " +"MLY " +"MND " +"MNG " +"MNI " +"MNK " +"MNX " +"MOH " +"MOK " +"MOL " +"MON " +"MOR " +"MOS " +"MRI " +"MTH " +"MTS " +"MUN " +"MUS " +"MWL " +"MWW " +"MYN " +"MZN " +"NAG " +"NAH " +"NAN " +"NAP " +"NAS " +"NAU " +"NAV " +"NCR " +"NDB " +"NDC " +"NDG " +"NDS " +"NEP " +"NEW " +"NGA " +"NGR " +"NHC " +"NIS " +"NIU " +"NKL " +"NKO " +"NLD " +"NOE " +"NOG " +"NOR " +"NOV " +"NSM " +"NSO " +"NTA " +"NTO " +"NYM " +"NYN " +"NZA " +"OCI " +"OCR " +"OJB " +"ORI " +"ORO " +"OSS " +"PAA " +"PAG " +"PAL " +"PAM " +"PAN " +"PAP " +"PAP0" +"PAS " +"PAU " +"PCC " +"PCD " +"PDC " +"PGR " +"PHK " +"PIH " +"PIL " +"PLG " +"PLK " +"PMS " +"PNB " +"POH " +"PON " +"PRO " +"PTG " +"PWO " +"QIN " +"QUC " +"QUH " +"QUZ " +"QVI " +"QWH " +"RAJ " +"RAR " +"RBU " +"RCR " +"REJ " +"RIA " +"RIF " +"RIT " +"RKW " +"RMS " +"RMY " +"ROM " +"ROY " +"RSY " +"RTM " +"RUA " +"RUN " +"RUP " +"RUS " +"SAD " +"SAN " +"SAS " +"SAT " +"SAY " +"SCN " +"SCO " +"SEK " +"SEL " +"SGA " +"SGO " +"SGS " +"SHI " +"SHN " +"SIB " +"SID " +"SIG " +"SKS " +"SKY " +"SCS " +"SLA " +"SLV " +"SML " +"SMO " +"SNA " +"SNA0" +"SND " +"SNH " +"SNK " +"SOG " +"SOP " +"SOT " +"SQI " +"SRB " +"SRD " +"SRK " +"SRR " +"SSL " +"SSM " +"STQ " +"SUK " +"SUN " +"SUR " +"SVA " +"SVE " +"SWA " +"SWK " +"SWZ " +"SXT " +"SXU " +"SYL " +"SYR " +"SYRE" +"SYRJ" +"SYRN" +"SZL " +"TAB " +"TAJ " +"TAM " +"TAT " +"TCR " +"TDD " +"TEL " +"TET " +"TGL " +"TGN " +"TGR " +"TGY " +"THA " +"THT " +"TIB " +"TIV " +"TKM " +"TMH " +"TMN " +"TNA " +"TNE " +"TNG " +"TOD " +"TOD0" +"TPI " +"TRK " +"TSG " +"TSJ " +"TUA " +"TUM " +"TUL " +"TUV " +"TVL " +"TWI " +"TYZ " +"TZM " +"TZO " +"UDM " +"UKR " +"UMB " +"URD " +"USB " +"UYG " +"UZB " +"VEC " +"VEN " +"VIT " +"VOL " +"VRO " +"WA " +"WAG " +"WAR " +"WCR " +"WEL " +"WLN " +"WLF " +"WTM " +"XBD " +"XKF " +"XHS " +"XJB " +"XOG " +"XPE " +"YAK " +"YAO " +"YAP " +"YBA " +"YCR " +"YIC " +"YIM " +"ZEA " +"ZGH " +"ZHA " +"ZHH " +"ZHP " +"ZHS " +"ZHT " +"ZND " +"ZUL " +"ZZA " diff --git a/dictionaries/pbm.dict b/dictionaries/pbm.dict new file mode 100644 index 00000000..98d61cab --- /dev/null +++ b/dictionaries/pbm.dict @@ -0,0 +1,29 @@ +# https://en.wikipedia.org/wiki/Netpbm_format +header1="P1" +header2="P2" +header3="P3" +header4="P4" +header5="P5" +header6="P6" +zero="0" +one="1" +comment="#" +max="255" +overflow="256" + +# PAM - https://en.wikipedia.org/wiki/Netpbm#PAM_graphics_format +header7="P7" +width="WIDTH" +height="HEIGHT" +depth="DEPTH" +maxval="MAXVAL" +enhdr="ENDHDR" +tupltype="TUPLTYPE" +tupltype1="RGB_ALPHA" +tupltype2="RGB" +typltype3="BLACKANDWHITE" +typltype4="BLACKANDWHITE_ALPHA" +typltype5="GRAYSCALE" +typltype6="GRAYSCALE_ALPHA" +maxval_num="65535" +maxval_overlfow="65536" diff --git a/dictionaries/pcap.dict b/dictionaries/pcap.dict new file mode 100644 index 00000000..0ac622b8 --- /dev/null +++ b/dictionaries/pcap.dict @@ -0,0 +1,10 @@ +# https://www.tcpdump.org/pcap/pcap.html + +# Headers +"\xa1\xb2\xc3\xd4" +"\xd4\xc3\xb2\xa1" +"\xa1\xb2\x3c\x4d" +"\x4d\x3c\xb2\xa1" + + +current_version="\x02\x00\x04\x00" diff --git a/dictionaries/proj4.dict b/dictionaries/proj4.dict new file mode 100644 index 00000000..8dc05562 --- /dev/null +++ b/dictionaries/proj4.dict @@ -0,0 +1,249 @@ +# Dictionary developed for proj4 standard_fuzzer.cpp + +# valid proj types (lines 1,2), generated from seeds +# $ grep -hoe 'proj=\w*' -o seeds/* | sort -u +"+proj=aea" +"+proj=aeqd" +"+proj=calcofi" +"+proj=cass" +"+proj=cea" +"+proj=comill" +"+proj=eck4" +"+proj=eck6" +"+proj=eqc" +"+proj=eqdc" +"+proj=etmerc" +"+proj=gall" +"+proj=geocent" +"+proj=geos" +"+proj=gstmerc" +"+proj=hammer" +"+proj=healpix" +"+proj=helmert" +"+proj=kav5" +"+proj=krovak" +"+proj=labrd" +"+proj=laea" +"+proj=latlong" +"+proj=lcc" +"+proj=longlat" +"+proj=merc" +"+proj=mill" +"+proj=misrsom" +"+proj=moll" +"+proj=natearth" +"+proj=natearth2" +"+proj=nzmg" +"+proj=ob_tran" +"+proj=omerc" +"+proj=omerc" +"+proj=patterson" +"+proj=pconic" +"+proj=poly" +"+proj=qsc" +"+proj=rhealpix" +"+proj=robin" +"+proj=sch" +"+proj=sinu" +"+proj=somerc" +"+proj=stere" +"+proj=sterea" +"+proj=tmerc" +"+proj=utm" +"+proj=vandg" + +# valid datum types (lines 1,2), generated from seeds +# $ grep -hoe 'datum=\w*' -o seeds/* | sort -u +"+datum=GGRS87" +"+datum=NAD27" +"+datum=NAD83" +"+datum=OSGB36" +"+datum=WGS84" +"+datum=carthage" +"+datum=hermannskogel" +"+datum=ire65" +"+datum=nzgd49" +"+datum=potsdam" + +# valid ellps types +# $ grep -hoe 'elps=\w*' -o seeds/* | sort -u +"+ellps=GRS67" +"+ellps=GRS80" +"+ellps=WGS66" +"+ellps=WGS72" +"+ellps=WGS84" +"+ellps=airy" +"+ellps=aust_SA" +"+ellps=bess_nam" +"+ellps=bessel" +"+ellps=clrk66" +"+ellps=clrk80" +"+ellps=everest" +"+ellps=evrstSS" +"+ellps=fschr60m" +"+ellps=helmert" +"+ellps=intl" +"+ellps=krass" +"+ellps=mod_airy" +"+ellps=sphere" + +# other various valid types +"+epoch=1988" +"+gamma=53d7" +"+geoidgrids=egm08_25" +"+geoidgrids=g2012a_conus" +"+lastupdate=1993" +"+lat_0=44d00" +"+lat_0=46" +"+lat_1=18d49" +"+lat_2=40d43" +"+lat_ts=33" +"+llps=bessel" +"+llps=clrk66" +"+lon_0=7" +"+lon_1=62" +"+lon_2=53" +"+lonc=78d00" +"+lpha=55d40" +"+nadgrids=MD" +"+nadgrids=chenyx06etrs" +"+nadgrids=conus" +"+nadgrids=ntf_r93" +"+nadgrids=ntv1_can" +"+nadgrids=ntv2_0" +"+nadgrids=null" +"+north=0" +"+north_square=0" +"+o_lat_p=LAT_POLE" +"+o_lon_p=LON_POLE" +"+o_proj=moll" +"+origin=EPSG" +"+origin=Esri" +"+origin=IGNF" +"+origin=Swisstopo" +"+origin=ftp" +"+origin=http" +"+pm=jakarta" +"+pm=lisbon" +"+pm=madrid" +"+pm=oslo" +"+pm=paris" +"+pm=rome" +"+pm=stockholm" +"+title=Amsterdam" +"+towgs84=103" +"+units=ft" +"+units=km" +"+units=link" +"+units=m" +"+units=us" +"+vunits=m" +"+vunits=us" + +# binary prefix for line 3 +"BINARY2D:" +"BINARY3D:" + +# floating point numbers +"-0.100000 " +"0.000000 " +"0.100000 " +"1.100000 " +"4294967295.000000 " +"9007199254740992.000000 " +"\x9a\x99\x99\x99\x99\x99\xf1\xbf" +"\x9a\x99\x99\x99\x99\x99\xb9\xbf" +"\x00\x00\x00\x00\x00\x00\x00\x00" +"\x9a\x99\x99\x99\x99\x99\xb9\x3f" +"\x9a\x99\x99\x99\x99\x99\xf1\x3f" +"\x00\x00\xe0\xff\xff\xff\xef\x41" +"\x00\x00\x00\x00\x00\x00\x40\x43" + + +# valid prefixes +"+R=" +"+RES=" +"+W=" +"+a=" +"+alpha=" +"+axis=" +"+azi=" +"+b=" +"+bs=" +"+d=" +"+datum=" +"+depmode=" +"+dest=" +"+dir=" +"+drx=" +"+dry=" +"+drz=" +"+ds=" +"+dx=" +"+dy=" +"+dz=" +"+e=" +"+ellps=" +"+epoch=" +"+es=" +"+f=" +"+files=" +"+flg=" +"+gamma=" +"+geoidgrids=" +"+h=" +"+has_opt=" +"+init=" +"+k=" +"+k_0=" +"+lastupdate=" +"+lat_0=" +"+lat_1=" +"+lat_2=" +"+lat_ts=" +"+lib=" +"+list=" +"+lon_0=" +"+lon_1=" +"+lon_2=" +"+lon_wrap=" +"+lonc=" +"+nadgrids=" +"+north=" +"+north_square=" +"+o_lat_p=" +"+o_lon_p=" +"+o_proj=" +"+origin=" +"+path=" +"+phdg_0=" +"+plat_0=" +"+plon_0=" +"+pm=" +"+prefix=" +"+proj=" +"+r_a=" +"+rf=" +"+rx=" +"+ry=" +"+rz=" +"+s=" +"+skip_next=" +"+south=" +"+south_square=" +"+srcdirstrip=" +"+sweep=" +"+target_option=" +"+title=" +"+to_meter=" +"+topsrcdirstrip=" +"+towgs84=" +"+units=" +"+version=" +"+vunits=" +"+x=" +"+x_0=" +"+y=" +"+y_0=" +"+z=" +"+zone=" diff --git a/dictionaries/protobuf.dict b/dictionaries/protobuf.dict new file mode 100644 index 00000000..08a26738 --- /dev/null +++ b/dictionaries/protobuf.dict @@ -0,0 +1,40 @@ +# Keywords taken from https://developers.google.com/protocol-buffers/docs/reference/proto2-spec + +bool="bool" +bytes="bytes" +double="double" +enum="enum" +extend="extend" +extension="extension" +false="false" +fixed32="fixed32" +fixed64="fixed64" +float="float" +group="group" +import="import" +inner="inner" +int32="int32" +int64="int64" +map="map<" +message="message" +option="option" +optional="optional" +package="package" +public="public" +repeated="repeated" +required="required" +reserved="reserved" +returns="returns" +rpc="rpc" +service="service" +sfixed32="sfixed32" +sfixed64="sfixed64" +sint32="sint32" +sint64="sint64" +stream="stream" +string="string" +syntax="syntax" +true="true" +uint32="uint32" +uint64="uint64" +weak="weak" \ No newline at end of file diff --git a/dictionaries/ps.dict b/dictionaries/ps.dict new file mode 100644 index 00000000..af280f66 --- /dev/null +++ b/dictionaries/ps.dict @@ -0,0 +1,433 @@ +# https://web.archive.org/web/20170218093716/https://www.adobe.com/products/postscript/pdfs/PLRM.pdf +# TODO(jvoisin) Add more, starting from page 318 + + +header="%!PS" + +#types +"array" +"packedarray" +"dict" +"string" +"userdict" +"$error" +"statusdict" +"FontDirectory" +"globaldict" +"systemdict" +"GlobalFontDirectory" +"Order" +"DateSource" +"BitsPerSample" +"Encode" +"Decode" +"Size" + +# Stack operators +"dup" +"exch" +"pop" +"copy" +"roll" +"index" +"mark" +"clear" +"count" +"counttomark" +"cleartomark" + +# maths +"add" +"sub" +"mul" +"div" +"idiv" +"mod" +"abs" +"neg" +"ceiling" +"floor" +"round" +"truncate" +"sqrt" +"exp" +"ln" +"log" +"rand" +"srang" +"rrand" + +# arrays +"get" +"put" +"copy" +"length" +"forall" +"getinterval" +"putinterval" +"aload" +"astore" +"mark" +"setpacking" +"currentpacking" +"begin" +"end" +"def" +"store" +"load" +"where" +"countdictstack" +"cleardictstack" +"dictstack" +"known" +"maxlength" +"undef" +"<<" +">>" +"search" +"anchorsearch" +"token" + +# relational operators +"eq" +"ne" +"gt" +"ge" +"lt" +"le" +"and" +"or" +"xor" +"true" +"false" +"bitshift" + + +#control operators +"if" +"else" +"ifelse" +"exec" +"for" +"repeat" +"loop" +"forall" +"pathforall" +"kshow" +"exit" +"countexecstack" +"execstack" +"stop" +"errordict" +"stopped" + + +# type +"type" +"xcheck" +"rcheck" +"wcheck" +"cvlit" +"cvx" +"readonly" +"executeonly" +"noacces" +"cvi" +"cvr" +"cns" +"cvs" +"cvrs" + +#misc +"print" +"invalidaccess" +"gcheck" +"showpage" +"currentgstate" +"currentfile" +"status" +"byteavailable" +"setdevparams" +"currentdevparams" +"Predictor" +"Columns" +"Colors" +"BitsPerComponent" +"Uncompressed" +"EndOfLine" +"EncodedByteAlign" +"EndOfBlock" +"Blackls1" +"DamagedRowsBeforeError" +"CloseTarget" +"HuffTables" +"ColorTransform" + + +# vm +"load" +"save" +"restore" +"setglobal" +"grestoreall" +"invalidrestore" +"startjob" +"exitserver" + +# User objects +"defineuserobject" +"undefineuserobject" +"execuserobject" +"UserObjects" + +#i/o +"read" +"write" +"readstring" +"readline" +"writestring" +"readhexstring" +"writehexstring" +"token" +"flush" +"flushfile" + + +# files +"file" +"deletefile" +"renamefile" +"status" +"filenameforall" +"setfileposition" +"fileposition" +"%stdin" +"%stdout" +"%stderr" +"%statementedit" +"%lineedit" + +# Filters +"ASCII85Decode" +"ASCII85Encode" +"ASCIIHexDecode" +"ASCIIHexEncode" +"Decode" +"Encode" +"RunLengthEncode" +"RunLengthDecode" +"CCITTFaxEncode" +"CCITTFaxDecode" +"DCTEncode" +"DCTDecode" +"ReusableStreamDecode" +"NullEncode" +"SubFileDecode" +"filter" +"LWZEncode" +"LWZDecode" +"FlateEncode" +"FlateDecode" +"EODCount" +"EODString" +"CloseSource" + + +# Resources +"findresource" +"resourcestatus" +"resourceforall" +"definerresource" +"undefineresource" +"findfont" +"definefont" +"resourcestatsu" +"Font" +"CIDFont" +"CMap" +"FontSet" +"Encoding" +"Form" +"Pattern" +"ProcSet" +"ColorSpace" +"Halftone" +"ColorRendering" +"IdiomSet" +"Inkparam" +"TrapParams" +"OutputDevice" +"Controllangue" +"Localization" +"PDL" +"HWOptions" +"Filter" +"ColorSpaceFamily" +"Emulator" +"IODevice" +"ColorRenderingType" +"FMapType" +"FontType" +"FormType" +"HalftoneType" +"ImageType" +"PatternType" +"FunctionType" +"ShadingType" +"TrappingType" +"Category" +"Generic" +"BitMapFontInit" +"CIDInit" +"ColorRendering" +"FontSetInit" +"Trapping" +"ColorSpace" +"ColorSpaceFamily" +"sethalftone" +"DefineResource" +"UndefineResource" +"FindResource" +"ResourceStatus" +"ResourceForAll" +"Category" +"InstaceType" +"ResourceFileName" +"Intent" +"AsyncRead" +"Times-Roman" + + +# Error handling +"errorname" +"errorinfo" +"command" +"newerror" +"ostack" +"estack" +"dstack" +"recordstacks" +"binary" +"bind" +"average" + + +# Image models +"CTM" +"DeviceGray" +"arc" +"arcn" +"artct" +"clip" +"cliprestore" +"clipsave" +"closepath" +"currentlinewidth" +"curveto" +"fill" +"grestone" +"gsave" +"image" +"ineofill" +"infill" +"instroke" +"inueofill" +"inustroke" +"lineto" +"moveto" +"newpath" +"nocurrentpoint" +"path" +"position" +"rcurveto" +"rlineto" +"setbox" +"setlinewidth" +"show" +"stroke" +"ucache" +"ufill" +"ustroke" +"cvlit" +"ufill" +"ueofill" +"rectfill" +"rectstoke" +"rectclip" +"execform" +"FormType" +"XIUD" +"BBox" +"Matrix" +"PaintProc" +"Implementation" + + +# Colorspace +"setcolorspace" +"setgray" +"setrgbcolor" +"setcmykcolor" +"image" +"colorimage" +"sethsbcolor" +"CIEBasedABC" +"CIEBasedA" +"CIEBaseDEF" +"CIEBaseDEFG" +"Pattern" +"Indexed" +"Separation" +"DeviceN" +"setpattern" +"currentgray" +"currentrgbcolor" +"currentcmykcolor" +"setcachedevice" +"setcachedevice2" +"BuildGlyph" +"BuildChar" +"CharString" +"shfill" +"setundercolorremoval" +"settransfer" +"setscreen" +"sethalftone" +"setcolortransfer" +"DeviceRGB" +"DeviceCMYK" +"DeviceGray" +"RangeABC" +"DecodeABC" +"MatrixABC" +"RangeLMN" +"DecodeLMN" +"MatrixLMN" +"WhitePoint" +"BlackPoint" + + +# Patterns +"PatternType" +"XUID" +"PaintProc" +"BBox" +"XStep" +"YStep" +"PaintType" +"TilingType" +"Implementation" +"Shading" +"ShadingType" +"AntiAlias" +"Coords" +"BitsPerFlag" +"BitsPerCoordinate" +"MultipleDataSources" + + +# Misc things +"[-1, 1, -1, 1]" +"[-1 1]" +"1337" +"<</" \ No newline at end of file diff --git a/dictionaries/psd.dict b/dictionaries/psd.dict new file mode 100644 index 00000000..fefb8869 --- /dev/null +++ b/dictionaries/psd.dict @@ -0,0 +1,180 @@ +# https://www.adobe.com/devnet-apps/photoshop/fileformatashtml/ + +"8BPS" +"8BIM" +"8B64" + +# blend mode keys +"pass" +"norm" +"diss" +"dark" +"mul " +"idiv" +"lbrn" +"dkCl" +"lite" +"scrn" +"deiv" +"lddg" +"lgCl" +"over" +"sLit" +"hLit" +"vLit" +"lLit" +"pLit" +"hMix" +"diff" +"smud" +"fsub" +"fdiv" +"hue " +"sat " +"colr" +"lum " + +# adjustment layers +"SoCo" +"GdFl" +"PtFl" +"brit" +"levl" +"curv" +"expA" +"vibA" +"hue " +"hue2" +"blnc" +"blwh" +"phfl" +"mixr" +"clrL" +"nvrt" +"post" +"thrs" +"grdm" +"selc" + +# effect signatures +"cmnS" +"dsdw" +"isdw" +"oglw" +"iglw" +"bevl" +"sofi" + +# keys +"Layr" +"Lr16" +"Lr32" +"TySh" +"tySt" +"lrFX" +"luni" +"lyid" +"lfx2" +"Patt" +"Pat2" +"Pat3" +"Anno" +"clbl" +"infx" +"knko" +"lspf" +"lclr" +"fxrp" +"grdm" +"lsct" +"brst" +"SoCo" +"PtFl" +"GdFl" +"vmsk" +"vsms" +"vscg" +"ffxi" +"lnsr" +"shpa" +"shmd" +"lyvr" +"tsly" +"lmgm" +"vmgm" +"brit" +"mixr" +"clrL" +"plLd" +"lnkD" +"lnk2" +"lnk3" +"phfl" +"blwh" +"CgEd" +"Txt2" +"vibA" +"pths" +"anFX" +"FMsk" +"SoLd" +"vstk" +"vscg" +"sn2P" +"vogk" +"PxSc" +"cinf" +"PxSD" +"artb" +"artd" +"abdd" +"SoLE" +"Mtrn" +"Mt16" +"Mt32" +"LMsk" +"expA" +"FXid" +"FEid" + +# color handling +"conv" +"avod" +"lumi" + +# descriptor structure +"obj " +"Objc" +"VlLs" +"doub" +"UntF" +"TEXT" +"enum" +"long" +"comp" +"bool" +"GlbO" +"type" +"GlbC" +"alis" +"tdta" + +# reference structure +"prop" +"Clss" +"Enmr" +"rele" +"Idnt" +"indx" +"name" + +# misc +"txtA" +"sndA" +"txtC" +"sndM" +"plcL" +"liFD" +"liFE" +"lifA" +"soLD" diff --git a/dictionaries/regexp.dict b/dictionaries/regexp.dict index 4e2d7a0f..07b890a0 100644 --- a/dictionaries/regexp.dict +++ b/dictionaries/regexp.dict @@ -8,249 +8,237 @@ # # Contributed by Dhiraj Mishra <dhiraj@inputzero.io> # -"?" -"abc" -"()" -"[]" -"abc|def" -"abc|def|ghi" -"^xxx$" -"ab\\b\\d\\bcd" -"\\w|\\d" -"a*?" -"abc+" -"abc+?" -"xyz?" -"xyz??" -"xyz{0,1}" -"xyz{0,1}?" -"xyz{93}" -"xyz{1,32}" -"xyz{1,32}?" -"xyz{1,}" -"xyz{1,}?" -"a\\fb\\nc\\rd\\te\\vf" -"a\\nb\\bc" -"(?:foo)" -"(?: foo )" -"foo|(bar|baz)|quux" -"foo(?=bar)baz" -"foo(?!bar)baz" -"foo(?<=bar)baz" -"foo(?<!bar)baz" "()" +"(?<!)" +"(?<=)" "(?=)" +"?" +"[\\[\\]\\{\\}\\(\\)\\%\\^\\#\\ ]" "[]" -"[x]" -"[xyz]" -"[a-zA-Z0-9]" -"[-123]" -"[^123]" +"\\[\\]\\{\\}\\(\\)\\%\\^\\#\\ " "]" +"{" +"{,}" +"{}" "}" -"[a-b-c]" -"[x\\dz]" -"[\\d-z]" -"[\\d-\\d]" -"[z-\\d]" -"\\cj\\cJ\\ci\\cI\\ck\\cK" -"\\c!" -"\\c_" -"\\c~" -"[\\c!]" -"[\\c_]" -"[\\c~]" -"[\\ca]" -"[\\cz]" -"[\\cA]" -"[\\cZ]" -"[\\c1]" -"\\[\\]\\{\\}\\(\\)\\%\\^\\#\\ " -"[\\[\\]\\{\\}\\(\\)\\%\\^\\#\\ ]" -"\\8" -"\\9" -"\\11" -"\\11a" +"[\\0]" +"[\\00011]" +"[\\011]" "\\011" -"\\118" +"?:\\1" +"[\\11]" +"\\11" +"[\\111]" "\\111" +"[\\1111]" "\\1111" -"(x)(x)(x)\\1" -"(x)(x)(x)\\2" -"(x)(x)(x)\\3" -"(x)(x)(x)\\4" -"(x)(x)(x)\\1*" -"(x)(x)(x)\\3*" -"(x)(x)(x)\\4*" -"(x)(x)(x)(x)(x)(x)(x)(x)(x)(x)\\10" -"(x)(x)(x)(x)(x)(x)(x)(x)(x)(x)\\11" -"(a)\\1" -"(a\\1)" -"(\\1a)" -"(\\2)(\\1)" -"(?=a){0,10}a" -"(?=a){1,10}a" -"(?=a){9,10}a" -"(?!a)?a" +"\\1112" +"[\\118]" +"\\118" +"[\\11a]" +"\\11a" +"{12," +"[-123]" +"[^123]" +"{12,3b" +"\\1\\2(a(?:\\1\\2))\\2)\\1" +"\\1\\2(a(?:\\1(b\\1\\2))\\2)\\1" +"\\1\\2(b\\1\\2))\\2)\\1" "\\1(a)" -"(?!(a))\\1" +"(\\1a)" "(?!\\1(a\\1)\\1)\\1" -"\\1\\2(a(?:\\1(b\\1\\2))\\2)\\1" -"[\\0]" -"[\\11]" -"[\\11a]" -"[\\011]" -"[\\00011]" -"[\\118]" -"[\\111]" -"[\\1111]" -"\\x60" -"\\x3z" -"\\c" -"\\u0034" -"\\u003z" -"foo[z]*" -"\\u{12345}" -"\\u{12345}\\u{23456}" -"\\u{12345}{3}" -"\\u{12345}*" -"\\ud808\\udf45*" -"[\\ud808\\udf45-\\ud809\\udccc]" +"\\1(b\\1\\2))\\2)\\1" +"{1z}" +"(\\2)(\\1)" +"\\8" +"\\9" +"{93}" +"(?:a*)*" +"(?:a*)+" +"(?:a+)*" +"(?:a+)+" +"(?:a+)?" +"(?:a?)*" +"(?:a?)+" +"(?:a?)?" +"(?:a?)??" +"(?<!a)" +"(?<=a)" +"(?<a>)" +"(?<a>.)" +"(a)" "a" -"a|b" -"a\\n" -"a$" -"a\\b!" -"a\\Bb" "a*?" +"a+" +"a+?" +"a." "a?" "a??" +"a{" +"a{,}" +"a{}" +"a$" +"a{0}" +"(?:a+){0,0}" "a{0,1}?" -"a{1,2}?" -"a+?" -"(a)" +"(?=a){0,10}a" +"(?!(a))\\1" "(a)\\1" -"(\\1a)" -"\\1(a)" -"a\\s" -"a\\S" -"a\\D" -"a\\w" -"a\\W" -"a." -"a\\q" -"a[a]" +"(a\\1)" +"(?=a){1,10}a" +"a{1,2}?" +"a{12," +"a{12,3b" +"a{12z}" +"a{12za?)?" +"(?:a{5,1000000}){3,1000000}" +"(?=a){9,10}a" +"(?!a)?a" "a[^a]" -"a[a-z]" -"a(?:b)" -"a(?=b)" -"a(?!b)" -"\\x60" -"\\u0060" -"\\cA" -"\\q" -"\\1112" -"(a)\\1" +"a[a]" "(?!a)?a\\1" "(?:(?=a))a\\1" -"a{}" -"a{,}" -"a{" -"a{z}" -"a{12z}" -"a{12," -"a{12,3b" -"{}" -"{,}" -"{" -"{z}" -"{1z}" -"{12," -"{12,3b" -"a" -"abc" -"a[bc]d" -"a|bc" -"ab|c" -"a||bc" +"a[a-z]" "(?:ab)" -"(?:ab|cde)" -"(?:ab)|cde" -"(ab)" -"(ab|cde)" -"(ab)\\1" -"(ab|cde)\\1" -"(?:ab)?" "(?:ab)+" -"a?" -"a+" -"a??" -"a*?" -"a+?" -"(?:a?)?" -"(?:a+)?" -"(?:a?)+" -"(?:a*)+" -"(?:a+)+" -"(?:a?)*" -"(?:a*)*" -"(?:a+)*" -"a{0}" -"(?:a+){0,0}" +"(?:ab)?" +"(ab)" +"a(?!b)" +"a(?:b)" +"a(?=b)" "a*b" "a+b" +"a\\b!" +"a|b" +"a*b\\+\\|[0-9]\\|\\d{1,9}" +"(ab)\\1" +"(?:ab){4,7}" +"a\\Bb" +"a(?!bbb|bb)c" +"a(?=bbb|bb)c" +"ab\\b\\d\\bcd" +"[a-b-c]" +"a(?=b)c" "a*b|c" "a+b|c" -"(?:a{5,1000000}){3,1000000}" -"(?:ab){4,7}" "a\\bc" +"a||bc" +"a|bc" +"ab|c" +"abc" +"abc+" +"abc+?" +"a[bc]d" +"(?:ab)|cde" +"(?:ab|cde)" +"(ab|cde)" +"(ab|cde)\\1" +"abc|def" +"abc|def|ghi" +"a\\D" +"a\\fb\\nc\\rd\\te\\vf" +"(?<a>.)\\k<a>" +"a\\n" +"a\\nb\\bc" +"a\\q" +"a\\s" +"a\\S" "a\\sc" "a\\Sc" -"a(?=b)c" -"a(?=bbb|bb)c" -"a(?!bbb|bb)c" -"\xe2\x81\xa3" -"[\xe2\x81\xa3]" -"\xed\xb0\x80" -"\xed\xa0\x80" -"(\xed\xb0\x80)\x01" -"((\xed\xa0\x80))\x02" -"\xf0\x9f\x92\xa9" -"\x01" -"\x0f" -"[-\xf0\x9f\x92\xa9]+" -"[\xf0\x9f\x92\xa9-\xf4\x8f\xbf\xbf]" -"(?<=)" -"(?<=a)" -"(?<!)" -"(?<!a)" -"(?<a>)" -"(?<a>.)" -"(?<a>.)\\k<a>" -"\\p{Script=Greek}" -"\\P{sc=Greek}" -"\\p{Script_Extensions=Greek}" -"\\P{scx=Greek}" -"\\p{General_Category=Decimal_Number}" +"a\\w" +"a\\W" +"a?)"xyz{93}" +"a{z}" +"[a-zA-Z0-9]" +"[\\c!]" +"[\\c_]" +"[\\c~]" +"\\c!" +"\\c" +"\\c_" +"\\c~" +"[\\c1]" +"[\\ca]" +"[\\cA]" +"\\cA" +"\\cj\\cJ\\ci\\cI\\ck\\cK" +"[\\cz]" +"[\\cZ]" +"/^\\d*\\./" +"/\\d{1,2}\\/\\d{1,2}\\/\\d{4}/" +"\\[DataMember\\((.+?)\\)\\]" +"[\\d-\\d]" +"[\\d-z]" +"(?: foo )" +"(?:foo)" +"foo(?=bar)bar)az" +"foo(?=bar)bar)baz" +"foo(?!bar)baz" +"foo(?<!bar)baz" +"foo(?<=bar)baz" +"foo(?=bar)baz" +"foo|(bar|baz)|quux" +"fo(?o(?o(?o(?=bar)baz" +"foo[z]*" +"\\P{Any}" +"\\p{Changes_When_NFKC_Casefolded}" +"\\P{Decimal_Number}" "\\P{gc=Decimal_Number}" "\\p{gc=Nd}" -"\\P{Decimal_Number}" +"\\p{General_Category=Decimal_Number}" "\\p{Nd}" -"\\P{Any}" -"\\p{Changes_When_NFKC_Casefolded}" -"(?:a?)??" -"a?)"xyz{93}" -"{93}" -"a{12za?)?" +"\\P{sc=Greek}" +"\\p{Script_Extensions=Greek}" +"\\p{Script=Greek}" +"\\P{scx=Greek}" +"\\q" +"\\u0034" +"\\u003z" +"\\u0060" +"\\u{12345}" +"\\u{12345}*" +"\\u{12345}{3}" +"\\u{12345}\\u{23456}" +"\\ud808\\udf45*" +"[\\ud808\\udf45-\\ud809\\udccc]" +"\\w|\\d" +"[x]" +"\x01" +"\x0f" +"\\x3z" +"\\x60" "[\x8f]" -"[\xf0\x9f\x92\xa9-\xf4\x8f\xbf\x92\xa9-\xf4\x8f\xbf\xbf]" "[\x92\xa9-\xf4\x8f\xbf\xbf]" -"\\1\\2(b\\1\\2))\\2)\\1" -"\\1\\2(a(?:\\1\\2))\\2)\\1" -"?:\\1" -"\\1(b\\1\\2))\\2)\\1" -"\\1\\2(a(?:\\1(b\\1\\2))\\2)\\1" -"foo(?=bar)bar)baz" -"fo(?o(?o(?o(?=bar)baz" -"foo(?=bar)baz" -"foo(?=bar)bar)az" +"[x\\dz]" +"[\xe2\x81\xa3]" +"\xe2\x81\xa3" +"\xed\xa0\x80" +"((\xed\xa0\x80))\x02" +"\xed\xb0\x80" +"(\xed\xb0\x80)\x01" +"[-\xf0\x9f\x92\xa9]+" +"\xf0\x9f\x92\xa9" +"[\xf0\x9f\x92\xa9-\xf4\x8f\xbf\x92\xa9-\xf4\x8f\xbf\xbf]" +"[\xf0\x9f\x92\xa9-\xf4\x8f\xbf\xbf]" +"^xxx$" +"(x)(x)(x)\\1" +"(x)(x)(x)\\1*" +"(x)(x)(x)\\2" +"(x)(x)(x)\\3" +"(x)(x)(x)\\3*" +"(x)(x)(x)\\4" +"(x)(x)(x)\\4*" +"(x)(x)(x)(x)(x)(x)(x)(x)(x)(x)\\10" +"(x)(x)(x)(x)(x)(x)(x)(x)(x)(x)\\11" +"[xyz]" +"xyz?" +"xyz??" +"xyz{0,1}" +"xyz{0,1}?" +"xyz{1,}" +"xyz{1,}?" +"xyz{1,32}" +"xyz{1,32}?" +"xyz{93}" +"{z}" +"[z-\\d]" diff --git a/dictionaries/riff.dict b/dictionaries/riff.dict new file mode 100644 index 00000000..627c72e7 --- /dev/null +++ b/dictionaries/riff.dict @@ -0,0 +1,17 @@ +# https://developers.google.com/speed/webp/docs/riff_container + +# FourCC +"ALPH" +"ANIM" +"ANMF" +"EXIF" +"ICCP" +"RIFF" +"VP8 " +"VP8L" +"VP8X" +"WEBP" +"XMP " + +# VP8 signature +"\x9D\x01\x2A" diff --git a/dictionaries/rss.dict b/dictionaries/rss.dict new file mode 100644 index 00000000..8dfb3340 --- /dev/null +++ b/dictionaries/rss.dict @@ -0,0 +1,31 @@ +# https://en.wikipedia.org/wiki/RSS + +"<?xml version='1.0' encoding='UTF-8' ?>" +"<rss version='2.0'>" +"<author>" +"<category>" +"<channel>" +"<cloud>" +"<comments>" +"<copyright>" +"<description>" +"<docs>" +"<enclosure>" +"<generator>" +"<guid>" +"<image>" +"<item>" +"<language>" +"<lastBuildDate>" +"<link>" +"<managingEditor>" +"<pubDate>" +"<rating>" +"<skipDays>" +"<skipHours>" +"<source>" +"<textInput>" +"<title>" +"<ttl>" +"<url>" +"<webMaster>" diff --git a/dictionaries/rst.dict b/dictionaries/rst.dict new file mode 100644 index 00000000..bdad2338 --- /dev/null +++ b/dictionaries/rst.dict @@ -0,0 +1,21 @@ +# https://docutils.readthedocs.io/en/sphinx-docs/ref/rst/restructuredtext.html + +bold="**" +list1="1. " +list2="(1) " +list3="1) " +list4="I. " +list5="i. " +list6="* " +list7="- " +list8="+ " +end_of_paragraph="::" +title="=====" +image=".. image:: " +image_attr=" :a: 1" +doctest=">>>" +table1="+--+"" +table2="+==+"" +footnote_and_citation=".. [a] " +hyperlink=".. _a: http://a " +macro=".. |b| a" diff --git a/dictionaries/rtf.dict b/dictionaries/rtf.dict new file mode 100644 index 00000000..8b8f0cad --- /dev/null +++ b/dictionaries/rtf.dict @@ -0,0 +1,419 @@ +# http://latex2rtf.sourceforge.net/RTF-Spec-1.0.txt + +# charset +"\\ansi" +"\\mac" +"\\pca" + +# font table +"\\fnil" +"\\fswiss" +"\\fmodern" +"\\fscript" +"\\fdecor" +"\\ftech" + + +# stylesheet +"\\sbasedon" +"\\snext" +"\\keycode" + + +# colors +"\\red" +"\\green" +"\\blue" +"\\cf" +"\\cb" + +# pictures +"\\macpict" +"\\pmmetafile" +"\\wmetafile" +"\\dibitmap" +"\\wbitmap" +"\\wbmbitspixel" +"\\wbmplanes" +"\\wbmwidthbytes" +"\\picw" +"\\pich" +"\\picwgoal" +"\\pichgoal" +"\\picscaley" +"\\picscaled" +"\\piccropt" +"\\piccropb" +"\\piccropl" +"\\piccropr" +"\\brdrs" +"\\brdrdb" +"\\brdrth" +"\\brdrsh" +"\\brdrdot" +"\\brdrhair" +"\\brdrw" +"\\brdrcf" +"\\shading" +"\\bghoriz" +"\\bgvert" +"\\bgfdiag" +"\\bgbdiag" +"\\bgcross" +"\\bgdcross" +"\\bgdkhoriz" +"\\bgdkvert" +"\\bgdkfdiag" +"\\bgdkbdiag" +"\\bgdkcross" +"\\bgdkdcross" +"\\cfpat" +"\\cbpat" +"\\bin" +"MM_TEXT" +"MM_LOMETRIC" +"MM_HIMETRIC" +"MM_LOENGLISH" +"MM_HIENGLISH" +"MM_TWIPS" +"MM_ISOTROPIC" +"MM_ANISOTROPIC" +"PU_ARBITRARY" +"PU_PELS" +"PU_LOMETRIC" +"PU_HIMETRIC" +"PU_LOENGLISH" +"PU_HIENGLISH" +"PU_TWIPS" + +# headers and gooters +"\headerr" +"\headerf" +"\footerl" +"\footerr" +"\footerf" + +# misc +"\\chftn" +"\\*\\footnote" +"\\*\\annotation" +"\\bxe" +"\\ixe" +"\\tcf" +"\\tcl" +"\\*\\bkmkstart" +"\\*\\bkmkend" + +# metadata +"\\title" +"\\subject" +"\\author" +"\\operator" +"\\keywords" +"\\comment" +"\\version" +"\\doccomm" +"\\vern" +"\\creatim" +"\\revtim" +"\\printim" +"\\buptim" +"\\edmins" +"\\yr" +"\\mo" +"\\dy" +"\\hr" +"\\min" +"\\nofpages" +"\\nofwords" +"\\nofchars" +"\\id" +"\\flddirty" +"\\fldedit" +"\\fldlock" +"\\fldpriv" + +# objects +"\\objemb" +"\\objlink" +"\\objautlink" +"\\objsub" +"\\objicemb" +"\\linkself" +"\\objlock" +"\\objclass" +"\\objname" +"\\objh" +"\\objw" +"\\objsetsize" +"\\objtransy" +"\\objcropt" +"\\objcropb" +"\\objcropl" +"\\objcropr" +"\\objscalex" +"\\objscaley" +"\\objdata" +"\\objalias" +"\\objsect" +"\\rsltrtf" +"\\rsltpict" +"\\rsltbmp" +"\\rslttxt" +"\\rsltmerge" +"\\result" + +# macintosh editor +"\\bkmkpub" +"\\pubauto" +"\\objalias" +"\\objsect" + +# formating +"\\deftab" +"\\hyphhotz" +"\\linestart" +"\\fracwidth" +"\\*\nextfile" +"\\*\template" +"\\makebackup" +"\\defformat" +"\\psover" +"\\deflang" +"\\ftnsep" +"\\ftnsepc" +"\\ftncn" +"\\endnotes" +"\\enddoc" +"\\ftntj" +"\\ftnbj" +"\\ftnstart" +"\\ftnrestart" +"\\paperw" +"\\paperh" +"\\margl" +"\\margr" +"\\margt" +"\\margb" +"\\facingp" +"\\gutter" +"\\margmirror" +"\\landscape" +"\\pgnstart" +"\\widowctrl" +"\\revisions" +"\\revprop" +"\\revbar" +"\\sectd" +"\\endnhere" +"\\binfsxn" +"\\binsxn" +"\\sbknone" +"\\sbkcol" +"\\sbkpage" +"\\sbkeven" +"\\sbkodd" +"\\cols" +"\\colsx" +"\\linebetcol" +"\\linemod" +"\\linex" +"\\linestarts" +"\\linerestart" +"\\lineppage" +"\\linecont" +"\\pgwsxn" +"\\pghsxn" +"\\marglsxn" +"\\margrsxn" +"\\margtsxn" +"\\margbsxn" +"\\guttersxn" +"\\lndscpsxn" +"\\titlepg" +"\\headery" +"\\footery" +"\\pgnstarts" +"\\pgncont" +"\\pgnrestart" +"\\pgnx" +"\\pgny" +"\\pgndec" +"\\pgnucrm" +"\\pgnlcrm" +"\\pgnucltr" +"\\pgnlcltr" +"\\vertalt" +"\\vertal" +"\\vertalc" +"\\vertalj" +"\\pard" +"\\s" +"\\intbl" +"\\keep" +"\\keepn" +"\\noline" +"\\pagebb" +"\\sbys" +"\\ql" +"\\qr" +"\\qj" +"\\qc" +"\\fi" +"\\li" +"\\ri" +"\\sb" +"\\sa" +"\\sl" +"\\tx" +"\\tqr" +"\\tqc" +"\\tqdec" +"\\tb" +"\\tldot" +"\\tlhyph" +"\\tlul" +"\\tlth" +"\\tleq" +"\\brdrt" +"\\brdrb" +"\\brdrl" +"\\brdrr" +"\\brdrbtw" +"\\brdrbar" +"\\box" +"\\brdrs" +"\\brdrth" +"\\brdrsh" +"\\brdrdb" +"\\brdrdot" +"\\brdrhair" +"\\brdrw" +"\\brdrcf" +"\\brsp" +"\\shading" +"\\bghoriz" +"\\bgvert" +"\\bgfdiag" +"\\bgbdiag" +"\\bgcross" +"\\bgdcross" +"\\bgdkhoriz" +"\\bgdkvert" +"\\bgdkfdiag" +"\\bgdkbdiag" +"\\bgdkcross" +"\\bgdkdcross" +"\\cfpat" +"\\cbpat" +"\\absw" +"\\absh" +"\\phmrg" +"\\phpg" +"\\phcol" +"\\posx" +"\\posxc" +"\\posxi" +"\\posxo" +"\\posxr" +"\\posxl" +"\\pvmrg" +"\\pvpg" +"\\pvpara" +"\\posy" +"\\posyil" +"\\posyt" +"\\posyc" +"\\posyb" +"\\dxfrtext" +"\\dyfrtext" + +#tables +"\\trowd" +"\\trgaph" +"\\cellx" +"\\clmgf" +"\\clmrg" +"\\clbrdrt" +"\\clbrdrl" +"\\clbrdrr" +"\\trql" +"\\trqr" +"\\trqc" +"\\trleft" +"\\trrh" +"\\clshdng" +"\\clbghoriz" +"\\clbgvert" +"\\clbgfdiag" +"\\clbgbdiag" +"\\clbgcross" +"\\clbgdcross" +"\\clbgdkhor" +"\\clbgdkvert" +"\\clbgdkfdiag" +"\\clbgdkbdiag" +"\\clbgdkcross" +"\\clbgdkdcross" +"\\clcfpat" +"\\clcbpat" + +# char format +"\\plain" +"\\b" +"\\caps" +"\\deleted" +"\\dn" +"\\expnd" +"\\f" +"\\fs" +"\\i" +"\\outl" +"\\revised" +"\\scaps" +"\\shad" +"\\strike" +"\\ul" +"\\uld" +"\\uldb" +"\\ulnone" +"\\ulw" +"\\up" +"\\v" +"\\lang" + +# special chars +"\\chdate" +"\\chdpl" +"\\chdpa" +"\\chtime" +"\\chpgn" +"\\chftn" +"\\chatn" +"\\chftnsep" +"\\chftnsepc" +"\\cell" +"\\row" +"\\par" +"\\sect" +"\\page" +"\\column" +"\\line" +"\\tab" +"\\emdash" +"\\endash" +"\\bullet" +"\\lquote" +"\\rquote" +"\\ldblquote" +"\\rdblquote" +"\\|" +"\\~" +"\\-" +"\\_" +"\\:" +"\\*" +"\\'hh" +"\\alt" +"\\shift" +"\\ctrl" diff --git a/dictionaries/sas.dict b/dictionaries/sas.dict new file mode 100644 index 00000000..2c8d14b2 --- /dev/null +++ b/dictionaries/sas.dict @@ -0,0 +1,37 @@ +" " +"#" +"$" +"$CHAR" +"%LET" +"(" +")" +"*/" +"/*" +";" +"@" +"ATTRIB" +"CLEAR" +"CONTENTS" +"DATA" +"DATE" +"FILENAME" +"FOOTNOTE" +"FORMAT" +"IF" +"INFILE" +"INPUT" +"INVALUE" +"LABEL" +"LENGTH" +"LIBNAME" +"LIST" +"MISSING" +"OPTIONS" +"OTHER" +"PRINT" +"PROC" +"RUN" +"VALUE" +"_ALL_" +"dlm" +"firstobs" diff --git a/dictionaries/spss.dict b/dictionaries/spss.dict new file mode 100644 index 00000000..a9debe0e --- /dev/null +++ b/dictionaries/spss.dict @@ -0,0 +1,46 @@ +"(" +"(NOMINAL)" +"(ORDINAL)" +"(SCALE)" +")" +"." +"/" +"/VARIABLES" +"=" +" " +"A" +"ADATE" +"COMMENT" +"DATA" +"DATASET" +"DATE" +"DELIMITERS" +"DICTIONARY" +"DISPLAY" +"END" +"EXECUTE" +"F" +"FILE" +"FIRSTCASE" +"FIXED" +"FORMATS" +"HANDLE" +"IF" +"INPUT" +"LABEL" +"LABELS" +"LEVEL" +"LIST" +"NAME" +"OUTFILE" +"PROGRAM" +"RECODE" +"RECORD" +"SAVE" +"SELECT" +"SET" +"SYSMIS" +"TABLE" +"VALUE" +"VARIABLE" +"WINDOW" diff --git a/dictionaries/stata.dict b/dictionaries/stata.dict new file mode 100644 index 00000000..2c619db8 --- /dev/null +++ b/dictionaries/stata.dict @@ -0,0 +1,22 @@ +" " +")" +"*/" +"/*" +"_column(" +"_firstlineoffile(" +"_line(" +"_lines(" +"_lrecl(" +"_newline" +"_skip(" +"byte" +"dictionary" +"double" +"float" +"infile" +"int" +"long" +"str" +"using" +"{" +"}" diff --git a/dictionaries/svg.dict b/dictionaries/svg.dict new file mode 100644 index 00000000..36071baf --- /dev/null +++ b/dictionaries/svg.dict @@ -0,0 +1,170 @@ +# Keywords taken from +# - https://developer.mozilla.org/en-US/docs/Web/SVG/Tutorial/Introduction +# - https://css-tricks.com/svg-properties-and-css/ + +"<?xml version=\"1.0\" encoding=\"utf-8\"?>" +"standalone=" +"version=" +"encoding=" +"<?xml" +"?>" +"/>" +"<![CDATA[" + +# tags +"<svg" +"xmlns=\"http://www.w3.org/2000/svg\"" +"<a" +"<animate" +"<animateMotion" +"<animateTransform" +"<circle" +"<clipPath" +"<color-profile" +"<defs" +"<desc" +"<discard" +"<ellipse" +"<feBlend" +"<feColorMatrix" +"<feComponentTransfer" +"<feComposite" +"<feConvolveMatrix" +"<feDiffuseLighting" +"<feDisplacementMap" +"<feDistantLight" +"<feDropShadow" +"<feFlood" +"<feFuncA" +"<feFuncB" +"<feFuncG" +"<feFuncR" +"<feGaussianBlur" +"<feImage" +"<feMerge" +"<feMergeNode" +"<feMorphology" +"<feOffset" +"<fePointLight" +"<feSpecularLighting" +"<feSpotLight" +"<feTile" +"<feTurbulence" +"<filter" +"<foreignObject" +"<g" +"<hatch" +"<hatchpath" +"<image" +"<line" +"<linearGradient" +"<marker" +"<mask" +"<mesh" +"<meshgradient" +"<meshpatch" +"<meshrow" +"<metadata" +"<mpath" +"<path" +"<pattern" +"<polygon" +"<polyline" +"<radialGradient" +"<rect" +"<rect" +"<script" +"<script>" +"<set" +"<solidcolor" +"<stop" +"<style" +"<svg" +"<switch" +"<symbol" +"<text" +"<textArea" +"<textPath" +"<title" +"<title>" +"<tspan" +"<unknown" +"<use" +"<view" + + +# attributes +"alignment-baseline" +"baseline-shift" +"class" +"color" +"cursor" +"cx" +"cy" +"direction" +"display" +"dominant-baseline" +"editable" +"fill" +"fill-opacity" +"font-family" +"font-size" +"font-size-adjust" +"font-stretch" +"font-style" +"font-variant" +"font-weight" +"glyph-orientation-horizontal" +"glyph-orientation-vertical" +"gradientUnits" +"height" +"kerning"" +"letter-spacing" +"offset" +"overflow" +"patternContentUnits" +"pointer-events" +"points" +"rotate" +"rx" +"ry" +"spreadMethod" +"stop-color" +"stop-opacity" +"stroke" +"stroke-dasharray" +"stroke-linecap" +"stroke-linejoin" +"stroke-opacity" +"stroke-width" +"style" +"text-anchor" +"text-decoration" +"textlength" +"transform" +"unicode-bidi" +"visibility" +"width" +"word-spacing" +"writing-mode" +"x1" +"x2" +"y1" +"y2" + +# attributes' values +"bounding-Box" +"repeat" +"display" +"transparent" +"orange" +"round" +"butt" +"userSpaceOnUse" +"objectBoundingBox" +"square" +"miter" +"bevel" +"translate(" +"rotate(" +"matrix(" \ No newline at end of file diff --git a/dictionaries/tex.dict b/dictionaries/tex.dict new file mode 100644 index 00000000..ce40fff5 --- /dev/null +++ b/dictionaries/tex.dict @@ -0,0 +1,122 @@ +# main keywords + +"@article{" +"@conference{" +"@misc{" +"\\@." +"\\Huge" +"\\LARGE" +"\\LaTeX\\" +"\\Large" +"\\author{" +"\\begin{" +"\\caption" +"\\centering" +"\\chapter{" +"\\citeA{" +"\\citeNP" +"\\citeN{" +"\\citeyear{" +"\\cite{" +"\\cline{" +"\\date{" +"\\documentclass{" +"\\emph{" +"\\end{" +"\\footnotesize" +"\\footnote{" +"\\frac{" +"\\hline" +"\\hspace{" +"\\huge" +"\\includegraphics" +"\\item{" +"\\kill" +"\\label{" +"\\large" +"\\ldots" +"\\leq" +"\\linespread" +"\\maketitle{}" +"\\multicolumn{" +"\\newcommand{" +"\\noindent" +"\\normalfont{" +"\\normalsize" +"\\pagebreak" +"\\pageref{" +"\\pagestyle{" +"\\part{" +"\\prod_{" +"\\raggedleft" +"\\raggedright" +"\\ref{" +"\\rule{" +"\\scriptsize" +"\\section{" +"\\setcounter{" +"\\shortciteA{" +"\\shortciteNP" +"\\shortciteN{" +"\\shortcite{" +"\\small" +"\\sqrt{" +"\\subsection{" +"\\sum_{" +"\\tableofcontents" +"\\textbackslash" +"\\textbar" +"\\textbf{" +"\\textgreater" +"\\textit{" +"\\textless" +"\\textmd{" +"\\textnormal{" +"\\textrm{" +"\\textsc{" +"\\textsf{" +"\\textsl{" +"\\texttt{" +"\\textup{" +"\\tiny" +"\\title{" +"\\today" +"\\underline{" +"\\usepackage" +"\\vspace{" + + +# misc + +"abbrv" +"addres" +"article" +"book" +"center" +"description" +"document" +"draft" +"em" +"enumerate" +"equation" +"figure" +"flushleft" +"flushright" +"hyperref" +"itemize" +"landscape" +"letter" +"letterpaper" +"plain" +"publisher" +"quotation" +"quote" +"report" +"slides" +"tabular*" +"twocolumn" +"twoside" +"unsrt" +"verbatim*" +"verse" +"year" diff --git a/dictionaries/theme-load-fuzz.dict b/dictionaries/theme-load-fuzz.dict new file mode 100644 index 00000000..928b2a79 --- /dev/null +++ b/dictionaries/theme-load-fuzz.dict @@ -0,0 +1,9 @@ +"{" +"}" +"\"" +";" +"=" +"formats" +"replaces" +"abstracts" +"timestamp" diff --git a/dictionaries/tokener_parse_ex.dict b/dictionaries/tokener_parse_ex.dict new file mode 100644 index 00000000..23c6fa2c --- /dev/null +++ b/dictionaries/tokener_parse_ex.dict @@ -0,0 +1,18 @@ +"{" +"}" +"," +"[" +"]" +"," +":" +"e" +"e+" +"e-" +"E" +"E+" +"E-" +"\"" +"null" +"1" +"1.234" +"3e4" diff --git a/dictionaries/toml.dict b/dictionaries/toml.dict new file mode 100644 index 00000000..5fa58065 --- /dev/null +++ b/dictionaries/toml.dict @@ -0,0 +1,22 @@ +# https://github.com/toml-lang/toml + +key_value="a.b=\"c\"" +unicode="\\u1234" +unicode_long="\\u12345678" +true="true" +false="false" +multiline_literal="'''" +multiline="\"\"\"" +integer="+1_2_3_4" +negative_integer="-1" +hex="0xde_ad" +oct="0o6" +bin="0b1" +float="-6_3.6e-05" +nan="nan" +inf="inf" +time="1979-05-27T07:32:00Z" +array="[1,2]" +table="[a]" +inline_table="a={1=2,3=4}" +array_table="[[a]]" diff --git a/dictionaries/type42.dict b/dictionaries/type42.dict new file mode 100644 index 00000000..f0aac6bc --- /dev/null +++ b/dictionaries/type42.dict @@ -0,0 +1,25 @@ +# https://www.adobe.com/content/dam/acom/en/devnet/font/pdfs/5012.Type42_Spec.pdf +# This format is a super-set of postscript, so don't forget to use ps.dict as well + +magic="%!PS-TrueTypeFont" +"%%VMUsage:" +"/FontType" +"/FontMatrix" +"/FontName" +"/FontInfo" +"/Encoding" +"/FontBBox" +"/UniqueID" +"/XUID" +"/PaintType" +"/StrokeWidth" +"/Metrics" +"/Metrics2" +"/CDevProc" +"/CharStrings" +"/sfnts" +"/CIDMap" +"/GDBytes" +"/GlyphDirectory" +"/MetricsCount" +"/WMode" diff --git a/dictionaries/url.dict b/dictionaries/url.dict new file mode 100644 index 00000000..098f9053 --- /dev/null +++ b/dictionaries/url.dict @@ -0,0 +1,62 @@ +# https://en.wikipedia.org/wiki/Uniform_Resource_Identifier + +# scheme +"aim" +"callto" +"cvs" +"data" +"facetime" +"feed" +"file" +"ftp" +"git" +"gopher" +"gtalk" +"h323" +"hdl" +"http" +"https" +"imap" +"irc" +"irc6" +"ircs" +"itms" +"javascript" +"magnet" +"mailto" +"mms" +"msnim" +"news" +"nntp" +"prospero" +"rsync" +"rtsp" +"rtspu" +"sftp" +"shttp" +"sip" +"sips" +"skype" +"smb" +"snews" +"ssh" +"svn" +"svn" +"svn+ssh" +"telnet" +"tel" +"wais" +"ymsg" + +# encoded characters +"%2f" +"%40" +"%26" + +# misc +"://" +"//" +"\\" +"../" +";type=a" +"xn--" diff --git a/dictionaries/utf8.dict b/dictionaries/utf8.dict new file mode 100644 index 00000000..fecf163a --- /dev/null +++ b/dictionaries/utf8.dict @@ -0,0 +1,73 @@ +# https://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt + + +# Defines byteorder and endianess +byte_order="\xFE\xFF" + +# Reorder the display of text for RTL reading +right_to_left="\x20\x2E" + +# Mongolian Vowel Separator: invisible and has the whitespace property +invisible_separator="\x18\x03" + +# Invisible zero-width character. +word_join="\x20\x60" + +# Reserved code point +reserved="\xfe\xfe" + +# Invalid code point +invalid1="\xff\xff" +invalid2="\x01\xff\xff" +invalid3="\xfdd0" + +# unassigned code point +unassigned="\x0f\xed" + +# illegal low half-surrogate +illegal_low="\xde\xad" + +# illegal high half-surrogate +illegal_high="\xda\xad" + +# private use area code usbed by apple for its logo +apple="\xf8\xff" + +# hostname normalization +fullwidth_solidus="\xff\x0f" + +# numerical mapping and a value +bold_eight="\x01\xd7\xd6" + +# # U+00DF normalizes to "ss" during IDNA2003's mapping phase, +# different from its IDNA2008 mapping. See http://www.unicode.org/reports/tr46/ +weird="\x00\xdf" + +# U+FDFD expands by 11x (UTF-8) and 18x (UTF-16) under NFKC/NFKC +expansion="\xfd\xfd" + +# U+0390 expands by 3x (UTF-8) under NFD +expansion2="\x03\x90" + +# U+1F82 expands by 4x (UTF-16) under NFD +expansion3= "\x1F\x82" + +# U+FB2C expands by 3x (UTF-16) under NFC +expansion4="\xFB\x2C" + +# Lowecaser expansion: https://twitter.com/jifa/status/625776454479970304 +low_exp1="\x02\x3a" +low_exp2="\x02\x3e" +low_exp3="\x00\xdf" +low_exp4="\x1e\x9e" + +# Null byte +null="\x00\x00" +"\xfc\x80\x80\x80\x80\x80" +"fc\x80\x80\x80\x80\xaf" + +# Confusing new lines +"\x00\x1b" +"\x00\x85" +"\x20\x28" +"\x20\x29" \ No newline at end of file diff --git a/dictionaries/vcf.dict b/dictionaries/vcf.dict new file mode 100644 index 00000000..3043f611 --- /dev/null +++ b/dictionaries/vcf.dict @@ -0,0 +1,119 @@ +# https://en.wikipedia.org/wiki/VCard + +# Properties +"ADR;" +"AGENT:" +"ANNIVERSARY:" +"BDAY:" +"BEGIN:VCARD" +"BIRTHPLACE;" +"CALADRURI:" +"CALURI:" +"CATEGORIES:" +"CLASS:" +"CLIENTPIDMAP:" +"DEATHDATE:" +"DEATHPLACE;" +"EMAIL:" +"END:VCARD" +"EXPERTISE;" +"FBURL:" +"FN:" +"GENDER:" +"GEO:" +"HOBBY;" +"IMPP:" +"INTEREST;" +"KEY" +"KIND" +"LABEL;" +"LANG" +"LOGO" +"MAILER" +"N:" +"NAME:" +"NICKNAME:" +"NOTE:" +"ORG:" +"ORG-DIRECTORY:" +"PHOTO;" +"PRODID:" +"PROFILE:VCARD" +"RELATED;" +"REV:" +"ROLE:" +"SHORT-STRING:" +"SOUND;" +"SOURCES:" +"TEL;" +"TITLE:" +"TZ:" +"UID:" +"URL:" +"VERSION:3.0" +"XML:" + +# Extensions +"X-ABUID" +"X-AIM" +"X-ANNIVERSARY" +"X-ASSISTANT" +"X-EVOLUTION-ANNIVERSARY" +"X-EVOLUTION-ASSISTANT" +"X-EVOLUTION-BLOG-URL" +"X-EVOLUTION-CALLBACK" +"X-EVOLUTION-FILE-AS" +"X-EVOLUTION-LIST" +"X-EVOLUTION-LIST-SHOW_ADDRESSES" +"X-EVOLUTION-MANAGER" +"X-EVOLUTION-RADIO" +"X-EVOLUTION-SPOUSE" +"X-EVOLUTION-TELEX" +"X-EVOLUTION-TTYTDD" +"X-EVOLUTION-VIDEO-URL" +"X-GADUGADU" +"X-GENDER" +"X-GOOGLE-TALK," +"X-GROUPWISE" +"X-ICQ" +"X-JABBER" +"X-KADDRESSBOOK-BlogFeed" +"X-KADDRESSBOOK-OPENPGPFP" +"X-KADDRESSBOOK-X-Anniversary" +"X-KADDRESSBOOK-X-AssistantsName" +"X-KADDRESSBOOK-X-IMAddress" +"X-KADDRESSBOOK-X-ManagersName" +"X-KADDRESSBOOK-X-Office" +"X-KADDRESSBOOK-X-Profession" +"X-KADDRESSBOOK-X-SpouseName" +"X-MANAGER" +"X-MOZILLA-HTML" +"X-MOZILLA-PROPERTY" +"X-MS-CARDPICTURE" +"X-MS-IMADDRESS" +"X-MS-OL-DESIGN" +"X-MSN" +"X-PHONETIC-FIRST-NAME," +"X-SKYPE," +"X-SPOUSE" +"X-TWITTER" +"X-WAB-GENDER" +"X-WEBMONEY-ID" +"X-YAHOO" + +# Misc +"MEDIATYPE=" +"uri:tel" +"TYPE=HOME,PREF:" +"TYPE=PNG;" +"TYPE=WORK,VOICE:" +"x-qq:" +"ENCODING=b:" +"ENCODING=BASE64:" +"MEDIATYPE=" +"data:" +"application/gpg-keys;" +"image/png;" +"base64," +"audio/ogg" +"LEVEL=expert:" diff --git a/dictionaries/vhd.dict b/dictionaries/vhd.dict new file mode 100644 index 00000000..100f17b3 --- /dev/null +++ b/dictionaries/vhd.dict @@ -0,0 +1,10 @@ +# https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-VHDX/%5bMS-VHDX%5d.pdf + +magic="\x65\x6C\x69\x66\x78\x64\x68\x76" +head="\x64\x61\x65\x68" +regi="\x69\x67\x65\x72" +loge="\x65\x67\x6F\x6C" +zero="\x6F\x72\x65\x7A" +desc="\x63\x73\x65\x64" +data="\x61\x74\x61\x64" +metadata="\x61\x74\x61\x64\x61\x74\x65\x6D" diff --git a/dictionaries/vpx_dec.dict b/dictionaries/vpx_dec.dict new file mode 100644 index 00000000..c6dc1807 --- /dev/null +++ b/dictionaries/vpx_dec.dict @@ -0,0 +1,8 @@ +# IVF Signature + version (bytes 0-5) +kw1="DKIF\x00\x00" + +# VP9 codec fourCC (bytes 8-11) +kw2="VP90" + +# VP8 codec fourCC (bytes 8-11) +kw3="VP80" diff --git a/dictionaries/wav.dict b/dictionaries/wav.dict new file mode 100644 index 00000000..83a26d0b --- /dev/null +++ b/dictionaries/wav.dict @@ -0,0 +1,25 @@ +header="RIFF" +header_id="WAVE" + +fmt_chunk="fmt " +fact_chunk="fact" +data_chunk="data" +cue_chunk="cue " +playlist_chunk="plst" +list_chunk="list" +label_chunk="labl" +note_chunk="note" +labeled_text_chunk="ltxt" +sampler_chunk="smpl" +instrument_chunk="inst" + +# IFF extension: https://web.archive.org/web/20080114200405/http://www.borg.com/~jglatt/tech/aboutiff.htm +"FORM" +"LIST" +"CAT " +"ILBM" +"AIFF" +"ANIM" +"CMAP" +"MIDI" +"MThd" \ No newline at end of file diff --git a/dictionaries/webm.dict b/dictionaries/webm.dict new file mode 100644 index 00000000..04e174f2 --- /dev/null +++ b/dictionaries/webm.dict @@ -0,0 +1,152 @@ +# Element IDs. +IdEbml = "\x1A\x45\xDF\xA3" +IdEbmlVersion = "\x42\x86" +IdEbmlReadVersion = "\x42\xF7" +IdEbmlMaxIdLength = "\x42\xF2" +IdEbmlMaxSizeLength = "\x42\xF3" +IdDocType = "\x42\x82" +IdDocTypeVersion = "\x42\x87" +IdDocTypeReadVersion = "\x42\x85" +IdVoid = "\xEC" +IdSegment = "\x18\x53\x80\x67" +IdSeekHead = "\x11\x4D\x9B\x74" +IdSeek = "\x4D\xBB" +IdSeekId = "\x53\xAB" +IdSeekPosition = "\x53\xAC" +IdInfo = "\x15\x49\xA9\x66" +IdTimecodeScale = "\x2A\xD7\xB1" +IdDuration = "\x44\x89" +IdDateUtc = "\x44\x61" +IdTitle = "\x7B\xA9" +IdMuxingApp = "\x4D\x80" +IdWritingApp = "\x57\x41" +IdCluster = "\x1F\x43\xB6\x75" +IdTimecode = "\xE7" +IdPrevSize = "\xAB" +IdSimpleBlock = "\xA3" +IdBlockGroup = "\xA0" +IdBlock = "\xA1" +IdBlockVirtual = "\xA2" +IdBlockAdditions = "\x75\xA1" +IdBlockMore = "\xA6" +IdBlockAddId = "\xEE" +IdBlockAdditional = "\xA5" +IdBlockDuration = "\x9B" +IdReferenceBlock = "\xFB" +IdDiscardPadding = "\x75\xA2" +IdSlices = "\x8E" +IdTimeSlice = "\xE8" +IdLaceNumber = "\xCC" +IdTracks = "\x16\x54\xAE\x6B" +IdTrackEntry = "\xAE" +IdTrackNumber = "\xD7" +IdTrackUid = "\x73\xC5" +IdTrackType = "\x83" +IdFlagEnabled = "\xB9" +IdFlagDefault = "\x88" +IdFlagForced = "\x55\xAA" +IdFlagLacing = "\x9C" +IdDefaultDuration = "\x23\xE3\x83" +IdName = "\x53\x6E" +IdLanguage = "\x22\xB5\x9C" +IdCodecId = "\x86" +IdCodecPrivate = "\x63\xA2" +IdCodecName = "\x25\x86\x88" +IdCodecDelay = "\x56\xAA" +IdSeekPreRoll = "\x56\xBB" +IdVideo = "\xE0" +IdFlagInterlaced = "\x9A" +IdStereoMode = "\x53\xB8" +IdAlphaMode = "\x53\xC0" +IdPixelWidth = "\xB0" +IdPixelHeight = "\xBA" +IdPixelCropBottom = "\x54\xAA" +IdPixelCropTop = "\x54\xBB" +IdPixelCropLeft = "\x54\xCC" +IdPixelCropRight = "\x54\xDD" +IdDisplayWidth = "\x54\xB0" +IdDisplayHeight = "\x54\xBA" +IdDisplayUnit = "\x54\xB2" +IdAspectRatioType = "\x54\xB3" +IdFrameRate = "\x23\x83\xE3" +IdColour = "\x55\xB0" +IdMatrixCoefficients = "\x55\xB1" +IdBitsPerChannel = "\x55\xB2" +IdChromaSubsamplingHorz = "\x55\xB3" +IdChromaSubsamplingVert = "\x55\xB4" +IdCbSubsamplingHorz = "\x55\xB5" +IdCbSubsamplingVert = "\x55\xB6" +IdChromaSitingHorz = "\x55\xB7" +IdChromaSitingVert = "\x55\xB8" +IdRange = "\x55\xB9" +IdTransferCharacteristics = "\x55\xBA" +IdPrimaries = "\x55\xBB" +IdMaxCll = "\x55\xBC" +IdMaxFall = "\x55\xBD" +IdMasteringMetadata = "\x55\xD0" +IdPrimaryRChromaticityX = "\x55\xD1" +IdPrimaryRChromaticityY = "\x55\xD2" +IdPrimaryGChromaticityX = "\x55\xD3" +IdPrimaryGChromaticityY = "\x55\xD4" +IdPrimaryBChromaticityX = "\x55\xD5" +IdPrimaryBChromaticityY = "\x55\xD6" +IdWhitePointChromaticityX = "\x55\xD7" +IdWhitePointChromaticityY = "\x55\xD8" +IdLuminanceMax = "\x55\xD9" +IdLuminanceMin = "\x55\xDA" +IdProjection = "\x76\x70" +IdProjectionType = "\x76\x71" +IdProjectionPrivate = "\x76\x72" +IdProjectionPoseYaw = "\x76\x73" +IdProjectionPosePitch = "\x76\x74" +IdProjectionPoseRoll = "\x76\x75" +IdAudio = "\xE1" +IdSamplingFrequency = "\xB5" +IdOutputSamplingFrequency = "\x78\xB5" +IdChannels = "\x9F" +IdBitDepth = "\x62\x64" +IdContentEncodings = "\x6D\x80" +IdContentEncoding = "\x62\x40" +IdContentEncodingOrder = "\x50\x31" +IdContentEncodingScope = "\x50\x32" +IdContentEncodingType = "\x50\x33" +IdContentEncryption = "\x50\x35" +IdContentEncAlgo = "\x47\xE1" +IdContentEncKeyId = "\x47\xE2" +IdContentEncAesSettings = "\x47\xE7" +IdAesSettingsCipherMode = "\x47\xE8" +IdCues = "\x1C\x53\xBB\x6B" +IdCuePoint = "\xBB" +IdCueTime = "\xB3" +IdCueTrackPositions = "\xB7" +IdCueTrack = "\xF7" +IdCueClusterPosition = "\xF1" +IdCueRelativePosition = "\xF0" +IdCueDuration = "\xB2" +IdCueBlockNumber = "\x53\x78" +IdChapters = "\x10\x43\xA7\x70" +IdEditionEntry = "\x45\xB9" +IdChapterAtom = "\xB6" +IdChapterUid = "\x73\xC4" +IdChapterStringUid = "\x56\x54" +IdChapterTimeStart = "\x91" +IdChapterTimeEnd = "\x92" +IdChapterDisplay = "\x80" +IdChapString = "\x85" +IdChapLanguage = "\x43\x7C" +IdChapCountry = "\x43\x7E" +IdTags = "\x12\x54\xC3\x67" +IdTag = "\x73\x73" +IdTargets = "\x63\xC0" +IdTargetTypeValue = "\x68\xCA" +IdTargetType = "\x63\xCA" +IdTagTrackUid = "\x63\xC5" +IdSimpleTag = "\x67\xC8" +IdTagName = "\x45\xA3" +IdTagLanguage = "\x44\x7A" +IdTagDefault = "\x44\x84" +IdTagString = "\x44\x87" +IdTagBinary = "\x44\x85" + +# Interesting sizes. +SizeUnknown = "\xFF" \ No newline at end of file diff --git a/dictionaries/wkt.dict b/dictionaries/wkt.dict new file mode 100644 index 00000000..68423b52 --- /dev/null +++ b/dictionaries/wkt.dict @@ -0,0 +1,35 @@ +# https://en.wikipedia.org/wiki/Well-known_text_representation_of_geometry + +"AFFINEPLACEMENT" +"BREPSOLID" +"CIRCLE" +"CIRCULARSTRING" +"CLOTHOID" +"COMPOUNDCURVE" +"CURVE" +"CURVEPOLYGON" +"ELLIPTICALCURVE" +"EMPTY" +"GEODESICSTRING" +"GEOMETRY" +"GEOMETRYCOLLECTION" +"LINESTRING" +"MULTICURVE" +"MULTILINESTRING" +"MULTIPOINT" +"MULTIPOLYGON" +"MULTISURFACE" +"NURBSCURVE" +"POINT" +"PATCHES" +"POLYGON" +"POLYHEDRALSURFACE" +"SPIRALCURVE" +"SRID" +"SURFACE" +"TIN" +"TRIANGLE" +"ZM" + +# misc +"(1,2)" diff --git a/dictionaries/x86.dict b/dictionaries/x86.dict new file mode 100644 index 00000000..9b87a504 --- /dev/null +++ b/dictionaries/x86.dict @@ -0,0 +1,1885 @@ +# https://www.felixcloutier.com/x86/ +# https://en.wikipedia.org/wiki/X86_instruction_listings +# https://www.nasm.us/doc/nasmdocb.html + +"AAA" +"AAD" +"AAM" +"AAS" +"ADC" +"ADCX" +"ADD" +"ADDPD" +"ADDPS" +"ADDSD" +"ADDSS" +"ADDSUBPD" +"ADDSUBPS" +"ADOX" +"AESDEC" +"AESDECLAST" +"AESENC" +"AESENCLAST" +"AESIMC" +"AESKEYGENASSIST" +"ALTINST" +"AMD" +"AND" +"ANDN" +"ANDNPD" +"ANDNPS" +"ANDPD" +"ANDPS" +"ARPL" +"AVX" +"BEXTR" +"BLCFILL" +"BLCI" +"BLCIC" +"BLCMSK" +"BLCS" +"BLENDPD" +"BLENDPS" +"BLENDVPD" +"BLENDVPS" +"BLSFILL" +"BLSI" +"BLSIC" +"BLSMSK" +"BLSR" +"BNDCL" +"BNDCN" +"BNDCU" +"BNDLDX" +"BNDMK" +"BNDMOV" +"BNDSTX" +"BOUND" +"BSF" +"BSR" +"BSWAP" +"BT" +"BTC" +"BTR" +"BTS" +"BZHI" +"CALL" +"CBW" +"CDQ" +"CDQE" +"CLAC" +"CLC" +"CLD" +"CLDEMOTE" +"CLFLUSH" +"CLFLUSHOPT" +"CLGI" +"CLI" +"CLTS" +"CLWB" +"CLZERO" +"CMC" +"CMOVB" +"CMOVcc" +"CMP" +"CMPEQPD" +"CMPEQSS" +"CMPLEPD" +"CMPLESS" +"CMPLTPD" +"CMPLTSS" +"CMPNEQPD" +"CMPNEQSS" +"CMPNLEPD" +"CMPNLESS" +"CMPNLTPD" +"CMPNLTSS" +"CMPORDPD" +"CMPORDSS" +"CMPPD" +"CMPPS" +"CMPS" +"CMPSB" +"CMPSD" +"CMPSD*" +"CMPSQ" +"CMPSS" +"CMPSW" +"CMPUNORDPD" +"CMPUNORDSS" +"CMPXCHG" +"CMPXCHG16B" +"CMPXCHG486" +"CMPXCHG8B" +"COMISD" +"COMISS" +"CPUID" +"CPU_READ" +"CPU_WRITE" +"CQO" +"CRC32" +"CVTDQ2PD" +"CVTDQ2PS" +"CVTPD2DQ" +"CVTPD2PI" +"CVTPD2PS" +"CVTPI2PD" +"CVTPI2PS" +"CVTPS2DQ" +"CVTPS2PD" +"CVTPS2PI" +"CVTSD2SI" +"CVTSD2SS" +"CVTSI2SD" +"CVTSI2SS" +"CVTSS2SD" +"CVTSS2SI" +"CVTTPD2DQ" +"CVTTPD2PI" +"CVTTPS2DQ" +"CVTTPS2PI" +"CVTTSD2SI" +"CVTTSS2SI" +"CWD" +"CWDE" +"DAA" +"DAS" +"DB" +"DEC" +"DIV" +"DIVPD" +"DIVPS" +"DIVSD" +"DIVSS" +"DMINT" +"DO" +"DPPD" +"DPPS" +"EACCEPT" +"EACCEPTCOPY" +"EADD" +"EAUG" +"EBLOCK" +"ECREATE" +"EDBGRD" +"EDBGWR" +"EDECVIRTCHILD" +"EENTER" +"EEXIT" +"EEXTEND" +"EGETKEY" +"EINCVIRTCHILD" +"EINIT" +"ELBUC" +"ELDB" +"ELDBC" +"ELDU" +"EMMS" +"EMODPE" +"EMODPR" +"EMODT" +"ENCLS" +"ENCLU" +"ENCLV" +"ENTER" +"EPA" +"EQU" +"ERDINFO" +"EREMOVE" +"EREPORT" +"ERESUME" +"ESC" +"ESETCONTEXT" +"ETRACK" +"ETRACKC" +"EWB]" +"EXTRACTPS" +"EXTRQ" +"F2XM1" +"FABS" +"FADD" +"FADDP" +"FBLD" +"FBSTP" +"FCHS" +"FCLEX" +"FCMOV" +"FCMOVB" +"FCMOVBE" +"FCMOVE" +"FCMOVNB" +"FCMOVNBE" +"FCMOVNE" +"FCMOVNU" +"FCMOVU" +"FCMOVcc" +"FCOM" +"FCOMI" +"FCOMIP" +"FCOMP" +"FCOMPP" +"FCOS" +"FDECSTP" +"FDISI" +"FDIV" +"FDIVP" +"FDIVR" +"FDIVRP" +"FEMMS" +"FENI" +"FFREE" +"FFREEP" +"FIADD" +"FICOM" +"FICOMP" +"FIDIV" +"FIDIVR" +"FILD" +"FIMUL" +"FINCSTP" +"FINIT" +"FIST" +"FISTP" +"FISTTP" +"FISUB" +"FISUBR" +"FLD" +"FLD1" +"FLDCW" +"FLDENV" +"FLDENVD" +"FLDENVW" +"FLDL2E" +"FLDL2T" +"FLDLG2" +"FLDLN2" +"FLDPI" +"FLDZ" +"FMUL" +"FMULP" +"FNCLEX" +"FNDISI" +"FNENI" +"FNINIT" +"FNOP" +"FNSAVE" +"FNSAVEW" +"FNSTCW" +"FNSTENV" +"FNSTENVW" +"FNSTSW" +"FPATAN" +"FPREM" +"FPREM1" +"FPTAN" +"FRNDINT" +"FRSTOR" +"FRSTORD" +"FRSTORW" +"FSAVE" +"FSAVED" +"FSAVEW" +"FSCALE" +"FSETPM" +"FSIN" +"FSINCOS" +"FSQRT" +"FST" +"FSTCW" +"FSTENV" +"FSTENVD" +"FSTENVW" +"FSTP" +"FSTSW" +"FSUB" +"FSUBP" +"FSUBR" +"FSUBRP" +"FTST" +"FUCOM" +"FUCOMI" +"FUCOMIP" +"FUCOMP" +"FUCOMPP" +"FWAIT" +"FXAM" +"FXCH" +"FXRSTOR" +"FXRSTOR64" +"FXSAVE" +"FXSAVE64" +"FXTRACT" +"FYL2X" +"FYL2XP1" +"GF2P8AFFINEINVQB" +"GF2P8AFFINEQB" +"GF2P8MULB" +"HADDPD" +"HADDPS" +"HINT" +"HLT" +"HSUBPD" +"HSUBPS" +"IBTS" +"ICEBP" +"IDIV" +"IMUL" +"IN" +"INC" +"INS" +"INSB" +"INSD" +"INSERTPS" +"INSERTQ" +"INSW" +"INT" +"INT01" +"INT03" +"INT1" +"INT3" +"INTO" +"INVD" +"INVEPT" +"INVLPG" +"INVLPGA" +"INVPCID" +"INVVPID" +"IRET" +"IRETD" +"IRETQ" +"IRETW" +"IRETx" +"JCXZ" +"JECXZ" +"JMP" +"JMPE" +"JRCXZ" +"Jcc" +"KADDB" +"KADDD" +"KADDQ" +"KADDW" +"KANDB" +"KANDD" +"KANDNB" +"KANDND" +"KANDNQ" +"KANDNW" +"KANDQ" +"KANDW" +"KMOVB" +"KMOVD" +"KMOVQ" +"KMOVW" +"KNOTB" +"KNOTD" +"KNOTQ" +"KNOTW" +"KORB" +"KORD" +"KORQ" +"KORTESTB" +"KORTESTD" +"KORTESTQ" +"KORTESTW" +"KORW" +"KSHIFTLB" +"KSHIFTLD" +"KSHIFTLQ" +"KSHIFTLW" +"KSHIFTRB" +"KSHIFTRD" +"KSHIFTRQ" +"KSHIFTRW" +"KTESTB" +"KTESTD" +"KTESTQ" +"KTESTW" +"KUNPCKBW" +"KUNPCKDQ" +"KUNPCKWD" +"KXNORB" +"KXNORD" +"KXNORQ" +"KXNORW" +"KXORB" +"KXORD" +"KXORQ" +"KXORW" +"LAHF" +"LAR" +"LDDQU" +"LDMXCSR" +"LDS" +"LEA" +"LEAVE" +"LES" +"LFENCE" +"LFS" +"LGDT" +"LGS" +"LIDT" +"LLDT" +"LLWPCB" +"LMSW" +"LOADALL" +"LOADALL286" +"LOADALLD" +"LOCK" +"LODS" +"LODSB" +"LODSD" +"LODSQ" +"LODSW" +"LOOP" +"LOOPD" +"LOOPE" +"LOOPNE" +"LOOPNZ" +"LOOPW" +"LOOPZ" +"LOOPcc" +"LSL" +"LSS" +"LTR" +"LWPINS" +"LWPVAL" +"LZCNT" +"MASKMOVDQU" +"MASKMOVQ" +"MAXPD" +"MAXPS" +"MAXSD" +"MAXSS" +"MFENCE" +"MINPD" +"MINPS" +"MINSD" +"MINSS" +"MONITOR" +"MONITORX" +"MOV" +"MOVAPD" +"MOVAPS" +"MOVBE" +"MOVD" +"MOVDDUP" +"MOVDIR64B" +"MOVDIRI" +"MOVDQ2Q" +"MOVDQA" +"MOVDQU" +"MOVHLPS" +"MOVHPD" +"MOVHPS" +"MOVLHPS" +"MOVLPD" +"MOVLPS" +"MOVMSKPD" +"MOVMSKPS" +"MOVNTDQ" +"MOVNTDQA" +"MOVNTI" +"MOVNTPD" +"MOVNTPS" +"MOVNTQ" +"MOVNTSD" +"MOVNTSS" +"MOVQ" +"MOVQ2DQ" +"MOVS" +"MOVSB" +"MOVSD" +"MOVSD*" +"MOVSHDUP" +"MOVSLDUP" +"MOVSQ" +"MOVSS" +"MOVSW" +"MOVSX" +"MOVSXD" +"MOVUPD" +"MOVUPS" +"MOVZX" +"MPSADBW" +"MUL" +"MULPD" +"MULPS" +"MULSD" +"MULSS" +"MULX" +"MWAIT" +"MWAITX" +"NEG" +"NOP" +"NOT" +"OR" +"ORPD" +"ORPS" +"OUT" +"OUTS" +"OUTSB" +"OUTSD" +"OUTSW" +"PABSB" +"PABSD" +"PABSQ" +"PABSW" +"PACKSSDW" +"PACKSSWB" +"PACKUSDW" +"PACKUSWB" +"PADDB" +"PADDD" +"PADDQ" +"PADDSB" +"PADDSIW" +"PADDSW" +"PADDUSB" +"PADDUSW" +"PADDW" +"PALIGNR" +"PAND" +"PANDN" +"PAUSE" +"PAVEB" +"PAVGB" +"PAVGUSB" +"PAVGW" +"PBLENDVB" +"PBLENDW" +"PCLMULHQHQDQ" +"PCLMULHQLQDQ" +"PCLMULQDQ" +"PCMPEQB" +"PCMPEQD" +"PCMPEQQ" +"PCMPEQW" +"PCMPESTRI" +"PCMPESTRM" +"PCMPGTB" +"PCMPGTD" +"PCMPGTQ" +"PCMPGTW" +"PCMPISTRI" +"PCMPISTRM" +"PCOMMIT" +"PCONFIG" +"PDEP" +"PDISTIB" +"PEXT" +"PEXTRB" +"PEXTRD" +"PEXTRQ" +"PEXTRW" +"PF2ID" +"PF2IW" +"PFACC" +"PFADD" +"PFCMPEQ" +"PFCMPGE" +"PFCMPGT" +"PFMAX" +"PFMIN" +"PFMUL" +"PFNACC" +"PFPNACC" +"PFRCP" +"PFRCPIT1" +"PFRCPIT2" +"PFRCPV" +"PFRSQIT1" +"PFRSQRT" +"PFRSQRTV" +"PFSUB" +"PFSUBR" +"PHADDD" +"PHADDSW" +"PHADDW" +"PHMINPOSUW" +"PHSUBD" +"PHSUBSW" +"PHSUBW" +"PI2FD" +"PI2FW" +"PINSRB" +"PINSRD" +"PINSRQ" +"PINSRW" +"PMACHRIW" +"PMADDUBSW" +"PMADDWD" +"PMAGW" +"PMAXSB" +"PMAXSD" +"PMAXSQ" +"PMAXSW" +"PMAXUB" +"PMAXUD" +"PMAXUQ" +"PMAXUW" +"PMINSB" +"PMINSD" +"PMINSQ" +"PMINSW" +"PMINUB" +"PMINUD" +"PMINUQ" +"PMINUW" +"PMOVMSKB" +"PMOVSX" +"PMOVSXBD" +"PMOVSXBQ" +"PMOVSXBW" +"PMOVSXDQ" +"PMOVSXWD" +"PMOVSXWQ" +"PMOVZX" +"PMOVZXBD" +"PMOVZXBQ" +"PMOVZXBW" +"PMOVZXDQ" +"PMOVZXWD" +"PMOVZXWQ" +"PMULDQ" +"PMULHRIW" +"PMULHRSW" +"PMULHRW" +"PMULHRWA" +"PMULHRWC" +"PMULHUW" +"PMULHW" +"PMULLD" +"PMULLQ" +"PMULLW" +"PMULUDQ" +"PMVGEZB" +"PMVLZB" +"PMVNZB" +"PMVZB" +"POP" +"POPA" +"POPAD" +"POPAW" +"POPCNT" +"POPF" +"POPFD" +"POPFQ" +"POPFW" +"POR" +"PREFETCH" +"PREFETCHNTA" +"PREFETCHT0" +"PREFETCHT1" +"PREFETCHT2" +"PREFETCHW" +"PREFETCHWT1" +"PREFETCHh" +"PSADBW" +"PSHUFB" +"PSHUFD" +"PSHUFHW" +"PSHUFLW" +"PSHUFW" +"PSIGNB" +"PSIGND" +"PSIGNW" +"PSLLD" +"PSLLDQ" +"PSLLQ" +"PSLLW" +"PSRAD" +"PSRAQ" +"PSRAW" +"PSRLD" +"PSRLDQ" +"PSRLQ" +"PSRLW" +"PSUBB" +"PSUBD" +"PSUBQ" +"PSUBSB" +"PSUBSIW" +"PSUBSW" +"PSUBUSB" +"PSUBUSW" +"PSUBW" +"PSWAPD" +"PTEST" +"PTWRITE" +"PUNPCKHBW" +"PUNPCKHDQ" +"PUNPCKHQDQ" +"PUNPCKHWD" +"PUNPCKLBW" +"PUNPCKLDQ" +"PUNPCKLQDQ" +"PUNPCKLWD" +"PUSH" +"PUSHA" +"PUSHAD" +"PUSHAW" +"PUSHF" +"PUSHFD" +"PUSHFQ" +"PUSHFW" +"PXOR" +"RCL" +"RCPPS" +"RCPSS" +"RCR" +"RDFSBASE" +"RDGSBASE" +"RDM" +"RDMSR" +"RDPID" +"RDPKRU" +"RDPMC" +"RDRAND" +"RDSEED" +"RDSHR" +"RDTSC" +"RDTSCP" +"REP" +"REPE" +"REPNE" +"REPNZ" +"REPZ" +"REPxx" +"RESO" +"RESW" +"RESZ" +"RET" +"RETD" +"RETF" +"RETFD" +"RETFQ" +"RETFW" +"RETN" +"RETND" +"RETNQ" +"RETNW" +"RETQ" +"RETW" +"ROL" +"ROR" +"RORX" +"ROUNDPD" +"ROUNDPS" +"ROUNDSD" +"ROUNDSS" +"RSDC" +"RSLDT" +"RSM" +"RSQRTPS" +"RSQRTSS" +"RSTS" +"SAHF" +"SAL" +"SALC" +"SAR" +"SARX" +"SBB" +"SCAS" +"SCASB" +"SCASD" +"SCASQ" +"SCASW" +"SETcc" +"SETALC" +"SFENCE" +"SGDT" +"SGX" +"SHA1MSG1" +"SHA1MSG2" +"SHA1NEXTE" +"SHA1RNDS4" +"SHA256MSG1" +"SHA256MSG2" +"SHA256RNDS2" +"SHL" +"SHLD" +"SHLX" +"SHR" +"SHRD" +"SHRX" +"SHUFPD" +"SHUFPS" +"SIDT" +"SKINIT" +"SLDT" +"SLWPCB" +"SMI" +"SMINT" +"SMINTOLD" +"SMSW" +"SMX" +"SQRTPD" +"SQRTPS" +"SQRTSD" +"SQRTSS" +"SSE2" +"STAC" +"STC" +"STD" +"STGI" +"STI" +"STMXCSR" +"STOS" +"STOSB" +"STOSD" +"STOSQ" +"STOSW" +"STR" +"SUB" +"SUBPD" +"SUBPS" +"SUBSD" +"SUBSS" +"SVDC" +"SVLDT" +"SVTS" +"SWAPGS" +"SYSCALL" +"SYSENTER" +"SYSEXIT" +"SYSRET" +"T1MSKC" +"TEST" +"TPAUSE" +"TZCNT" +"TZMSK" +"UCOMISD" +"UCOMISS" +"UD" +"UD0" +"UD1" +"UD2" +"UD2A" +"UD2B" +"UMONITOR" +"UMOV" +"UMWAIT" +"UNPCKHPD" +"UNPCKHPS" +"UNPCKLPD" +"UNPCKLPS" +"V4DPWSSDS" +"V4FMADDPS" +"V4FMADDSS" +"V4FNMADDPS" +"V4FNMADDSS" +"VADDPD" +"VADDPS" +"VADDSD" +"VADDSS" +"VADDSUBPD" +"VADDSUBPS" +"VAESDEC" +"VAESDECLAST" +"VAESENC" +"VAESENCLAST" +"VAESIMC" +"VALIGND" +"VALIGNQ" +"VANDNPD" +"VANDNPS" +"VANDPD" +"VANDPS" +"VBLENDMPD" +"VBLENDMPS" +"VBLENDPD" +"VBLENDPS" +"VBLENDVPD" +"VBLENDVPS" +"VBROADCAST" +"VBROADCASTF32X2" +"VBROADCASTF32X4" +"VBROADCASTF32X8" +"VBROADCASTF64X2" +"VBROADCASTF64X4" +"VBROADCASTI128" +"VBROADCASTI32X2" +"VBROADCASTI32X4" +"VBROADCASTI32X8" +"VBROADCASTI64X2" +"VBROADCASTI64X4" +"VBROADCASTSD" +"VBROADCASTSS" +"VCMPEQPD" +"VCMPEQPS" +"VCMPEQSS" +"VCMPEQ_OSPD" +"VCMPEQ_OSPS" +"VCMPEQ_OSSD" +"VCMPEQ_UQPD" +"VCMPEQ_UQPS" +"VCMPEQ_UQSD" +"VCMPEQ_USPD" +"VCMPEQ_USPS" +"VCMPEQ_USSD" +"VCMPFALSEPD" +"VCMPFALSEPS" +"VCMPFALSESD" +"VCMPFALSE_OQPD" +"VCMPFALSE_OQPS" +"VCMPFALSE_OQSS" +"VCMPFALSE_OSPD" +"VCMPFALSE_OSPS" +"VCMPFALSE_OSSS" +"VCMPGEPD" +"VCMPGEPS" +"VCMPGESS" +"VCMPGE_OQPD" +"VCMPGE_OQPS" +"VCMPGE_OQSS" +"VCMPGE_OSPD" +"VCMPGE_OSPS" +"VCMPGE_OSSD" +"VCMPGTPD" +"VCMPGTPS" +"VCMPGTSS" +"VCMPGT_OQPD" +"VCMPGT_OQPS" +"VCMPGT_OQSD" +"VCMPGT_OSPD" +"VCMPGT_OSPS" +"VCMPGT_OSSD" +"VCMPLEPD" +"VCMPLEPS" +"VCMPLESS" +"VCMPLE_OQPD" +"VCMPLE_OQPS" +"VCMPLE_OQSD" +"VCMPLE_OSPD" +"VCMPLE_OSPS" +"VCMPLE_OSSD" +"VCMPLTPD" +"VCMPLTPS" +"VCMPLTSS" +"VCMPLT_OQPD" +"VCMPLT_OQPS" +"VCMPLT_OQSS" +"VCMPLT_OSPD" +"VCMPLT_OSPS" +"VCMPLT_OSSD" +"VCMPNEQPD" +"VCMPNEQPS" +"VCMPNEQSS" +"VCMPNEQ_OQPD" +"VCMPNEQ_OQPS" +"VCMPNEQ_OQSS" +"VCMPNEQ_OSPD" +"VCMPNEQ_OSPS" +"VCMPNEQ_OSSD" +"VCMPNEQ_UQPD" +"VCMPNEQ_UQPS" +"VCMPNEQ_UQSD" +"VCMPNEQ_USPD" +"VCMPNEQ_USPS" +"VCMPNEQ_USSD" +"VCMPNGEPD" +"VCMPNGEPS" +"VCMPNGESD" +"VCMPNGE_UQPD" +"VCMPNGE_UQPS" +"VCMPNGE_UQSS" +"VCMPNGE_USPD" +"VCMPNGE_USPS" +"VCMPNGE_USSS" +"VCMPNGTPD" +"VCMPNGTPS" +"VCMPNGTSD" +"VCMPNGT_UQPD" +"VCMPNGT_UQPS" +"VCMPNGT_UQSD" +"VCMPNGT_USPD" +"VCMPNGT_USPS" +"VCMPNGT_USSS" +"VCMPNLEPD" +"VCMPNLEPS" +"VCMPNLESS" +"VCMPNLE_UQPD" +"VCMPNLE_UQPS" +"VCMPNLE_UQSD" +"VCMPNLE_USPD" +"VCMPNLE_USPS" +"VCMPNLE_USSD" +"VCMPNLTPD" +"VCMPNLTPS" +"VCMPNLTSS" +"VCMPNLT_UQPD" +"VCMPNLT_UQPS" +"VCMPNLT_UQSS" +"VCMPNLT_USPD" +"VCMPNLT_USPS" +"VCMPNLT_USSD" +"VCMPORDPD" +"VCMPORDPS" +"VCMPORDSS" +"VCMPORD_QPD" +"VCMPORD_QPS" +"VCMPORD_QSD" +"VCMPORD_SPD" +"VCMPORD_SPS" +"VCMPORD_SSS" +"VCMPPD" +"VCMPPS" +"VCMPSD" +"VCMPTRUEPD" +"VCMPTRUEPS" +"VCMPTRUESS" +"VCMPTRUE_UQPD" +"VCMPTRUE_UQPS" +"VCMPTRUE_UQSD" +"VCMPTRUE_USPD" +"VCMPTRUE_USPS" +"VCMPTRUE_USSS" +"VCMPUNORDPD" +"VCMPUNORDPS" +"VCMPUNORDSS" +"VCMPUNORD_QPD" +"VCMPUNORD_QPS" +"VCMPUNORD_QSD" +"VCMPUNORD_SPD" +"VCMPUNORD_SPS" +"VCMPUNORD_SSS" +"VCOMISD" +"VCOMPRESSPD" +"VCOMPRESSPS" +"VCVTDQ2PD" +"VCVTDQ2PS" +"VCVTPD2DQ" +"VCVTPD2PS" +"VCVTPD2QQ" +"VCVTPD2UDQ" +"VCVTPD2UQQ" +"VCVTPH2PS" +"VCVTPS2DQ" +"VCVTPS2PD" +"VCVTPS2PH" +"VCVTPS2QQ" +"VCVTPS2UDQ" +"VCVTPS2UQQ" +"VCVTQQ2PD" +"VCVTQQ2PS" +"VCVTSD2SI" +"VCVTSD2SS" +"VCVTSD2USI" +"VCVTSI2SD" +"VCVTSI2SS" +"VCVTSS2SD" +"VCVTSS2SI" +"VCVTSS2USI" +"VCVTTPD2DQ" +"VCVTTPD2QQ" +"VCVTTPD2UDQ" +"VCVTTPD2UQQ" +"VCVTTPS2DQ" +"VCVTTPS2QQ" +"VCVTTPS2UDQ" +"VCVTTPS2UQQ" +"VCVTTSD2SI" +"VCVTTSD2USI" +"VCVTTSS2SI" +"VCVTTSS2USI" +"VCVTUDQ2PD" +"VCVTUDQ2PS" +"VCVTUQQ2PD" +"VCVTUQQ2PS" +"VCVTUSI2SD" +"VCVTUSI2SS" +"VDBPSADBW" +"VDIVPD" +"VDIVPS" +"VDIVSD" +"VDPPD" +"VDPPS" +"VERR" +"VERW" +"VEXP2PD" +"VEXP2PS" +"VEXPANDPD" +"VEXPANDPS" +"VEXTRACTF128" +"VEXTRACTF32X4" +"VEXTRACTF32X8" +"VEXTRACTF32x4" +"VEXTRACTF32x8" +"VEXTRACTF64X2" +"VEXTRACTF64X4" +"VEXTRACTF64x2" +"VEXTRACTF64x4" +"VEXTRACTI128" +"VEXTRACTI32X4" +"VEXTRACTI32X8" +"VEXTRACTI32x4" +"VEXTRACTI32x8" +"VEXTRACTI64X2" +"VEXTRACTI64X4" +"VEXTRACTI64x2" +"VEXTRACTI64x4" +"VEXTRACTPS" +"VFIXUPIMMPD" +"VFIXUPIMMPS" +"VFIXUPIMMSD" +"VFIXUPIMMSS" +"VFMADD123PD" +"VFMADD123PS" +"VFMADD123SD" +"VFMADD132PD" +"VFMADD132PS" +"VFMADD132SD" +"VFMADD132SS" +"VFMADD213PD" +"VFMADD213PS" +"VFMADD213SD" +"VFMADD213SS" +"VFMADD231PD" +"VFMADD231PS" +"VFMADD231SD" +"VFMADD231SS" +"VFMADD312PD" +"VFMADD312PS" +"VFMADD312SD" +"VFMADD321PD" +"VFMADD321PS" +"VFMADD321SD" +"VFMADDPD" +"VFMADDPS" +"VFMADDSD" +"VFMADDSS" +"VFMADDSUB123PD" +"VFMADDSUB123PS" +"VFMADDSUB132PD" +"VFMADDSUB132PS" +"VFMADDSUB213PD" +"VFMADDSUB213PS" +"VFMADDSUB231PD" +"VFMADDSUB231PS" +"VFMADDSUB312PD" +"VFMADDSUB312PS" +"VFMADDSUB321PD" +"VFMADDSUB321PS" +"VFMADDSUBPD" +"VFMADDSUBPS" +"VFMSUB123PD" +"VFMSUB123PS" +"VFMSUB123SD" +"VFMSUB132PD" +"VFMSUB132PS" +"VFMSUB132SD" +"VFMSUB132SS" +"VFMSUB213PD" +"VFMSUB213PS" +"VFMSUB213SD" +"VFMSUB213SS" +"VFMSUB231PD" +"VFMSUB231PS" +"VFMSUB231SD" +"VFMSUB231SS" +"VFMSUB312PD" +"VFMSUB312PS" +"VFMSUB312SD" +"VFMSUB321PD" +"VFMSUB321PS" +"VFMSUB321SD" +"VFMSUBADD123PD" +"VFMSUBADD123PS" +"VFMSUBADD132PD" +"VFMSUBADD132PS" +"VFMSUBADD213PD" +"VFMSUBADD213PS" +"VFMSUBADD231PD" +"VFMSUBADD231PS" +"VFMSUBADD312PD" +"VFMSUBADD312PS" +"VFMSUBADD321PD" +"VFMSUBADD321PS" +"VFMSUBADDPD" +"VFMSUBADDPS" +"VFMSUBPD" +"VFMSUBPS" +"VFMSUBSD" +"VFMSUBSS" +"VFNMADD123PD" +"VFNMADD123PS" +"VFNMADD123SD" +"VFNMADD132PD" +"VFNMADD132PS" +"VFNMADD132SD" +"VFNMADD132SS" +"VFNMADD213PD" +"VFNMADD213PS" +"VFNMADD213SD" +"VFNMADD213SS" +"VFNMADD231PD" +"VFNMADD231PS" +"VFNMADD231SD" +"VFNMADD231SS" +"VFNMADD312PD" +"VFNMADD312PS" +"VFNMADD312SD" +"VFNMADD321PD" +"VFNMADD321PS" +"VFNMADD321SD" +"VFNMADDPD" +"VFNMADDPS" +"VFNMADDSD" +"VFNMADDSS" +"VFNMSUB123PD" +"VFNMSUB123PS" +"VFNMSUB123SD" +"VFNMSUB132PD" +"VFNMSUB132PS" +"VFNMSUB132SD" +"VFNMSUB132SS" +"VFNMSUB213PD" +"VFNMSUB213PS" +"VFNMSUB213SD" +"VFNMSUB213SS" +"VFNMSUB231PD" +"VFNMSUB231PS" +"VFNMSUB231SD" +"VFNMSUB231SS" +"VFNMSUB312PD" +"VFNMSUB312PS" +"VFNMSUB312SD" +"VFNMSUB321PD" +"VFNMSUB321PS" +"VFNMSUB321SD" +"VFNMSUBPD" +"VFNMSUBPS" +"VFNMSUBSD" +"VFNMSUBSS" +"VFPCLASSPD" +"VFPCLASSPS" +"VFPCLASSSD" +"VFPCLASSSS" +"VFRCZPD" +"VFRCZPS" +"VFRCZSD" +"VGATHERDPD" +"VGATHERDPS" +"VGATHERPF0DPD" +"VGATHERPF0DPS" +"VGATHERPF0QPD" +"VGATHERPF0QPS" +"VGATHERPF1DPD" +"VGATHERPF1DPS" +"VGATHERPF1QPD" +"VGATHERPF1QPS" +"VGATHERQPD" +"VGATHERQPS" +"VGETEXPPD" +"VGETEXPPS" +"VGETEXPSD" +"VGETEXPSS" +"VGETMANTPD" +"VGETMANTPS" +"VGETMANTSD" +"VGETMANTSS" +"VGF2P8AFFINEINVQB" +"VGF2P8AFFINEQB" +"VGF2P8MULB" +"VHADDPD" +"VHADDPS" +"VHSUBPD" +"VHSUBPS" +"VINSERTF128" +"VINSERTF32X4" +"VINSERTF32x4" +"VINSERTF32x8" +"VINSERTF64X2" +"VINSERTF64X4" +"VINSERTF64x2" +"VINSERTF64x4" +"VINSERTI128" +"VINSERTI32X4" +"VINSERTI32x4" +"VINSERTI32x8" +"VINSERTI64X2" +"VINSERTI64X4" +"VINSERTI64x2" +"VINSERTI64x4" +"VINSERTPS" +"VLDMXCSR" +"VLDQQU" +"VMASKMOV" +"VMASKMOVPD" +"VMASKMOVPS" +"VMAXPD" +"VMAXPS" +"VMAXSD" +"VMCALL" +"VMCLEAR" +"VMFUNC" +"VMINPD" +"VMINPS" +"VMINSD" +"VMLAUNCH" +"VMLOAD" +"VMMCALL" +"VMOVAPD" +"VMOVAPS" +"VMOVD" +"VMOVDDUP" +"VMOVDQA" +"VMOVDQA32" +"VMOVDQA64" +"VMOVDQU" +"VMOVDQU16" +"VMOVDQU32" +"VMOVDQU64" +"VMOVDQU8" +"VMOVHLPS" +"VMOVHPD" +"VMOVHPS" +"VMOVLHPS" +"VMOVLPD" +"VMOVLPS" +"VMOVMSKPD" +"VMOVMSKPS" +"VMOVNTDQ" +"VMOVNTDQA" +"VMOVNTPD" +"VMOVNTPS" +"VMOVQ" +"VMOVQQA" +"VMOVQQU" +"VMOVSD" +"VMOVSHDUP" +"VMOVSLDUP" +"VMOVSS" +"VMOVUPD" +"VMOVUPS" +"VMPSADBW" +"VMPTRLD" +"VMPTRST" +"VMREAD" +"VMRESUME" +"VMRUN" +"VMSAVE" +"VMULPD" +"VMULPS" +"VMULSS" +"VMWRITE" +"VMX" +"VMXOFF" +"VMXON" +"VORPD" +"VORPS" +"VP4DPWSSD" +"VP4DPWSSDS" +"VPABSB" +"VPABSD" +"VPABSQ" +"VPABSW" +"VPACKSSDW" +"VPACKSSWB" +"VPACKUSDW" +"VPACKUSWB" +"VPADDB" +"VPADDD" +"VPADDQ" +"VPADDSB" +"VPADDSW" +"VPADDUSB" +"VPADDUSW" +"VPADDW" +"VPALIGNR" +"VPANDD" +"VPANDN" +"VPANDND" +"VPANDNQ" +"VPANDQ" +"VPAVGB" +"VPAVGW" +"VPBLENDD" +"VPBLENDMB" +"VPBLENDMD" +"VPBLENDMQ" +"VPBLENDMW" +"VPBLENDW" +"VPBROADCAST" +"VPBROADCASTB" +"VPBROADCASTD" +"VPBROADCASTM" +"VPBROADCASTMB2Q" +"VPBROADCASTMW2D" +"VPBROADCASTQ" +"VPBROADCASTW" +"VPCLMULHQHQDQ" +"VPCLMULHQLQDQ" +"VPCLMULLQHQDQ" +"VPCLMULLQLQDQ" +"VPCLMULQDQ" +"VPCMOV" +"VPCMPB" +"VPCMPD" +"VPCMPEQB" +"VPCMPEQD" +"VPCMPEQQ" +"VPCMPEQW" +"VPCMPESTRM" +"VPCMPGTB" +"VPCMPGTD" +"VPCMPGTQ" +"VPCMPGTW" +"VPCMPISTRM" +"VPCMPQ" +"VPCMPUB" +"VPCMPUD" +"VPCMPUQ" +"VPCMPUW" +"VPCMPW" +"VPCOMB" +"VPCOMPRESSB" +"VPCOMPRESSD" +"VPCOMPRESSQ" +"VPCOMPRESSW" +"VPCOMQ" +"VPCOMUD" +"VPCOMUW" +"VPCONFLICTD" +"VPCONFLICTQ" +"VPDPBUSD" +"VPDPBUSDS" +"VPDPWSSD" +"VPDPWSSDS" +"VPERM2F128" +"VPERM2I128" +"VPERMB" +"VPERMD" +"VPERMI2B" +"VPERMI2D" +"VPERMI2PD" +"VPERMI2PS" +"VPERMI2Q" +"VPERMI2W" +"VPERMILPD" +"VPERMILPS" +"VPERMPD" +"VPERMPS" +"VPERMQ" +"VPERMT2B" +"VPERMT2D" +"VPERMT2PD" +"VPERMT2PS" +"VPERMT2Q" +"VPERMT2W" +"VPERMW" +"VPEXPANDB" +"VPEXPANDD" +"VPEXPANDQ" +"VPEXPANDW" +"VPEXTRB" +"VPEXTRD" +"VPEXTRQ" +"VPEXTRW" +"VPGATHERDD" +"VPGATHERDQ" +"VPGATHERQD" +"VPGATHERQQ" +"VPHADDBD" +"VPHADDBW" +"VPHADDD" +"VPHADDUBD" +"VPHADDUBW" +"VPHADDUWD" +"VPHADDWD" +"VPHMINPOSUW" +"VPHSUBBW" +"VPHSUBD" +"VPHSUBSW" +"VPHSUBW" +"VPHSUBWD" +"VPINSRB" +"VPINSRD" +"VPINSRQ" +"VPINSRW" +"VPLZCNTD" +"VPLZCNTQ" +"VPMACSDQH" +"VPMACSSDD" +"VPMACSSDQL" +"VPMACSSWW" +"VPMACSWW" +"VPMADCSWD" +"VPMADD52HUQ" +"VPMADD52LUQ" +"VPMADDUBSW" +"VPMADDWD" +"VPMASKMOV" +"VPMASKMOVD" +"VPMASKMOVQ" +"VPMAXSB" +"VPMAXSD" +"VPMAXSQ" +"VPMAXSW" +"VPMAXUB" +"VPMAXUD" +"VPMAXUQ" +"VPMAXUW" +"VPMINSB" +"VPMINSD" +"VPMINSQ" +"VPMINSW" +"VPMINUB" +"VPMINUD" +"VPMINUQ" +"VPMINUW" +"VPMOVB2M" +"VPMOVD2M" +"VPMOVDB" +"VPMOVDW" +"VPMOVM2B" +"VPMOVM2D" +"VPMOVM2Q" +"VPMOVM2W" +"VPMOVMSKB" +"VPMOVQ2M" +"VPMOVQB" +"VPMOVQD" +"VPMOVQW" +"VPMOVSDB" +"VPMOVSDW" +"VPMOVSQB" +"VPMOVSQD" +"VPMOVSQW" +"VPMOVSWB" +"VPMOVSXBD" +"VPMOVSXBQ" +"VPMOVSXBW" +"VPMOVSXDQ" +"VPMOVSXWD" +"VPMOVSXWQ" +"VPMOVUSDB" +"VPMOVUSDW" +"VPMOVUSQB" +"VPMOVUSQD" +"VPMOVUSQW" +"VPMOVUSWB" +"VPMOVW2M" +"VPMOVWB" +"VPMOVZXBD" +"VPMOVZXBQ" +"VPMOVZXBW" +"VPMOVZXDQ" +"VPMOVZXWD" +"VPMOVZXWQ" +"VPMULDQ" +"VPMULHRSW" +"VPMULHUW" +"VPMULHW" +"VPMULLD" +"VPMULLQ" +"VPMULLW" +"VPMULTISHIFTQB" +"VPMULUDQ" +"VPOPCNTB" +"VPOPCNTD" +"VPOPCNTQ" +"VPOPCNTW" +"VPOR" +"VPORD" +"VPORQ" +"VPPERM" +"VPROLD" +"VPROLQ" +"VPROLVD" +"VPROLVQ" +"VPRORD" +"VPRORQ" +"VPRORVD" +"VPRORVQ" +"VPROTB" +"VPROTD" +"VPROTQ" +"VPROTW" +"VPSADBW" +"VPSCATTERDD" +"VPSCATTERDQ" +"VPSCATTERQD" +"VPSCATTERQQ" +"VPSHAB" +"VPSHAD" +"VPSHAQ" +"VPSHAW" +"VPSHLB" +"VPSHLD" +"VPSHLDD" +"VPSHLDQ" +"VPSHLDVD" +"VPSHLDVQ" +"VPSHLDVW" +"VPSHLDW" +"VPSHLQ" +"VPSHLW" +"VPSHRDD" +"VPSHRDQ" +"VPSHRDVD" +"VPSHRDVQ" +"VPSHRDVW" +"VPSHRDW" +"VPSHUFB" +"VPSHUFBITQMB" +"VPSHUFD" +"VPSHUFHW" +"VPSHUFLW" +"VPSIGNB" +"VPSIGND" +"VPSIGNW" +"VPSLLD" +"VPSLLDQ" +"VPSLLQ" +"VPSLLVD" +"VPSLLVQ" +"VPSLLVW" +"VPSLLW" +"VPSRAD" +"VPSRAQ" +"VPSRAVD" +"VPSRAVQ" +"VPSRAVW" +"VPSRAW" +"VPSRLD" +"VPSRLDQ" +"VPSRLQ" +"VPSRLVD" +"VPSRLVQ" +"VPSRLVW" +"VPSRLW" +"VPSUBB" +"VPSUBD" +"VPSUBQ" +"VPSUBSB" +"VPSUBSW" +"VPSUBUSB" +"VPSUBUSW" +"VPSUBW" +"VPTERNLOGD" +"VPTERNLOGQ" +"VPTEST" +"VPTESTMB" +"VPTESTMD" +"VPTESTMQ" +"VPTESTMW" +"VPTESTNMB" +"VPTESTNMD" +"VPTESTNMQ" +"VPTESTNMW" +"VPUNPCKHBW" +"VPUNPCKHDQ" +"VPUNPCKHQDQ" +"VPUNPCKHWD" +"VPUNPCKLBW" +"VPUNPCKLDQ" +"VPUNPCKLQDQ" +"VPUNPCKLWD" +"VPXOR" +"VPXORD" +"VPXORQ" +"VRANGEPD" +"VRANGEPS" +"VRANGESD" +"VRANGESS" +"VRCP14PD" +"VRCP14PS" +"VRCP14SD" +"VRCP14SS" +"VRCP28PD" +"VRCP28PS" +"VRCP28SD" +"VRCP28SS" +"VRCPPS" +"VREDUCEPD" +"VREDUCEPS" +"VREDUCESD" +"VREDUCESS" +"VRNDSCALEPD" +"VRNDSCALEPS" +"VRNDSCALESD" +"VRNDSCALESS" +"VROUNDPD" +"VROUNDPS" +"VROUNDSS" +"VRSQRT14PD" +"VRSQRT14PS" +"VRSQRT14SD" +"VRSQRT14SS" +"VRSQRT28PD" +"VRSQRT28PS" +"VRSQRT28SD" +"VRSQRT28SS" +"VRSQRTPS" +"VRSQRTSS" +"VSCALEFPD" +"VSCALEFPS" +"VSCALEFSD" +"VSCALEFSS" +"VSCATTERDPD" +"VSCATTERDPS" +"VSCATTERPF0DPD" +"VSCATTERPF0DPS" +"VSCATTERPF0QPD" +"VSCATTERPF0QPS" +"VSCATTERPF1DPD" +"VSCATTERPF1DPS" +"VSCATTERPF1QPD" +"VSCATTERPF1QPS" +"VSCATTERQPD" +"VSCATTERQPS" +"VSHUFF32X4" +"VSHUFF32x4" +"VSHUFF64X2" +"VSHUFF64x2" +"VSHUFI32X4" +"VSHUFI32x4" +"VSHUFI64X2" +"VSHUFI64x2" +"VSHUFPD" +"VSHUFPS" +"VSQRTPD" +"VSQRTPS" +"VSQRTSD" +"VSQRTSS" +"VSUBPD" +"VSUBPS" +"VSUBSD" +"VTESTPD" +"VTESTPS" +"VUCOMISD" +"VUNPCKHPD" +"VUNPCKHPS" +"VUNPCKLPD" +"VUNPCKLPS" +"VXORPD" +"VXORPS" +"VZEROALL" +"VZEROUPPER" +"WAIT" +"WBINVD" +"WBNOINVD" +"WRFSBASE" +"WRGSBASE" +"WRMSR" +"WRPKRU" +"WRSHR" +"XABORT" +"XACQUIRE" +"XADD" +"XBEGIN" +"XBTS" +"XCHG" +"XCRYPTCTR" +"XCRYPTECB" +"XCRYPTOFB" +"XEND" +"XGETBV" +"XLAT" +"XLATB" +"XOR" +"XORPD" +"XORPS" +"XRELEASE" +"XRSTOR" +"XRSTORS" +"XSAVE" +"XSAVEC" +"XSAVEOPT" +"XSAVES" +"XSETBV" +"XSHA1" +"XTEST" + + +# registers +"RAX" +"RBX" +"RCX" +"RDX" +"RSI" +"RBP" +"RSP" +"R8" +"R9" +"R10" +"R11" +"R12" +"R13" +"R14" +"R15" +"RIP" +"EAX" +"EBX" +"ECX" +"EDX" +"ESI" +"EBP" +"ESP" +"AX" +"BX" +"CX" +"DX" +"SI" +"BP" +"SP" +"SI" +"DI" +"R8W" +"R9W" +"R10W" +"R11W" +"R12W" +"R13W" +"R14W" +"R15W" +"IP" +"AH" +"BH" +"CH" +"DH" +"AL" +"BL" +"CL" +"DL" +"dil" +"sil" +"R8B" +"R9B" +"R10B" +"R11B" +"R12B" +"R13B" +"R14B" +"R15B" +"CS" +"DS" +"ES" +"SS" +"FS" +"GS" +"CR2" +"CR3" +"CR4" +"DR0" +"DR1" +"DR2" +"DR3" +"DR6" +"DR7" +"TR3" +"TR4" +"TR5" +"TR6" +"TR7" +"GDTR" +"LDTR" +"IDTR" + +# sizes +"WORD" +"DWORD" +"QWORD" +"far" \ No newline at end of file diff --git a/dictionaries/xml_UTF_16.dict b/dictionaries/xml_UTF_16.dict new file mode 100644 index 00000000..404d327b --- /dev/null +++ b/dictionaries/xml_UTF_16.dict @@ -0,0 +1,103 @@ +# xml.dict converted to UTF-16 encoding. +"\xff\xfe \x00e\x00n\x00c\x00o\x00d\x00i\x00n\x00g\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +"\xff\xfe \x00a\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +"\xff\xfe \x00h\x00r\x00e\x00f\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +"\xff\xfe \x00s\x00t\x00a\x00n\x00d\x00a\x00l\x00o\x00n\x00e\x00=\x00\\\x00"\x00n\x00o\x00\\\x00"\x00" +"\xff\xfe \x00v\x00e\x00r\x00s\x00i\x00o\x00n\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +"\xff\xfe \x00x\x00m\x00l\x00:\x00b\x00a\x00s\x00e\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +"\xff\xfe \x00x\x00m\x00l\x00:\x00i\x00d\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +"\xff\xfe \x00x\x00m\x00l\x00:\x00l\x00a\x00n\x00g\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +"\xff\xfe \x00x\x00m\x00l\x00:\x00s\x00p\x00a\x00c\x00e\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +"\xff\xfe \x00x\x00m\x00l\x00n\x00s\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +"\xff\xfe&\x00l\x00t\x00;\x00" +"\xff\xfe&\x00#\x001\x00;\x00" +"\xff\xfe&\x00a\x00;\x00" +"\xff\xfe&\x00#\x00x\x001\x00;\x00" +"\xff\xfeA\x00N\x00Y\x00" +"\xff\xfeA\x00T\x00T\x00L\x00I\x00S\x00T\x00" +"\xff\xfeC\x00D\x00A\x00T\x00A\x00" +"\xff\xfeD\x00O\x00C\x00T\x00Y\x00P\x00E\x00" +"\xff\xfeE\x00L\x00E\x00M\x00E\x00N\x00T\x00" +"\xff\xfeE\x00M\x00P\x00T\x00Y\x00" +"\xff\xfeE\x00N\x00T\x00I\x00T\x00I\x00E\x00S\x00" +"\xff\xfeE\x00N\x00T\x00I\x00T\x00Y\x00" +"\xff\xfeF\x00I\x00X\x00E\x00D\x00" +"\xff\xfeI\x00D\x00" +"\xff\xfeI\x00D\x00R\x00E\x00F\x00" +"\xff\xfeI\x00D\x00R\x00E\x00F\x00S\x00" +"\xff\xfeI\x00G\x00N\x00O\x00R\x00E\x00" +"\xff\xfeI\x00M\x00P\x00L\x00I\x00E\x00D\x00" +"\xff\xfeI\x00N\x00C\x00L\x00U\x00D\x00E\x00" +"\xff\xfeN\x00D\x00A\x00T\x00A\x00" +"\xff\xfeN\x00M\x00T\x00O\x00K\x00E\x00N\x00" +"\xff\xfeN\x00M\x00T\x00O\x00K\x00E\x00N\x00S\x00" +"\xff\xfeN\x00O\x00T\x00A\x00T\x00I\x00O\x00N\x00" +"\xff\xfeP\x00C\x00D\x00A\x00T\x00A\x00" +"\xff\xfeP\x00U\x00B\x00L\x00I\x00C\x00" +"\xff\xfeR\x00E\x00Q\x00U\x00I\x00R\x00E\x00D\x00" +"\xff\xfeS\x00Y\x00S\x00T\x00E\x00M\x00" +"\xff\xfe<\x00" +"\xff\xfe>\x00" +"\xff\xfe/\x00>\x00" +"\xff\xfe<\x00/\x00" +"\xff\xfe<\x00?\x00" +"\xff\xfe?\x00>\x00" +"\xff\xfe<\x00!\x00" +"\xff\xfe!\x00>\x00" +"\xff\xfe[\x00]\x00" +"\xff\xfe]\x00]\x00" +"\xff\xfe<\x00!\x00[\x00C\x00D\x00A\x00T\x00A\x00[\x00" +"\xff\xfe<\x00!\x00[\x00C\x00D\x00A\x00T\x00A\x00[\x00]\x00]\x00>\x00" +"\xff\xfe\\\x00"\x00\\\x00"\x00" +"\xff\xfe'\x00'\x00" +"\xff\xfe=\x00\\\x00"\x00\\\x00"\x00" +"\xff\xfe=\x00'\x00'\x00" +"\xff\xfe<\x00!\x00A\x00T\x00T\x00L\x00I\x00S\x00T\x00" +"\xff\xfe<\x00!\x00D\x00O\x00C\x00T\x00Y\x00P\x00E\x00" +"\xff\xfe<\x00!\x00E\x00L\x00E\x00M\x00E\x00N\x00T\x00" +"\xff\xfe<\x00!\x00E\x00N\x00T\x00I\x00T\x00Y\x00" +"\xff\xfe<\x00!\x00[\x00I\x00G\x00N\x00O\x00R\x00E\x00[\x00" +"\xff\xfe<\x00!\x00[\x00I\x00N\x00C\x00L\x00U\x00D\x00E\x00[\x00" +"\xff\xfe<\x00!\x00N\x00O\x00T\x00A\x00T\x00I\x00O\x00N\x00" +"\xff\xfe#\x00C\x00D\x00A\x00T\x00A\x00" +"\xff\xfe#\x00F\x00I\x00X\x00E\x00D\x00" +"\xff\xfe#\x00I\x00M\x00P\x00L\x00I\x00E\x00D\x00" +"\xff\xfe#\x00P\x00C\x00D\x00A\x00T\x00A\x00" +"\xff\xfe#\x00R\x00E\x00Q\x00U\x00I\x00R\x00E\x00D\x00" +"\xff\xfeI\x00S\x00O\x00-\x008\x008\x005\x009\x00-\x001\x00" +"\xff\xfeU\x00S\x00-\x00A\x00S\x00C\x00I\x00I\x00" +"\xff\xfeU\x00T\x00F\x00-\x008\x00" +"\xff\xfeU\x00T\x00F\x00-\x001\x006\x00" +"\xff\xfeU\x00T\x00F\x00-\x001\x006\x00B\x00E\x00" +"\xff\xfeU\x00T\x00F\x00-\x001\x006\x00L\x00E\x00" +"\xff\xfex\x00m\x00l\x00n\x00s\x00" +"\xff\xfex\x00m\x00l\x00n\x00s\x00:\x00" +"\xff\xfex\x00m\x00l\x00n\x00s\x00:\x00x\x00h\x00t\x00m\x00l\x00=\x00\\\x00"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x003\x00.\x00o\x00r\x00g\x00/\x001\x009\x009\x009\x00/\x00x\x00h\x00t\x00m\x00l\x00\\\x00"\x00" +"\xff\xfex\x00m\x00l\x00n\x00s\x00:\x00x\x00m\x00l\x00=\x00\\\x00"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x003\x00.\x00o\x00r\x00g\x00/\x00X\x00M\x00L\x00/\x001\x009\x009\x008\x00/\x00n\x00a\x00m\x00e\x00s\x00p\x00a\x00c\x00e\x00\\\x00"\x00" +"\xff\xfex\x00m\x00l\x00n\x00s\x00:\x00x\x00m\x00l\x00n\x00s\x00=\x00\\\x00"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x003\x00.\x00o\x00r\x00g\x00/\x002\x000\x000\x000\x00/\x00x\x00m\x00l\x00n\x00s\x00\\\x00"\x00" +"\xff\xfe:\x00f\x00a\x00l\x00l\x00b\x00a\x00c\x00k\x00" +"\xff\xfe:\x00a\x00" +"\xff\xfe:\x00i\x00n\x00c\x00l\x00u\x00d\x00e\x00" +"\xff\xfe-\x00-\x00" +"\xff\xfe(\x00)\x00" +"\xff\xfe%\x00a\x00" +"\xff\xfe:\x00s\x00c\x00h\x00e\x00m\x00a\x00" +"\xff\xfeU\x00C\x00S\x00-\x004\x00" +"\xff\xfe<\x00/\x00a\x00>\x00" +"\xff\xfe<\x00a\x00>\x00" +"\xff\xfe<\x00a\x00 \x00/\x00>\x00" +"\xff\xfe<\x00?\x00x\x00m\x00l\x00?\x00>\x00" +"\xff\xfeh\x00t\x00t\x00p\x00:\x00/\x00/\x00d\x00o\x00c\x00b\x00o\x00o\x00" +"\xff\xfeh\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x00" +"\xff\xfeh\x00e\x003\x000\x00" +"\xff\xfeh\x00e\x002\x00" +"\xff\xfeI\x00E\x00T\x00" +"\xff\xfeF\x00D\x00F\x00-\x001\x000\x00" +"\xff\xfea\x00D\x00U\x00C\x00S\x00-\x004\x00O\x00P\x00v\x00e\x00b\x00:\x00" +"\xff\xfea\x00>\x00" +"\xff\xfeU\x00T\x00" +"\xff\xfex\x00M\x00l\x00" +"\xff\xfe/\x00u\x00s\x00r\x00/\x00s\x00h\x00a\x00r\x00e\x00/\x00s\x00g\x00" +"\xff\xfeh\x00a\x000\x007\x00" +"\xff\xfeh\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00o\x00a\x00" +"\xff\xfec\x00l\x00e\x00" diff --git a/dictionaries/xml_UTF_16BE.dict b/dictionaries/xml_UTF_16BE.dict new file mode 100644 index 00000000..c1bdbcf9 --- /dev/null +++ b/dictionaries/xml_UTF_16BE.dict @@ -0,0 +1,103 @@ +# xml.dict converted to UTF-16BE encoding. +"\x00 \x00e\x00n\x00c\x00o\x00d\x00i\x00n\x00g\x00=\x00\\\x00"\x001\x00\\\x00"" +"\x00 \x00a\x00=\x00\\\x00"\x001\x00\\\x00"" +"\x00 \x00h\x00r\x00e\x00f\x00=\x00\\\x00"\x001\x00\\\x00"" +"\x00 \x00s\x00t\x00a\x00n\x00d\x00a\x00l\x00o\x00n\x00e\x00=\x00\\\x00"\x00n\x00o\x00\\\x00"" +"\x00 \x00v\x00e\x00r\x00s\x00i\x00o\x00n\x00=\x00\\\x00"\x001\x00\\\x00"" +"\x00 \x00x\x00m\x00l\x00:\x00b\x00a\x00s\x00e\x00=\x00\\\x00"\x001\x00\\\x00"" +"\x00 \x00x\x00m\x00l\x00:\x00i\x00d\x00=\x00\\\x00"\x001\x00\\\x00"" +"\x00 \x00x\x00m\x00l\x00:\x00l\x00a\x00n\x00g\x00=\x00\\\x00"\x001\x00\\\x00"" +"\x00 \x00x\x00m\x00l\x00:\x00s\x00p\x00a\x00c\x00e\x00=\x00\\\x00"\x001\x00\\\x00"" +"\x00 \x00x\x00m\x00l\x00n\x00s\x00=\x00\\\x00"\x001\x00\\\x00"" +"\x00&\x00l\x00t\x00;" +"\x00&\x00#\x001\x00;" +"\x00&\x00a\x00;" +"\x00&\x00#\x00x\x001\x00;" +"\x00A\x00N\x00Y" +"\x00A\x00T\x00T\x00L\x00I\x00S\x00T" +"\x00C\x00D\x00A\x00T\x00A" +"\x00D\x00O\x00C\x00T\x00Y\x00P\x00E" +"\x00E\x00L\x00E\x00M\x00E\x00N\x00T" +"\x00E\x00M\x00P\x00T\x00Y" +"\x00E\x00N\x00T\x00I\x00T\x00I\x00E\x00S" +"\x00E\x00N\x00T\x00I\x00T\x00Y" +"\x00F\x00I\x00X\x00E\x00D" +"\x00I\x00D" +"\x00I\x00D\x00R\x00E\x00F" +"\x00I\x00D\x00R\x00E\x00F\x00S" +"\x00I\x00G\x00N\x00O\x00R\x00E" +"\x00I\x00M\x00P\x00L\x00I\x00E\x00D" +"\x00I\x00N\x00C\x00L\x00U\x00D\x00E" +"\x00N\x00D\x00A\x00T\x00A" +"\x00N\x00M\x00T\x00O\x00K\x00E\x00N" +"\x00N\x00M\x00T\x00O\x00K\x00E\x00N\x00S" +"\x00N\x00O\x00T\x00A\x00T\x00I\x00O\x00N" +"\x00P\x00C\x00D\x00A\x00T\x00A" +"\x00P\x00U\x00B\x00L\x00I\x00C" +"\x00R\x00E\x00Q\x00U\x00I\x00R\x00E\x00D" +"\x00S\x00Y\x00S\x00T\x00E\x00M" +"\x00<" +"\x00>" +"\x00/\x00>" +"\x00<\x00/" +"\x00<\x00?" +"\x00?\x00>" +"\x00<\x00!" +"\x00!\x00>" +"\x00[\x00]" +"\x00]\x00]" +"\x00<\x00!\x00[\x00C\x00D\x00A\x00T\x00A\x00[" +"\x00<\x00!\x00[\x00C\x00D\x00A\x00T\x00A\x00[\x00]\x00]\x00>" +"\x00\\\x00"\x00\\\x00"" +"\x00'\x00'" +"\x00=\x00\\\x00"\x00\\\x00"" +"\x00=\x00'\x00'" +"\x00<\x00!\x00A\x00T\x00T\x00L\x00I\x00S\x00T" +"\x00<\x00!\x00D\x00O\x00C\x00T\x00Y\x00P\x00E" +"\x00<\x00!\x00E\x00L\x00E\x00M\x00E\x00N\x00T" +"\x00<\x00!\x00E\x00N\x00T\x00I\x00T\x00Y" +"\x00<\x00!\x00[\x00I\x00G\x00N\x00O\x00R\x00E\x00[" +"\x00<\x00!\x00[\x00I\x00N\x00C\x00L\x00U\x00D\x00E\x00[" +"\x00<\x00!\x00N\x00O\x00T\x00A\x00T\x00I\x00O\x00N" +"\x00#\x00C\x00D\x00A\x00T\x00A" +"\x00#\x00F\x00I\x00X\x00E\x00D" +"\x00#\x00I\x00M\x00P\x00L\x00I\x00E\x00D" +"\x00#\x00P\x00C\x00D\x00A\x00T\x00A" +"\x00#\x00R\x00E\x00Q\x00U\x00I\x00R\x00E\x00D" +"\x00I\x00S\x00O\x00-\x008\x008\x005\x009\x00-\x001" +"\x00U\x00S\x00-\x00A\x00S\x00C\x00I\x00I" +"\x00U\x00T\x00F\x00-\x008" +"\x00U\x00T\x00F\x00-\x001\x006" +"\x00U\x00T\x00F\x00-\x001\x006\x00B\x00E" +"\x00U\x00T\x00F\x00-\x001\x006\x00L\x00E" +"\x00x\x00m\x00l\x00n\x00s" +"\x00x\x00m\x00l\x00n\x00s\x00:" +"\x00x\x00m\x00l\x00n\x00s\x00:\x00x\x00h\x00t\x00m\x00l\x00=\x00\\\x00"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x003\x00.\x00o\x00r\x00g\x00/\x001\x009\x009\x009\x00/\x00x\x00h\x00t\x00m\x00l\x00\\\x00"" +"\x00x\x00m\x00l\x00n\x00s\x00:\x00x\x00m\x00l\x00=\x00\\\x00"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x003\x00.\x00o\x00r\x00g\x00/\x00X\x00M\x00L\x00/\x001\x009\x009\x008\x00/\x00n\x00a\x00m\x00e\x00s\x00p\x00a\x00c\x00e\x00\\\x00"" +"\x00x\x00m\x00l\x00n\x00s\x00:\x00x\x00m\x00l\x00n\x00s\x00=\x00\\\x00"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x003\x00.\x00o\x00r\x00g\x00/\x002\x000\x000\x000\x00/\x00x\x00m\x00l\x00n\x00s\x00\\\x00"" +"\x00:\x00f\x00a\x00l\x00l\x00b\x00a\x00c\x00k" +"\x00:\x00a" +"\x00:\x00i\x00n\x00c\x00l\x00u\x00d\x00e" +"\x00-\x00-" +"\x00(\x00)" +"\x00%\x00a" +"\x00:\x00s\x00c\x00h\x00e\x00m\x00a" +"\x00U\x00C\x00S\x00-\x004" +"\x00<\x00/\x00a\x00>" +"\x00<\x00a\x00>" +"\x00<\x00a\x00 \x00/\x00>" +"\x00<\x00?\x00x\x00m\x00l\x00?\x00>" +"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00d\x00o\x00c\x00b\x00o\x00o" +"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w" +"\x00h\x00e\x003\x000" +"\x00h\x00e\x002" +"\x00I\x00E\x00T" +"\x00F\x00D\x00F\x00-\x001\x000" +"\x00a\x00D\x00U\x00C\x00S\x00-\x004\x00O\x00P\x00v\x00e\x00b\x00:" +"\x00a\x00>" +"\x00U\x00T" +"\x00x\x00M\x00l" +"\x00/\x00u\x00s\x00r\x00/\x00s\x00h\x00a\x00r\x00e\x00/\x00s\x00g" +"\x00h\x00a\x000\x007" +"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00o\x00a" +"\x00c\x00l\x00e" diff --git a/dictionaries/xml_UTF_16LE.dict b/dictionaries/xml_UTF_16LE.dict new file mode 100644 index 00000000..02619db5 --- /dev/null +++ b/dictionaries/xml_UTF_16LE.dict @@ -0,0 +1,103 @@ +# xml.dict converted to UTF-16LE encoding. +" \x00e\x00n\x00c\x00o\x00d\x00i\x00n\x00g\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +" \x00a\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +" \x00h\x00r\x00e\x00f\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +" \x00s\x00t\x00a\x00n\x00d\x00a\x00l\x00o\x00n\x00e\x00=\x00\\\x00"\x00n\x00o\x00\\\x00"\x00" +" \x00v\x00e\x00r\x00s\x00i\x00o\x00n\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +" \x00x\x00m\x00l\x00:\x00b\x00a\x00s\x00e\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +" \x00x\x00m\x00l\x00:\x00i\x00d\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +" \x00x\x00m\x00l\x00:\x00l\x00a\x00n\x00g\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +" \x00x\x00m\x00l\x00:\x00s\x00p\x00a\x00c\x00e\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +" \x00x\x00m\x00l\x00n\x00s\x00=\x00\\\x00"\x001\x00\\\x00"\x00" +"&\x00l\x00t\x00;\x00" +"&\x00#\x001\x00;\x00" +"&\x00a\x00;\x00" +"&\x00#\x00x\x001\x00;\x00" +"A\x00N\x00Y\x00" +"A\x00T\x00T\x00L\x00I\x00S\x00T\x00" +"C\x00D\x00A\x00T\x00A\x00" +"D\x00O\x00C\x00T\x00Y\x00P\x00E\x00" +"E\x00L\x00E\x00M\x00E\x00N\x00T\x00" +"E\x00M\x00P\x00T\x00Y\x00" +"E\x00N\x00T\x00I\x00T\x00I\x00E\x00S\x00" +"E\x00N\x00T\x00I\x00T\x00Y\x00" +"F\x00I\x00X\x00E\x00D\x00" +"I\x00D\x00" +"I\x00D\x00R\x00E\x00F\x00" +"I\x00D\x00R\x00E\x00F\x00S\x00" +"I\x00G\x00N\x00O\x00R\x00E\x00" +"I\x00M\x00P\x00L\x00I\x00E\x00D\x00" +"I\x00N\x00C\x00L\x00U\x00D\x00E\x00" +"N\x00D\x00A\x00T\x00A\x00" +"N\x00M\x00T\x00O\x00K\x00E\x00N\x00" +"N\x00M\x00T\x00O\x00K\x00E\x00N\x00S\x00" +"N\x00O\x00T\x00A\x00T\x00I\x00O\x00N\x00" +"P\x00C\x00D\x00A\x00T\x00A\x00" +"P\x00U\x00B\x00L\x00I\x00C\x00" +"R\x00E\x00Q\x00U\x00I\x00R\x00E\x00D\x00" +"S\x00Y\x00S\x00T\x00E\x00M\x00" +"<\x00" +">\x00" +"/\x00>\x00" +"<\x00/\x00" +"<\x00?\x00" +"?\x00>\x00" +"<\x00!\x00" +"!\x00>\x00" +"[\x00]\x00" +"]\x00]\x00" +"<\x00!\x00[\x00C\x00D\x00A\x00T\x00A\x00[\x00" +"<\x00!\x00[\x00C\x00D\x00A\x00T\x00A\x00[\x00]\x00]\x00>\x00" +"\\\x00"\x00\\\x00"\x00" +"'\x00'\x00" +"=\x00\\\x00"\x00\\\x00"\x00" +"=\x00'\x00'\x00" +"<\x00!\x00A\x00T\x00T\x00L\x00I\x00S\x00T\x00" +"<\x00!\x00D\x00O\x00C\x00T\x00Y\x00P\x00E\x00" +"<\x00!\x00E\x00L\x00E\x00M\x00E\x00N\x00T\x00" +"<\x00!\x00E\x00N\x00T\x00I\x00T\x00Y\x00" +"<\x00!\x00[\x00I\x00G\x00N\x00O\x00R\x00E\x00[\x00" +"<\x00!\x00[\x00I\x00N\x00C\x00L\x00U\x00D\x00E\x00[\x00" +"<\x00!\x00N\x00O\x00T\x00A\x00T\x00I\x00O\x00N\x00" +"#\x00C\x00D\x00A\x00T\x00A\x00" +"#\x00F\x00I\x00X\x00E\x00D\x00" +"#\x00I\x00M\x00P\x00L\x00I\x00E\x00D\x00" +"#\x00P\x00C\x00D\x00A\x00T\x00A\x00" +"#\x00R\x00E\x00Q\x00U\x00I\x00R\x00E\x00D\x00" +"I\x00S\x00O\x00-\x008\x008\x005\x009\x00-\x001\x00" +"U\x00S\x00-\x00A\x00S\x00C\x00I\x00I\x00" +"U\x00T\x00F\x00-\x008\x00" +"U\x00T\x00F\x00-\x001\x006\x00" +"U\x00T\x00F\x00-\x001\x006\x00B\x00E\x00" +"U\x00T\x00F\x00-\x001\x006\x00L\x00E\x00" +"x\x00m\x00l\x00n\x00s\x00" +"x\x00m\x00l\x00n\x00s\x00:\x00" +"x\x00m\x00l\x00n\x00s\x00:\x00x\x00h\x00t\x00m\x00l\x00=\x00\\\x00"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x003\x00.\x00o\x00r\x00g\x00/\x001\x009\x009\x009\x00/\x00x\x00h\x00t\x00m\x00l\x00\\\x00"\x00" +"x\x00m\x00l\x00n\x00s\x00:\x00x\x00m\x00l\x00=\x00\\\x00"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x003\x00.\x00o\x00r\x00g\x00/\x00X\x00M\x00L\x00/\x001\x009\x009\x008\x00/\x00n\x00a\x00m\x00e\x00s\x00p\x00a\x00c\x00e\x00\\\x00"\x00" +"x\x00m\x00l\x00n\x00s\x00:\x00x\x00m\x00l\x00n\x00s\x00=\x00\\\x00"\x00h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x003\x00.\x00o\x00r\x00g\x00/\x002\x000\x000\x000\x00/\x00x\x00m\x00l\x00n\x00s\x00\\\x00"\x00" +":\x00f\x00a\x00l\x00l\x00b\x00a\x00c\x00k\x00" +":\x00a\x00" +":\x00i\x00n\x00c\x00l\x00u\x00d\x00e\x00" +"-\x00-\x00" +"(\x00)\x00" +"%\x00a\x00" +":\x00s\x00c\x00h\x00e\x00m\x00a\x00" +"U\x00C\x00S\x00-\x004\x00" +"<\x00/\x00a\x00>\x00" +"<\x00a\x00>\x00" +"<\x00a\x00 \x00/\x00>\x00" +"<\x00?\x00x\x00m\x00l\x00?\x00>\x00" +"h\x00t\x00t\x00p\x00:\x00/\x00/\x00d\x00o\x00c\x00b\x00o\x00o\x00" +"h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00w\x00" +"h\x00e\x003\x000\x00" +"h\x00e\x002\x00" +"I\x00E\x00T\x00" +"F\x00D\x00F\x00-\x001\x000\x00" +"a\x00D\x00U\x00C\x00S\x00-\x004\x00O\x00P\x00v\x00e\x00b\x00:\x00" +"a\x00>\x00" +"U\x00T\x00" +"x\x00M\x00l\x00" +"/\x00u\x00s\x00r\x00/\x00s\x00h\x00a\x00r\x00e\x00/\x00s\x00g\x00" +"h\x00a\x000\x007\x00" +"h\x00t\x00t\x00p\x00:\x00/\x00/\x00w\x00w\x00w\x00.\x00o\x00a\x00" +"c\x00l\x00e\x00" diff --git a/dictionaries/xpath.dict b/dictionaries/xpath.dict new file mode 100644 index 00000000..1101585c --- /dev/null +++ b/dictionaries/xpath.dict @@ -0,0 +1,66 @@ +# https://developer.mozilla.org/en-US/docs/Web/XPath +# https://devhints.io/xpath + +# selectors +"//" +"./" +"::" +"[*]" + + +# functions - https://developer.mozilla.org/en-US/docs/Web/XPath/Functions +"boolean(" +"ceiling(" +"choose(" +"concat(" +"contains(" +"count(" +"current()" +"document(" +"element-available(" +"ends-with(" +"false()" +"floor(" +"format-number(" +"function-available(" +"generate-id(" +"id(" +"key(" +"lang(" +"last()" +"local-name(" +"name(" +"namespace-uri(" +"normalize-space(" +"not(" +"number(" +"or" +"position(" +"round(" +"starts-with(" +"string(" +"string-length(" +"substring(" +"substring-after(" +"substring-before(" +"sum(" +"system-property(" +"text()" +"translate(" +"true()" +"unparsed-entity-url(" + +# axes - https://developer.mozilla.org/en-US/docs/Web/XPath/Axes +"ancestor" +"ancestor-or-self" +"attribute" +"child" +"descendant" +"descendant-or-self" +"following" +"following-sibling" +"namespace" +"parent" +"preceding" +"preceding-sibling" +"self" diff --git a/dictionaries/xslt.dict b/dictionaries/xslt.dict new file mode 100644 index 00000000..81633b12 --- /dev/null +++ b/dictionaries/xslt.dict @@ -0,0 +1,118 @@ +# Tokens taken from: +# - https://www.w3.org/TR/xslt20/ +# - https://en.wikipedia.org/wiki/XSLT_elements +# - https://developer.mozilla.org/en-US/docs/Web/XSLT/Element + + +"<?" +"<?xslt-" +"?>" +"version=\"1.0\"" +"encoding=\"" +"<xsl:" +"/>" +"</xsl:" +">" +"<" +"<!--" +"-->" +"@" + +"apply-imports" +"apply-templates" +"attribute" +"attribute-set" +"call-template" +"character-map" +"choose" +"comment" +"copy" +"copy-of" +"decimal-format" +"default-collection" +"element" +"exclude-result-prefixes" +"extension-element-prefixes" +"fallback" +"for-each" +"function" +"if" +"import" +"import-schema" +"include" +"key" +"message" +"namespace-alias" +"number" +"otherwise" +"output" +"param" +"preserve-space" +"processing-instruction" +"sort" +"strip-space" +"stylesheet" +"template" +"text" +"transform" +"use-when" +"value-of" +"variable" +"version" +"when" +"with-param" + +# attributes +" name=\"" +" namespace=\"" +" select=\"" +" test=\"" +" type=\"" +" value=\"" +" prefix=\"" + +# functions +"ceiling" +"concat" +"contains" +"count" +"floor" +"normalize_space" +"position" +"round" +"string" +"string-length" +"substring" +"substring-after" +"substring-before" +"sum" +"translate" + + +# math extension +"http://exslt.org/math" +"math:highest" +"math:lowest" +"math:max" +"math:min" + +# regex extension +"http://exslt.org/regular-expressions" +"regexp:match" +"regexp:replace" +"regexp:test" + +# set extension +"http://exslt.org/sets" +"set:difference" +"set:distinct" +"set:has-same-node" +"set:intersection" +"set:leading" +"set:trailing" + +# str extension +"http://exslt.org/strings" +"str:concat" +"str:split" +"str:tokenize" diff --git a/dictionaries/yaml.dict b/dictionaries/yaml.dict new file mode 100644 index 00000000..f535d508 --- /dev/null +++ b/dictionaries/yaml.dict @@ -0,0 +1,79 @@ +# sources: +# - https://en.wikipedia.org/wiki/YAML +# - https://yaml.org/spec/1.1/ +# - https://yaml.org/type/ + +directive_yaml="%YAML 1.2" +directive_tag="%TAG !yaml! tag:yaml.org,2002:" +directive_tag2="%TAG !m! !my-" +true="true" +caps_true="TRUE" +caps_false="FALSE" +literal_true="YES" +literal_false="NO" +false="false" +start="---" +comment="#" +list="- " +key="k: " +walrus="=:" +question_key="?k: " +number="\"0e5\"" +expand="!!" +list="[a,b]" +dict="{k: v, x: y}" +value=": v" +exponent="e+03" +neg_inf="-.inf" +nan=".NaN" +end="..." +quoted_key="'k'" +newline="k: |" +newline2="k: >" +anchor="&a" +reference="*a" +type_binary="!!binary" +type_bool="!!bool" +type_float="!!float" +type_int="!!int" +type_map="!!map" +type_merge="!!merge" +type_null="!!null" +type_omap="!!omap" +type_pairs="!!pairs" +type_seq="!!seq" +type_set="!!set" +type_str="!!str" +type_timestamp="!!timestamp" +type_value="!!value" +type_yaml="!!yaml" +type_python="!!python" +merge = "<<" +number_separation="_" +decimal_number="+30_123" +octal_number="0123" +hex_number="0x_12_23" +bin_number="0b1001_1001" +sexa_number="123:34:75" +complex_mapping="? " +litteral_style=" |" +folded_style=" >" +timestamp="2001-12-14t21:59:43.10-05:00" +escaped_unicode="\\u2029" +"[" +"]" +"{" +"}" +"-" +"," +"&" +"<<" +":" +"|" +"!!" +">" +"\"" +"'" +integer="123" +float="12.5" +mantissa="1.3e+9" diff --git a/dictionaries/yara.dict b/dictionaries/yara.dict new file mode 100644 index 00000000..844d3e58 --- /dev/null +++ b/dictionaries/yara.dict @@ -0,0 +1,196 @@ +# https://yara.readthedocs.io/en/latest/ + +# Keywords +"all" +"and" +"any" +"ascii" +"at" +"condition" +"contains" +"entrypoint" +"false" +"filesize" +"for" +"fullword" +"global" +"import" +"in" +"include" +"int16" +"int16be" +"int32" +"int32be" +"int8" +"int8be" +"matches" +"meta" +"nocase" +"not" +"of" +"or" +"private" +"rule" +"strings" +"them" +"true" +"uint16" +"uint16be" +"uint32" +"uint32be" +"uint8" +"uint8be" +"wide" +"xor" + +# pe module +"\"pe\"" +"pe.machine" +"pe.checksum" +"pe.calculate_checksum" +"pe.subsystem" +"pe.timestamp" +"pe.pointer_to_symbol_table" +"pe.number_of_sumbols" +"pe.size_of_optional_header" +"pe.pothdr_magic" +"pe.size_of_code" +"pe.size_of_initialized_data" +"pe.size_of_unnitialized_data" +"pe.entrypoint" +"pe.base_of_code" +"pe.base_of_data" +"pe.image_base" +"pe.section_alignment" +"pe.file_alignment" +"pe.win32_version_value" +"pe.size_of_image" +"pe.size_of_headers" +"pe.characteristics" +"pe.linker_version" +"pe.os_version" +"pe.image_version" +"pe.subsystem_version" +"pe.dll_characteristics" +"pe.size_of_stack_reserve" +"pe.size_of_stack_commit" +"pe.size_of_heap_reserve" +"pe.size_of_heap_commit" +"pe.loader_flags" +"pe.number_of_rva_and_sizes" +"pe.data_directories" +"pe.number_of_sections" +"pe.sections" +"pe.overlay" +"pe.number_of_resources" +"pe.resource_timestamp" +"pe.resource_version" +"pe.resources" +"pe.version_info" +"pe.number_of_signatures" +"pe.signatures" +"pe.rich_signature" +"pe.exports" +"pe.number_of_exports" +"pe.number_of_imports" +"pe.imports" +"pe.locale" +"pe.language" +"pe.imphash" +"pe.section_index" +"pe.is_dll()" +"pe.is_32bit()" +"pe.is_64bit()" +"pe.rva_to_offset" + +# elf module +"\"elf\"" +"elf.type" +"elf.machine" +"elf.entry_point" +"elf.number_of_sections" +"elf.sections" +"elf.number_of_segments" +"elf.segments" +"elf.dynamic_section_entires" +"elf.dynamic" +"elf.symtab_entries" +"elf.symtab" + +# cuckoo module +"\"cuckoo\"" +"cuckoo.network" +"cuckoo.registry" +"cuckoo.filesystem" +"cuckoo.sync" + +# magic module +"\"magic\"" +"magic.type()" +"magic.mime_type()" + + +# hash module +"\"hash\"" +"hash.md5" +"hash.sha1" +"hash.sha256" +"hash.checksum32" +"hash.crc32" + +# math module +"\"math\"" +"math.entropuy" +"math.monte_carlo_pi" +"math.serial_correlation" +"math.mean" +"math.deviation" +"math.in_range" +"math.max" +"max.min" + +# dotnet module +"\"dotnet\"" +"dotnet.version" +"dotnet.module_name" +"dotnet.number_of_streams" +"dotnet.streams" +"dotnet.number_of_guid" +"dotnet.guids" +"dotnet.number_of_resources" +"dotnet.resources" +"dotnet.assembly" +"dotnet.number_of_modulerefs" +"dotnet.modulerefs" +"dotnet.typelib" +"dotnet.assembly_refs" +"dotnet.number_of_user_strings" +"dotnet.user_strings" +"dotnet.number_of_field_offsets" +"dotnet.field_offsets" + +# time module +"\"time\"" +"time.now()" + + +# misc +"/*" +"*/" +"//" +"$a=" +"{a?}" +"[0-9]" +"{(0A|??)}" +"<<" +">>" +"#a" +"$a" +".." +"@a" + +# regex +"*?" +"+?" +"??" +"{1,2}?" diff --git a/dictionaries/zip.dict b/dictionaries/zip.dict new file mode 100644 index 00000000..9d873dce --- /dev/null +++ b/dictionaries/zip.dict @@ -0,0 +1,3 @@ +header1="\x50\x4B\x03\x04" +header2="\x50\x4B\x05\x06" +header2="\x50\x4B\x07\x08" \ No newline at end of file diff --git a/docs/Changelog.md b/docs/Changelog.md index 40b841a5..62de7f87 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -14,6 +14,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - -S slaves now only sync from the master to increase performance, the -M master stilly syncs from everyone. Added checks that exactly one master is present + - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk - added former post_library examples to examples/custom_mutators/ -- cgit 1.4.1 From 6e98b3ebb2ba6adb58fe06226f90d4d0c9430b0d Mon Sep 17 00:00:00 2001 From: hexcoder- <heiko@hexco.de> Date: Sat, 16 May 2020 12:15:03 +0200 Subject: non GNU Makefiles: message when gmake is not found, gcc_plugin portability --- Makefile | 2 +- gcc_plugin/Makefile | 33 +++++++++++++++++---------------- 2 files changed, 18 insertions(+), 17 deletions(-) diff --git a/Makefile b/Makefile index 08dd29d7..96f67991 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ all: @echo trying to use GNU make... - @gmake all + @gmake all || echo please install GNUmake source-only: @gmake source-only diff --git a/gcc_plugin/Makefile b/gcc_plugin/Makefile index e81924e0..7eff326a 100644 --- a/gcc_plugin/Makefile +++ b/gcc_plugin/Makefile @@ -35,11 +35,11 @@ CFLAGS = -Wall -I../include -Wno-pointer-sign \ -DGCC_VERSION=\"$(GCCVER)\" -DGCC_BINDIR=\"$(GCCBINDIR)\" \ -Wno-unused-function -CXXFLAGS ?= -O3 -g -funroll-loops -D_FORTIFY_SOURCE=2 +CXXFLAGS = -O3 -g -funroll-loops -D_FORTIFY_SOURCE=2 CXXEFLAGS = $(CXXFLAGS) -Wall -CC ?= gcc -CXX ?= g++ +CC = gcc +CXX = g++ MYCC=$(CC:clang=gcc) MYCXX=$(CXX:clang++=g++) @@ -50,7 +50,9 @@ PLUGIN_FLAGS = -fPIC -fno-rtti -I"$(PLUGIN_PATH)/include" HASH=\# GCCVER = $(shell $(MYCC) --version 2>/dev/null | awk 'NR == 1 {print $$NF}') +GCCVER:sh= gcc --version 2>/dev/null | awk 'NR == 1 {print $$NF}' GCCBINDIR = $(shell dirname `command -v $(MYCC)` 2>/dev/null ) +GCCBINDIR:sh= dirname `command -v $(MYCC)` 2>/dev/null _SHMAT_OK= $(shell echo '$(HASH)include <sys/ipc.h>@$(HASH)include <sys/shm.h>@int main() { int _id = shmget(IPC_PRIVATE, 65536, IPC_CREAT | IPC_EXCL | 0600); shmctl(_id, IPC_RMID, 0); return 0;}' | tr @ '\n' | $(MYCC) -x c - -o .test2 2>/dev/null && echo 1 || echo 0 ; rm -f .test2 ) _SHMAT_OK:sh= echo '$(HASH)include <sys/ipc.h>@$(HASH)include <sys/shm.h>@int main() { int _id = shmget(IPC_PRIVATE, 65536, IPC_CREAT | IPC_EXCL | 0600); shmctl(_id, IPC_RMID, 0); return 0;}' | tr @ '\n' | $(MYCC) -x c - -o .test2 2>/dev/null && echo 1 || echo 0 ; rm -f .test2 @@ -70,7 +72,7 @@ LDFLAGS += $(LDFLAGS_ADD) PROGS = ../afl-gcc-pass.so ../afl-gcc-fast ../afl-gcc-rt.o -all: test_shm test_deps $(PROGS) afl-gcc-fast.8 test_build all_done +all: test_shm test_deps $(PROGS) ../afl-gcc-fast.8 test_build all_done debug: @echo _SHMAT_OK = $(_SHMAT_OK) @@ -101,24 +103,24 @@ test_deps: afl-common.o: ../src/afl-common.c $(MYCC) $(CFLAGS) -c $< -o $@ $(LDFLAGS) -../afl-gcc-fast: afl-gcc-fast.c afl-common.o | test_deps - $(MYCC) -DAFL_GCC_CC=\"$(MYCC)\" -DAFL_GCC_CXX=\"$(MYCXX)\" $(CFLAGS) $< afl-common.o -o $@ $(LDFLAGS) +../afl-gcc-fast: afl-gcc-fast.c afl-common.o + $(MYCC) -DAFL_GCC_CC=\"$(MYCC)\" -DAFL_GCC_CXX=\"$(MYCXX)\" $(CFLAGS) afl-gcc-fast.c afl-common.o -o $@ $(LDFLAGS) ln -sf afl-gcc-fast ../afl-g++-fast -../afl-gcc-pass.so: afl-gcc-pass.so.cc | test_deps - $(MYCXX) $(CXXEFLAGS) $(PLUGIN_FLAGS) -shared $< -o $@ +../afl-gcc-pass.so: afl-gcc-pass.so.cc + $(MYCXX) $(CXXEFLAGS) $(PLUGIN_FLAGS) -shared afl-gcc-pass.so.cc -o $@ -../afl-gcc-rt.o: afl-gcc-rt.o.c | test_deps - $(MYCC) $(CFLAGS) -fPIC -c $< -o $@ +../afl-gcc-rt.o: afl-gcc-rt.o.c + $(MYCC) $(CFLAGS) -fPIC -c afl-gcc-rt.o.c -o $@ test_build: $(PROGS) @echo "[*] Testing the CC wrapper and instrumentation output..." - unset AFL_USE_ASAN AFL_USE_MSAN; AFL_QUIET=1 AFL_INST_RATIO=100 AFL_PATH=. AFL_CC=$(CC) ../afl-gcc-fast $(CFLAGS) ../test-instr.c -o test-instr $(LDFLAGS) + @unset AFL_USE_ASAN AFL_USE_MSAN; AFL_QUIET=1 AFL_INST_RATIO=100 AFL_PATH=. AFL_CC=$(CC) ../afl-gcc-fast $(CFLAGS) ../test-instr.c -o test-instr $(LDFLAGS) # unset AFL_USE_ASAN AFL_USE_MSAN; AFL_INST_RATIO=100 AFL_PATH=. AFL_CC=$(CC) ../afl-gcc-fast $(CFLAGS) ../test-instr.c -o test-instr $(LDFLAGS) - ASAN_OPTIONS=detect_leaks=0 ../afl-showmap -m none -q -o .test-instr0 ./test-instr </dev/null - echo 1 | ASAN_OPTIONS=detect_leaks=0 ../afl-showmap -m none -q -o .test-instr1 ./test-instr + @ASAN_OPTIONS=detect_leaks=0 ../afl-showmap -m none -q -o .test-instr0 ./test-instr </dev/null + @ASAN_OPTIONS=detect_leaks=0 echo 1 | ../afl-showmap -m none -q -o .test-instr1 ./test-instr @rm -f test-instr - @cmp -s .test-instr0 .test-instr1; DR="$$?"; rm -f .test-instr0 .test-instr1; if [ "$$DR" = "0" ]; then echo; echo "Oops, the instrumentation does not seem to be behaving correctly!"; echo; echo "Please post to https://github.com/AFLplusplus/AFLplusplus/issues to troubleshoot the issue."; echo; exit 1; fi + @trap 'rm .test-instr0 .test-instr1' 0;if cmp -s .test-instr0 .test-instr1; then echo; echo "Oops, the instrumentation does not seem to be behaving correctly!"; echo; echo "Please post to https://github.com/AFLplusplus/AFLplusplus/issues to troubleshoot the issue."; echo; exit 1; fi @echo "[+] All right, the instrumentation seems to be working!" all_done: test_build @@ -126,8 +128,7 @@ all_done: test_build .NOTPARALLEL: clean -VPATH = .. -%.8: % +../afl-gcc-fast.8: ../afl-gcc-fast @echo .TH $* 8 `date "+%Y-%m-%d"` "afl++" > ../$@ @echo .SH NAME >> ../$@ @echo .B $* >> ../$@ -- cgit 1.4.1 From af6736c356603eb404b02ccced69286d3ed76ccd Mon Sep 17 00:00:00 2001 From: hexcoder- <heiko@hexco.de> Date: Sat, 16 May 2020 13:16:37 +0200 Subject: dictionary files: fix missing newlines --- dictionaries/bmp.dict | 2 +- dictionaries/bz2.dict | 2 +- dictionaries/csv.dict | 2 +- dictionaries/dds.dict | 2 +- dictionaries/fbs.dict | 2 +- dictionaries/icns.dict | 2 +- dictionaries/jpeg2000.dict | 2 +- dictionaries/mp4.dict | 2 +- dictionaries/ogg.dict | 2 +- dictionaries/openexr.dict | 2 +- dictionaries/protobuf.dict | 2 +- dictionaries/ps.dict | 2 +- dictionaries/svg.dict | 2 +- dictionaries/utf8.dict | 2 +- dictionaries/wav.dict | 2 +- dictionaries/webm.dict | 2 +- dictionaries/x86.dict | 2 +- dictionaries/zip.dict | 2 +- 18 files changed, 18 insertions(+), 18 deletions(-) diff --git a/dictionaries/bmp.dict b/dictionaries/bmp.dict index 76458419..ae691044 100644 --- a/dictionaries/bmp.dict +++ b/dictionaries/bmp.dict @@ -7,4 +7,4 @@ os2_ptr="PT" windows_color_space="Win " srgb="sRGB" link="LINK" -mbed="MBED" \ No newline at end of file +mbed="MBED" diff --git a/dictionaries/bz2.dict b/dictionaries/bz2.dict index 32db6d70..5d1564fe 100644 --- a/dictionaries/bz2.dict +++ b/dictionaries/bz2.dict @@ -1,3 +1,3 @@ magic="BZ" compress_magic="\x31\x41\x59\x26\x53\x59" -eos_magic="\x17\x72\x45\x38\x50\x90" \ No newline at end of file +eos_magic="\x17\x72\x45\x38\x50\x90" diff --git a/dictionaries/csv.dict b/dictionaries/csv.dict index 6ca621cd..be61a7e6 100644 --- a/dictionaries/csv.dict +++ b/dictionaries/csv.dict @@ -3,4 +3,4 @@ ";;" ",," "\t;" -"\n;" \ No newline at end of file +"\n;" diff --git a/dictionaries/dds.dict b/dictionaries/dds.dict index c064eadd..81cb473b 100644 --- a/dictionaries/dds.dict +++ b/dictionaries/dds.dict @@ -32,4 +32,4 @@ magic="\x20\x53\x44\x44" "2TXD" "3TXD" "4TXD" -"5TXD" \ No newline at end of file +"5TXD" diff --git a/dictionaries/fbs.dict b/dictionaries/fbs.dict index 1636d920..7ce6690e 100644 --- a/dictionaries/fbs.dict +++ b/dictionaries/fbs.dict @@ -39,4 +39,4 @@ union="union" ushort="ushort" separator=":" -eol=";" \ No newline at end of file +eol=";" diff --git a/dictionaries/icns.dict b/dictionaries/icns.dict index f9da1c83..211f26c2 100644 --- a/dictionaries/icns.dict +++ b/dictionaries/icns.dict @@ -40,4 +40,4 @@ "l8mk" "name" "s8mk" -"t8mk" \ No newline at end of file +"t8mk" diff --git a/dictionaries/jpeg2000.dict b/dictionaries/jpeg2000.dict index 10dafc63..18cc2125 100644 --- a/dictionaries/jpeg2000.dict +++ b/dictionaries/jpeg2000.dict @@ -19,4 +19,4 @@ tag3="url" tag4="req" tag5="res" tag6="page" -tag7="obj" \ No newline at end of file +tag7="obj" diff --git a/dictionaries/mp4.dict b/dictionaries/mp4.dict index e706fe24..1755faba 100644 --- a/dictionaries/mp4.dict +++ b/dictionaries/mp4.dict @@ -79,4 +79,4 @@ FOURCC_UDTA="\x75\x64\x74\x61" FOURCC_UUID="\x75\x75\x69\x64" FOURCC_VIDE="\x76\x69\x64\x65" FOURCC_VMHD="\x76\x6d\x68\x64" -FOURCC_WIDE="\x77\x69\x64\x65" \ No newline at end of file +FOURCC_WIDE="\x77\x69\x64\x65" diff --git a/dictionaries/ogg.dict b/dictionaries/ogg.dict index 2ecfe453..27a08e45 100644 --- a/dictionaries/ogg.dict +++ b/dictionaries/ogg.dict @@ -33,4 +33,4 @@ header="OggS" "DATE=" "LOCATION=" "CONTACT=" -"ISRC=" \ No newline at end of file +"ISRC=" diff --git a/dictionaries/openexr.dict b/dictionaries/openexr.dict index 39e1247d..05c90ca1 100644 --- a/dictionaries/openexr.dict +++ b/dictionaries/openexr.dict @@ -54,4 +54,4 @@ v2i="v2i" v3f="v3f" v3i="v3i" wrapmodes="wrapmodes" -xDensity="xDensity" \ No newline at end of file +xDensity="xDensity" diff --git a/dictionaries/protobuf.dict b/dictionaries/protobuf.dict index 08a26738..28a506f6 100644 --- a/dictionaries/protobuf.dict +++ b/dictionaries/protobuf.dict @@ -37,4 +37,4 @@ syntax="syntax" true="true" uint32="uint32" uint64="uint64" -weak="weak" \ No newline at end of file +weak="weak" diff --git a/dictionaries/ps.dict b/dictionaries/ps.dict index af280f66..bac3c0a0 100644 --- a/dictionaries/ps.dict +++ b/dictionaries/ps.dict @@ -430,4 +430,4 @@ header="%!PS" "[-1, 1, -1, 1]" "[-1 1]" "1337" -"<</" \ No newline at end of file +"<</" diff --git a/dictionaries/svg.dict b/dictionaries/svg.dict index 36071baf..ca38b6b3 100644 --- a/dictionaries/svg.dict +++ b/dictionaries/svg.dict @@ -167,4 +167,4 @@ "bevel" "translate(" "rotate(" -"matrix(" \ No newline at end of file +"matrix(" diff --git a/dictionaries/utf8.dict b/dictionaries/utf8.dict index fecf163a..ab0d6e35 100644 --- a/dictionaries/utf8.dict +++ b/dictionaries/utf8.dict @@ -70,4 +70,4 @@ null="\x00\x00" "\x00\x1b" "\x00\x85" "\x20\x28" -"\x20\x29" \ No newline at end of file +"\x20\x29" diff --git a/dictionaries/wav.dict b/dictionaries/wav.dict index 83a26d0b..c475d40f 100644 --- a/dictionaries/wav.dict +++ b/dictionaries/wav.dict @@ -22,4 +22,4 @@ instrument_chunk="inst" "ANIM" "CMAP" "MIDI" -"MThd" \ No newline at end of file +"MThd" diff --git a/dictionaries/webm.dict b/dictionaries/webm.dict index 04e174f2..7660ce80 100644 --- a/dictionaries/webm.dict +++ b/dictionaries/webm.dict @@ -149,4 +149,4 @@ IdTagString = "\x44\x87" IdTagBinary = "\x44\x85" # Interesting sizes. -SizeUnknown = "\xFF" \ No newline at end of file +SizeUnknown = "\xFF" diff --git a/dictionaries/x86.dict b/dictionaries/x86.dict index 9b87a504..0434b766 100644 --- a/dictionaries/x86.dict +++ b/dictionaries/x86.dict @@ -1882,4 +1882,4 @@ "WORD" "DWORD" "QWORD" -"far" \ No newline at end of file +"far" diff --git a/dictionaries/zip.dict b/dictionaries/zip.dict index 9d873dce..31713f54 100644 --- a/dictionaries/zip.dict +++ b/dictionaries/zip.dict @@ -1,3 +1,3 @@ header1="\x50\x4B\x03\x04" header2="\x50\x4B\x05\x06" -header2="\x50\x4B\x07\x08" \ No newline at end of file +header2="\x50\x4B\x07\x08" -- cgit 1.4.1 From b927b80e1065d8e0a449c91635522f80189cae56 Mon Sep 17 00:00:00 2001 From: hexcoder- <heiko@hexco.de> Date: Sat, 16 May 2020 20:30:07 +0200 Subject: GNUmakefile: add paths for FreeBSD 3rd party packages --- GNUmakefile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/GNUmakefile b/GNUmakefile index 7d9e6d83..34539cec 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -89,6 +89,11 @@ override CFLAGS += -Wall -g -Wno-pointer-sign -Wmissing-declarations\ -I include/ -Werror -DAFL_PATH=\"$(HELPER_PATH)\" \ -DBIN_PATH=\"$(BIN_PATH)\" -DDOC_PATH=\"$(DOC_PATH)\" +ifeq "$(shell uname -s)" "FreeBSD" + override CFLAGS += -I /usr/local/include/ + LDFLAGS += -L /usr/local/lib/ +endif + ifeq "$(shell uname -s)" "OpenBSD" override CFLAGS += -I /usr/local/include/ LDFLAGS += -L /usr/local/lib/ -- cgit 1.4.1 From 9dd3e3e38a6f9643a4850099ca7e0112e5e94f14 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Sun, 17 May 2020 00:13:55 +0200 Subject: fix -M check --- src/afl-fuzz-init.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c index 518de8af..1a724bfb 100644 --- a/src/afl-fuzz-init.c +++ b/src/afl-fuzz-init.c @@ -1315,15 +1315,18 @@ dir_cleanup_failed: } -/* If this is a -S slave, ensure a -M master is running */ +/* If this is a -S slave, ensure a -M master is running, if a master is + running when another master is started then warn */ int check_master_exists(afl_state_t *afl) { DIR * sd; struct dirent *sd_ent; u8 * fn; + sd = opendir(afl->sync_dir); - if (!sd) { PFATAL("Unable to open '%s'", afl->sync_dir); } + if (!sd) { return 0; } + while ((sd_ent = readdir(sd))) { /* Skip dot files and our own output directory. */ -- cgit 1.4.1 From d37a8f72d6d4d92df73a318ad02046adbc6dba29 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Sun, 17 May 2020 01:36:03 +0200 Subject: fix master creation file --- src/afl-fuzz-init.c | 20 ++++++++++---------- src/afl-fuzz.c | 3 ++- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c index 1a724bfb..dd85a8f4 100644 --- a/src/afl-fuzz-init.c +++ b/src/afl-fuzz-init.c @@ -1363,16 +1363,6 @@ void setup_dirs_fds(afl_state_t *afl) { } - if (afl->is_master) { - - u8 *x = alloc_printf("%s/%s/is_master", afl->sync_dir, afl->sync_id); - int fd = open(x, O_CREAT | O_RDWR, 0644); - if (fd < 0) FATAL("cannot create %s", x); - free(x); - close(fd); - - } - if (mkdir(afl->out_dir, 0700)) { if (errno != EEXIST) { PFATAL("Unable to create '%s'", afl->out_dir); } @@ -1402,6 +1392,16 @@ void setup_dirs_fds(afl_state_t *afl) { } + if (afl->is_master) { + + u8 *x = alloc_printf("%s/is_master", afl->out_dir); + int fd = open(x, O_CREAT | O_RDWR, 0644); + if (fd < 0) FATAL("cannot create %s", x); + free(x); + close(fd); + + } + /* Queue directory for any starting & discovered paths. */ tmp = alloc_printf("%s/queue", afl->out_dir); diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 9240526e..94f47341 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -1067,7 +1067,8 @@ int main(int argc, char **argv_orig, char **envp) { if (afl->is_master && check_master_exists(afl) == 1) { - WARNF("It is wasteful to run more than one master!"); + WARNF("it is wasteful to run more than one master!"); + sleep(1); } -- cgit 1.4.1 From e1e155022f58c0790800ba59657a0fcfa9536554 Mon Sep 17 00:00:00 2001 From: hexcoder- <heiko@hexco.de> Date: Sun, 17 May 2020 21:35:10 +0200 Subject: adjust documentation for new minimum llvm version 3.4 --- README.md | 4 ++-- llvm_mode/GNUmakefile | 4 ++-- llvm_mode/README.instrim.md | 1 + llvm_mode/README.md | 2 +- 4 files changed, 6 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 253275e2..5af2b0fc 100644 --- a/README.md +++ b/README.md @@ -267,7 +267,7 @@ superior to blind fuzzing or coverage-only tools. PLEASE NOTE: llvm_mode compilation with afl-clang-fast/afl-clang-fast++ instead of afl-gcc/afl-g++ is much faster and has many cool features. See llvm_mode/ - however few code does not compile with llvm. -We support llvm versions 3.8.0 to 11. +We support llvm versions 3.4 to 11. When source code is available, instrumentation can be injected by a companion tool that works as a drop-in replacement for gcc or clang in any standard build @@ -290,7 +290,7 @@ For C++ programs, you'd would also want to set `CXX=/path/to/afl/afl-g++`. The clang wrappers (afl-clang and afl-clang++) can be used in the same way; clang users may also opt to leverage a higher-performance instrumentation mode, as described in [llvm_mode/README.md](llvm_mode/README.md). -Clang/LLVM has a much better performance and works with LLVM version 3.8.0 to 11. +Clang/LLVM has a much better performance and works with LLVM version 3.4 to 11. Using the LAF Intel performance enhancements are also recommended, see [llvm_mode/README.laf-intel.md](llvm_mode/README.laf-intel.md) diff --git a/llvm_mode/GNUmakefile b/llvm_mode/GNUmakefile index 01c83787..0a99202d 100644 --- a/llvm_mode/GNUmakefile +++ b/llvm_mode/GNUmakefile @@ -32,7 +32,7 @@ ifeq "$(shell uname)" "OpenBSD" LLVM_CONFIG ?= $(BIN_PATH)/llvm-config HAS_OPT = $(shell test -x $(BIN_PATH)/opt && echo 0 || echo 1) ifeq "$(HAS_OPT)" "1" - $(error llvm_mode needs a complete llvm installation (versions 3.8.0 up to 11) -> e.g. "pkg_add llvm-7.0.1p9") + $(error llvm_mode needs a complete llvm installation (versions 3.4 up to 11) -> e.g. "pkg_add llvm-7.0.1p9") endif else LLVM_CONFIG ?= llvm-config @@ -53,7 +53,7 @@ ifeq "$(LLVMVER)" "" endif ifeq "$(LLVM_UNSUPPORTED)" "1" - $(warning llvm_mode only supports llvm versions 3.8.0 up to 11) + $(warning llvm_mode only supports llvm versions 3.4 up to 11) endif ifeq "$(LLVM_MAJOR)" "9" diff --git a/llvm_mode/README.instrim.md b/llvm_mode/README.instrim.md index b905af11..53a518a9 100644 --- a/llvm_mode/README.instrim.md +++ b/llvm_mode/README.instrim.md @@ -6,6 +6,7 @@ InsTrim: Lightweight Instrumentation for Coverage-guided Fuzzing InsTrim uses CFG and markers to instrument just what is necessary in the binary in llvm_mode. It is about 10-15% faster without disadvantages. +It requires at least llvm version 3.8.0. ## Usage diff --git a/llvm_mode/README.md b/llvm_mode/README.md index 0bff1ff1..96b2762c 100644 --- a/llvm_mode/README.md +++ b/llvm_mode/README.md @@ -6,7 +6,7 @@ ## 1) Introduction -! llvm_mode works with llvm versions 3.8.0 up to 11 ! +! llvm_mode works with llvm versions 3.4 up to 11 ! The code in this directory allows you to instrument programs for AFL using true compiler-level instrumentation, instead of the more crude -- cgit 1.4.1 From d1469650251b366e3d3d39e3b999bd88f4b664a8 Mon Sep 17 00:00:00 2001 From: hexcoder <hexcoder-@users.noreply.github.com> Date: Sun, 17 May 2020 21:43:33 +0200 Subject: Update Changelog.md --- docs/Changelog.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/Changelog.md b/docs/Changelog.md index 62de7f87..0cf6e9e2 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -16,6 +16,9 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. one master is present - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk - added former post_library examples to examples/custom_mutators/ + - llvm_mode: + - lowered minimum required llvm version to 3.4 (except LLVMInsTrim, + which needs 3.8.0) ### Version ++2.65c (release): -- cgit 1.4.1 From 30824bc58ef5b5f5e44fecfb3607c3ed4ad34744 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Mon, 18 May 2020 10:48:39 +0200 Subject: afl-as fast system fix --- src/afl-as.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/afl-as.c b/src/afl-as.c index 4809a731..f153c043 100644 --- a/src/afl-as.c +++ b/src/afl-as.c @@ -233,7 +233,7 @@ static void edit_params(int argc, char **argv) { } modified_file = - alloc_printf("%s/.afl-%u-%u.s", tmp_dir, (u32)getpid(), (u32)time(NULL)); + alloc_printf("%s/.afl-%u-%u-%u.s", tmp_dir, (u32)getpid(), (u32)time(NULL), (u32)random()); wrap_things_up: @@ -531,7 +531,7 @@ static void add_instrumentation(void) { int main(int argc, char **argv) { s32 pid; - u32 rand_seed; + u32 rand_seed, i, j; int status; u8 *inst_ratio_str = getenv("AFL_INST_RATIO"); @@ -590,6 +590,10 @@ int main(int argc, char **argv) { gettimeofday(&tv, &tz); rand_seed = tv.tv_sec ^ tv.tv_usec ^ getpid(); + // in fast systems where pids can repeat in the same seconds we need this + for (i = 1; i < argc; i++) + for (j = 0; j < strlen(argv[i]); j++) + rand_seed += argv[i][j]; srandom(rand_seed); -- cgit 1.4.1 From 74e6fbab82b9a8ddc09bc24c57f4795c4d2fcc49 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Mon, 18 May 2020 12:26:40 +0200 Subject: update changelog --- docs/Changelog.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/Changelog.md b/docs/Changelog.md index 0cf6e9e2..4f9c727a 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -14,6 +14,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - -S slaves now only sync from the master to increase performance, the -M master stilly syncs from everyone. Added checks that exactly one master is present + - fixed afl-gcc/afl-as that could break on fast systems reusing pids in + the same second - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk - added former post_library examples to examples/custom_mutators/ - llvm_mode: -- cgit 1.4.1 From 5d0f020648766eb9e2dd0c8879108afd0ee0b7ba Mon Sep 17 00:00:00 2001 From: David Carlier <devnexen@gmail.com> Date: Mon, 18 May 2020 21:44:27 +0100 Subject: Build fix proposal mainly for Android which did not bother implementing this dinosaur. --- examples/afl_network_proxy/afl-network-client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/afl_network_proxy/afl-network-client.c b/examples/afl_network_proxy/afl-network-client.c index 68bd0706..5af41055 100644 --- a/examples/afl_network_proxy/afl-network-client.c +++ b/examples/afl_network_proxy/afl-network-client.c @@ -233,7 +233,7 @@ int main(int argc, char *argv[]) { } - if ((interface = index(argv[1], '%')) != NULL) *interface++ = 0; + if ((interface = strchr(argv[1], '%')) != NULL) *interface++ = 0; if (argc > 3) if ((max_len = atoi(argv[3])) < 0) -- cgit 1.4.1 From ae6c30a71113fbebe3aca7fcdf6e007ae680c34b Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Tue, 19 May 2020 19:22:11 +0200 Subject: upgrade Dockerfile to Ubunutu 20.04 with llvm 11 and gcc 10 for afl-clang-lto --- Dockerfile | 73 +++++++++++++++++++++++++++++++++++-------------------- docs/Changelog.md | 8 +++--- 2 files changed, 52 insertions(+), 29 deletions(-) diff --git a/Dockerfile b/Dockerfile index c8bfaf33..b59e91fb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,37 +1,58 @@ -FROM ubuntu -MAINTAINER David Carlier <devnexen@gmail.com> +# +# This Dockerfile for AFLplusplus uses Ubuntu 20.04 focal and +# installs LLVM 11 from llvm.org for afl-clang-lto support :-) +# It also installs gcc/g++ 10 from the Ubuntu development platform +# has focal has gcc-10 but not g++-10 ... +# + +FROM ubuntu:20.04 +MAINTAINER afl++ team <afl@aflplus.plus> LABEL "about"="AFLplusplus docker image" + +ARG DEBIAN_FRONTEND=noninteractive + RUN apt-get update && apt-get -y install \ --no-install-suggests --no-install-recommends \ automake \ - bison \ + bison flex \ build-essential \ - clang \ - clang-9 \ - flex \ git \ - python3 \ - python3-dev \ - python3-setuptools \ - python-is-python3 \ - gcc-9 \ - gcc-9-plugin-dev \ - gcc-9-multilib \ - libc++-9-dev \ - libtool \ - libtool-bin \ + python3 python3-dev python3-setuptools python-is-python3 \ + libtool libtool-bin \ libglib2.0-dev \ - llvm-9-dev \ - wget \ - ca-certificates \ - libpixman-1-dev \ - && rm -rf /var/lib/apt/lists/* + wget vim jupp nano \ + apt-utils apt-transport-https ca-certificates gnupg \ + libpixman-1-dev + +RUN echo deb http://apt.llvm.org/focal/ llvm-toolchain-focal main >> /etc/apt/sources.list && \ + wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - + +RUN echo deb http://ppa.launchpad.net/ubuntu-toolchain-r/test/ubuntu focal main >> /etc/apt/sources.list && \ + apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 1E9377A2BA9EF27F + +RUN apt-get update && apt-get upgrade -y + +RUN apt-get install -y gcc-10 g++-10 gcc-10-plugin-dev gcc-10-multilib \ + libc++-10-dev gdb -ARG CC=gcc-9 -ARG CXX=g++-9 -ARG LLVM_CONFIG=llvm-config-9 +RUN apt-get install -y clang-11 clang-tools-11 libc++1-11 libc++-11-dev \ + libc++abi1-11 libc++abi-11-dev libclang1-11 libclang-11-dev \ + libclang-common-11-dev libclang-cpp11 libclang-cpp11-dev liblld-11 \ + liblld-11-dev liblldb-11 liblldb-11-dev libllvm11 libomp-11-dev \ + libomp5-11 lld-11 lldb-11 llvm-11 llvm-11-dev llvm-11-runtime llvm-11-tools + +RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 0 +RUN update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-10 0 + +RUN rm -rf /var/lib/apt/lists/* + +ARG CC=gcc-10 +ARG CXX=g++-10 +ARG LLVM_CONFIG=llvm-config-11 RUN git clone https://github.com/AFLplusplus/AFLplusplus -RUN cd AFLplusplus && make clean && make distrib && \ - make install && cd .. && rm -rf AFLplusplus +RUN cd AFLplusplus && export REAL_CXX=g++ && make distrib && \ + make install && cd .. && make clean + +ENV AFL_SKIP_CPUFREQ=1 diff --git a/docs/Changelog.md b/docs/Changelog.md index 4f9c727a..189eca69 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -14,13 +14,15 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - -S slaves now only sync from the master to increase performance, the -M master stilly syncs from everyone. Added checks that exactly one master is present + - llvm_mode: + - lowered minimum required llvm version to 3.4 (except LLVMInsTrim, + which needs 3.8.0) - fixed afl-gcc/afl-as that could break on fast systems reusing pids in the same second - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk - added former post_library examples to examples/custom_mutators/ - - llvm_mode: - - lowered minimum required llvm version to 3.4 (except LLVMInsTrim, - which needs 3.8.0) + - Dockerfile upgraded to Ubuntu 20.04 Focal and installing llvm 11 and gcc 10 + so afl-clang-lto can be build ### Version ++2.65c (release): -- cgit 1.4.1 From 25fbec663838cd23908042f4a8fca175ca77c046 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Tue, 19 May 2020 19:51:54 +0200 Subject: if no master is present a slave becomes a temporary master --- docs/Changelog.md | 2 ++ src/afl-as.c | 8 +++---- src/afl-fuzz-run.c | 67 ++++++++++++++++++++++++++++++++++-------------------- 3 files changed, 48 insertions(+), 29 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 189eca69..de874d1a 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -14,6 +14,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - -S slaves now only sync from the master to increase performance, the -M master stilly syncs from everyone. Added checks that exactly one master is present + - If no master is present at sync time one slave automatically becomes + a temporary master until a real master shows up - llvm_mode: - lowered minimum required llvm version to 3.4 (except LLVMInsTrim, which needs 3.8.0) diff --git a/src/afl-as.c b/src/afl-as.c index f153c043..f16d6060 100644 --- a/src/afl-as.c +++ b/src/afl-as.c @@ -232,8 +232,8 @@ static void edit_params(int argc, char **argv) { } - modified_file = - alloc_printf("%s/.afl-%u-%u-%u.s", tmp_dir, (u32)getpid(), (u32)time(NULL), (u32)random()); + modified_file = alloc_printf("%s/.afl-%u-%u-%u.s", tmp_dir, (u32)getpid(), + (u32)time(NULL), (u32)random()); wrap_things_up: @@ -592,8 +592,8 @@ int main(int argc, char **argv) { rand_seed = tv.tv_sec ^ tv.tv_usec ^ getpid(); // in fast systems where pids can repeat in the same seconds we need this for (i = 1; i < argc; i++) - for (j = 0; j < strlen(argv[i]); j++) - rand_seed += argv[i][j]; + for (j = 0; j < strlen(argv[i]); j++) + rand_seed += argv[i][j]; srandom(rand_seed); diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c index 3708cf1a..bf13f1f9 100644 --- a/src/afl-fuzz-run.c +++ b/src/afl-fuzz-run.c @@ -373,7 +373,7 @@ void sync_fuzzers(afl_state_t *afl) { DIR * sd; struct dirent *sd_ent; - u32 sync_cnt = 0; + u32 sync_cnt = 0, synced = 0, entries = 0; sd = opendir(afl->sync_dir); if (!sd) { PFATAL("Unable to open '%s'", afl->sync_dir); } @@ -388,7 +388,7 @@ void sync_fuzzers(afl_state_t *afl) { DIR * qd; struct dirent *qd_ent; - u8 * qd_path, *qd_synced_path; + u8 qd_synced_path[PATH_MAX], qd_path[PATH_MAX]; u32 min_accept = 0, next_min_accept; s32 id_fd; @@ -401,31 +401,41 @@ void sync_fuzzers(afl_state_t *afl) { } + entries++; + // a slave only syncs from a master, a master syncs from everyone if (likely(afl->is_slave)) { - u8 *x = alloc_printf("%s/%s/is_master", afl->sync_dir, sd_ent->d_name); - int res = access(x, F_OK); - free(x); - if (likely(res != 0)) continue; + sprintf(qd_path, "%s/%s/is_master", afl->sync_dir, sd_ent->d_name); + int res = access(qd_path, F_OK); + if (unlikely(afl->is_master)) { // an elected temporary master - } + if (likely(res == 0)) { // there is another master? downgrade. - /* Skip anything that doesn't have a queue/ subdirectory. */ + afl->is_master = 0; + sprintf(qd_path, "%s/is_master", afl->out_dir); - qd_path = alloc_printf("%s/%s/queue", afl->sync_dir, sd_ent->d_name); + } - if (!(qd = opendir(qd_path))) { + } else { - ck_free(qd_path); - continue; + if (likely(res != 0)) { continue; } + + } } + synced++; + + /* Skip anything that doesn't have a queue/ subdirectory. */ + + sprintf(qd_path, "%s/%s/queue", afl->sync_dir, sd_ent->d_name); + + if (!(qd = opendir(qd_path))) { continue; } + /* Retrieve the ID of the last seen test case. */ - qd_synced_path = - alloc_printf("%s/.synced/%s", afl->out_dir, sd_ent->d_name); + sprintf(qd_synced_path, "%s/.synced/%s", afl->out_dir, sd_ent->d_name); id_fd = open(qd_synced_path, O_RDWR | O_CREAT, 0600); @@ -452,7 +462,7 @@ void sync_fuzzers(afl_state_t *afl) { while ((qd_ent = readdir(qd))) { - u8 * path; + u8 path[PATH_MAX]; s32 fd; struct stat st; @@ -472,18 +482,13 @@ void sync_fuzzers(afl_state_t *afl) { } - path = alloc_printf("%s/%s", qd_path, qd_ent->d_name); + alloc_printf(path, "%s/%s", qd_path, qd_ent->d_name); /* Allow this to fail in case the other fuzzer is resuming or so... */ fd = open(path, O_RDONLY); - if (fd < 0) { - - ck_free(path); - continue; - - } + if (fd < 0) { continue; } if (fstat(fd, &st)) { PFATAL("fstat() failed"); } @@ -516,7 +521,6 @@ void sync_fuzzers(afl_state_t *afl) { } - ck_free(path); close(fd); } @@ -526,13 +530,26 @@ void sync_fuzzers(afl_state_t *afl) { close_sync: close(id_fd); closedir(qd); - ck_free(qd_path); - ck_free(qd_synced_path); } closedir(sd); + // If we are a slave and no master was found to sync then become the master + if (unlikely(synced == 0) && likely(entries) && likely(afl->is_slave)) { + + // there is a small race condition here that another slave runs at the same + // time. If so, the first temporary master running again will demote + // themselves so this is not an issue + + u8 path[PATH_MAX]; + afl->is_master = 1; + sprintf(path, "%s/is_master", afl->out_dir); + int fd = open(path, O_CREAT | O_RDWR, 0644); + if (fd >= 0) { close(fd); } + + } + } /* Trim all new test cases to save cycles when doing deterministic checks. The -- cgit 1.4.1 From 0ed767fac5882c98f046cd6482f6fd4b0df1514a Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Tue, 19 May 2020 19:54:10 +0200 Subject: forgot the unlink ... --- src/afl-fuzz-run.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c index bf13f1f9..331df288 100644 --- a/src/afl-fuzz-run.c +++ b/src/afl-fuzz-run.c @@ -414,6 +414,7 @@ void sync_fuzzers(afl_state_t *afl) { afl->is_master = 0; sprintf(qd_path, "%s/is_master", afl->out_dir); + unlink(qd_path); } -- cgit 1.4.1 From 3b4cd98498d253d7e3d0116ce8da913d56a1f234 Mon Sep 17 00:00:00 2001 From: hexcoder- <heiko@hexco.de> Date: Tue, 19 May 2020 17:57:56 +0200 Subject: add local include paths for DronFlyBSD --- GNUmakefile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/GNUmakefile b/GNUmakefile index 34539cec..fbcc53de 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -94,6 +94,11 @@ ifeq "$(shell uname -s)" "FreeBSD" LDFLAGS += -L /usr/local/lib/ endif +ifeq "$(shell uname -s)" "DragonFly" + override CFLAGS += -I /usr/local/include/ + LDFLAGS += -L /usr/local/lib/ +endif + ifeq "$(shell uname -s)" "OpenBSD" override CFLAGS += -I /usr/local/include/ LDFLAGS += -L /usr/local/lib/ -- cgit 1.4.1 From 982017a2abe935e7221de01150ede05e0082d9f6 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Wed, 20 May 2020 22:52:33 +0200 Subject: remove master file on exit --- src/afl-fuzz.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 94f47341..c07371a8 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -1366,6 +1366,14 @@ stop_fuzzing: time_spent_working / afl->fsrv.total_execs); #endif + if (afl->is_master) { + + u8 path[PATH_MAX]; + sprintf(path, "%s/is_master", afl->out_dir); + unlink(path); + + } + fclose(afl->fsrv.plot_file); destroy_queue(afl); destroy_extras(afl); -- cgit 1.4.1 From c456e20750483c8872229bf6e18f5f6a44d28bc3 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Wed, 20 May 2020 23:12:33 +0200 Subject: better sync - lesser and better imports --- src/afl-fuzz-run.c | 59 ++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 37 insertions(+), 22 deletions(-) diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c index 331df288..8a1f02a7 100644 --- a/src/afl-fuzz-run.c +++ b/src/afl-fuzz-run.c @@ -374,6 +374,7 @@ void sync_fuzzers(afl_state_t *afl) { DIR * sd; struct dirent *sd_ent; u32 sync_cnt = 0, synced = 0, entries = 0; + u8 path[PATH_MAX]; sd = opendir(afl->sync_dir); if (!sd) { PFATAL("Unable to open '%s'", afl->sync_dir); } @@ -386,10 +387,8 @@ void sync_fuzzers(afl_state_t *afl) { while ((sd_ent = readdir(sd))) { - DIR * qd; - struct dirent *qd_ent; - u8 qd_synced_path[PATH_MAX], qd_path[PATH_MAX]; - u32 min_accept = 0, next_min_accept; + u8 qd_synced_path[PATH_MAX], qd_path[PATH_MAX]; + u32 min_accept = 0, next_min_accept; s32 id_fd; @@ -432,7 +431,17 @@ void sync_fuzzers(afl_state_t *afl) { sprintf(qd_path, "%s/%s/queue", afl->sync_dir, sd_ent->d_name); - if (!(qd = opendir(qd_path))) { continue; } + struct dirent **namelist = NULL; + int m = 0, n, o; + + n = scandir(qd_path, &namelist, NULL, alphasort); + + if (n < 1) { + + if (namelist) free(namelist); + continue; + + } /* Retrieve the ID of the last seen test case. */ @@ -461,29 +470,34 @@ void sync_fuzzers(afl_state_t *afl) { /* For every file queued by this fuzzer, parse ID and see if we have looked at it before; exec a test case if not. */ - while ((qd_ent = readdir(qd))) { + u8 entry[12]; + sprintf(entry, "id:%06u", next_min_accept); + while (m < n) { - u8 path[PATH_MAX]; - s32 fd; - struct stat st; + if (memcmp(namelist[m]->d_name, entry, 9)) { - if (qd_ent->d_name[0] == '.' || - sscanf(qd_ent->d_name, CASE_PREFIX "%06u", &afl->syncing_case) != 1 || - afl->syncing_case < min_accept) { + m++; - continue; + } else { + + break; } - /* OK, sounds like a new one. Let's give it a try. */ + } - if (afl->syncing_case >= next_min_accept) { + if (m >= n) { goto close_sync; } // nothing new + o = n - 1; - next_min_accept = afl->syncing_case + 1; + while (o >= m) { - } + s32 fd; + struct stat st; - alloc_printf(path, "%s/%s", qd_path, qd_ent->d_name); + sprintf(path, "%s/%s", qd_path, namelist[o]->d_name); + afl->syncing_case = next_min_accept; + next_min_accept++; + o--; /* Allow this to fail in case the other fuzzer is resuming or so... */ @@ -491,7 +505,7 @@ void sync_fuzzers(afl_state_t *afl) { if (fd < 0) { continue; } - if (fstat(fd, &st)) { PFATAL("fstat() failed"); } + if (fstat(fd, &st)) { WARNF("fstat() failed"); } /* Ignore zero-sized or oversized files. */ @@ -518,8 +532,6 @@ void sync_fuzzers(afl_state_t *afl) { munmap(mem, st.st_size); - if (!(afl->stage_cur++ % afl->stats_update_freq)) { show_stats(afl); } - } close(fd); @@ -530,7 +542,10 @@ void sync_fuzzers(afl_state_t *afl) { close_sync: close(id_fd); - closedir(qd); + if (n > 0) + for (m = 0; m < n; m++) + free(namelist[m]); + free(namelist); } -- cgit 1.4.1 From 83007f77f52dc2a0a11d879db1651fb7c2c9491a Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Thu, 21 May 2020 10:31:37 +0200 Subject: update docs --- TODO.md | 2 +- docs/Changelog.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/TODO.md b/TODO.md index 4a4cd039..e7f5b257 100644 --- a/TODO.md +++ b/TODO.md @@ -6,7 +6,7 @@ - random crc32 HASH_CONST per run? because with 65536 paths we have collisions - namespace for targets? e.g. network - libradamsa as a custom module? - - focal for travis + - learn from honggfuzz ## Further down the road diff --git a/docs/Changelog.md b/docs/Changelog.md index de874d1a..2d01ce9a 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -13,8 +13,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - afl-fuzz: - -S slaves now only sync from the master to increase performance, the -M master stilly syncs from everyone. Added checks that exactly - one master is present - - If no master is present at sync time one slave automatically becomes + one master is present and warn otherwise + - If no master is present at a sync one slave automatically becomes a temporary master until a real master shows up - llvm_mode: - lowered minimum required llvm version to 3.4 (except LLVMInsTrim, -- cgit 1.4.1 From 5d0bcf8152136df83337c8ae9808d2aacc1e6693 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Fri, 22 May 2020 10:24:00 +0200 Subject: switching llvm_mode default to pcguard --- docs/Changelog.md | 4 ++++ llvm_mode/afl-clang-fast.c | 21 ++++++++++++++------- 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 2d01ce9a..8393a690 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -17,6 +17,10 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - If no master is present at a sync one slave automatically becomes a temporary master until a real master shows up - llvm_mode: + - the default instrumentation is now PCGUARD, as it is faster and provides + better coverage. The original afl instrumentation can be set via + AFL_LLVM_INSTRUMENT=AFL. This is automatically done when the WHITELIST + feature is used. - lowered minimum required llvm version to 3.4 (except LLVMInsTrim, which needs 3.8.0) - fixed afl-gcc/afl-as that could break on fast systems reusing pids in diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index 49dc6c1c..981a204a 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -584,9 +584,12 @@ int main(int argc, char **argv, char **envp) { be_quiet = 1; -#ifdef USE_TRACE_PC - instrument_mode = INSTRUMENT_PCGUARD; +#ifndef USE_TRACE_PC + if (getenv("AFL_LLVM_WHITELIST")) + instrument_mode = INSTRUMENT_AFL; + else #endif + instrument_mode = INSTRUMENT_PCGUARD; if (getenv("USE_TRACE_PC") || getenv("AFL_USE_TRACE_PC") || getenv("AFL_LLVM_USE_TRACE_PC") || getenv("AFL_TRACE_PC")) { @@ -780,6 +783,9 @@ int main(int argc, char **argv, char **envp) { "AFL_LLVM_NOT_ZERO and AFL_LLVM_SKIP_NEVERZERO can not be set " "together"); + if (instrument_mode == INSTRUMENT_PCGUARD && getenv("AFL_LLVM_WHITELIST")) + WARNF("Instrumentation type PCGUARD does not support AFL_LLVM_WHITELIST!"); + if (argc < 2 || strcmp(argv[1], "-h") == 0) { if (!lto_mode) @@ -843,12 +849,13 @@ int main(int argc, char **argv, char **envp) { SAYF( "\nafl-clang-fast specific environment variables:\n" "AFL_LLVM_CMPLOG: log operands of comparisons (RedQueen mutator)\n" - "AFL_LLVM_INSTRUMENT: set instrumentation mode: DEFAULT, CFG " - "(INSTRIM), PCGUARD, LTO, CTX, NGRAM-2 ... NGRAM-16\n" - " You can also use the old environment variables instead:" - " AFL_LLVM_USE_TRACE_PC: use LLVM trace-pc-guard instrumentation\n" + "AFL_LLVM_INSTRUMENT: set instrumentation mode: AFL, CFG " + "(INSTRIM), PCGUARD [DEFAULT], LTO, CTX, NGRAM-2 ... NGRAM-16\n" + " You can also use the old environment variables instead:\n" + " AFL_LLVM_USE_TRACE_PC: use LLVM trace-pc-guard instrumentation " + "[DEFAULT]\n" " AFL_LLVM_INSTRIM: use light weight instrumentation InsTrim\n" - " AFL_LLVM_INSTRIM_LOOPHEAD: optimize loop tracing for speed (sub " + " AFL_LLVM_INSTRIM_LOOPHEAD: optimize loop tracing for speed (" "option to INSTRIM)\n" " AFL_LLVM_CTX: use context sensitive coverage\n" " AFL_LLVM_NGRAM_SIZE: use ngram prev_loc count coverage\n"); -- cgit 1.4.1 From 5b9dfa060061b9626cda7acebbae766eb1fbba29 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Fri, 22 May 2020 11:22:30 +0200 Subject: fix llvm_mode selection --- llvm_mode/afl-clang-fast.c | 49 ++++++++++++++++++++++++---------------------- 1 file changed, 26 insertions(+), 23 deletions(-) diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index 981a204a..2cc40b62 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -53,22 +53,22 @@ u8 use_stdin = 0; /* dummy */ enum { - INSTRUMENT_CLASSIC = 0, - INSTRUMENT_AFL = 0, - INSTRUMENT_DEFAULT = 0, - INSTRUMENT_PCGUARD = 1, - INSTRUMENT_INSTRIM = 2, - INSTRUMENT_CFG = 2, - INSTRUMENT_LTO = 3, - INSTRUMENT_OPT_CTX = 4, - INSTRUMENT_OPT_NGRAM = 8 + INSTURMENT_DEFAULT = 0, + INSTRUMENT_CLASSIC = 1, + INSTRUMENT_AFL = 1, + INSTRUMENT_PCGUARD = 2, + INSTRUMENT_INSTRIM = 3, + INSTRUMENT_CFG = 3, + INSTRUMENT_LTO = 4, + INSTRUMENT_OPT_CTX = 8, + INSTRUMENT_OPT_NGRAM = 16 }; -char instrument_mode_string[10][16] = { +char instrument_mode_string[18][18] = { - "CLASSIC", "PCGUARD", "CFG", "LTO", "CTX", "", - "", "", "NGRAM", "" + "DEFAULT", "CLASSIC", "PCGUARD", "CFG", "LTO", "", "", "", "CTX", "", + "", "", "", "", "", "", "NGRAM", "" }; @@ -584,13 +584,6 @@ int main(int argc, char **argv, char **envp) { be_quiet = 1; -#ifndef USE_TRACE_PC - if (getenv("AFL_LLVM_WHITELIST")) - instrument_mode = INSTRUMENT_AFL; - else -#endif - instrument_mode = INSTRUMENT_PCGUARD; - if (getenv("USE_TRACE_PC") || getenv("AFL_USE_TRACE_PC") || getenv("AFL_LLVM_USE_TRACE_PC") || getenv("AFL_TRACE_PC")) { @@ -632,12 +625,11 @@ int main(int argc, char **argv, char **envp) { while (ptr) { - if (strncasecmp(ptr, "default", strlen("default")) == 0 || - strncasecmp(ptr, "afl", strlen("afl")) == 0 || + if (strncasecmp(ptr, "afl", strlen("afl")) == 0 || strncasecmp(ptr, "classic", strlen("classic")) == 0) { - if (!instrument_mode || instrument_mode == INSTRUMENT_DEFAULT) - instrument_mode = INSTRUMENT_DEFAULT; + if (!instrument_mode || instrument_mode == INSTRUMENT_AFL) + instrument_mode = INSTRUMENT_AFL; else FATAL("main instrumentation mode already set with %s", instrument_mode_string[instrument_mode]); @@ -743,6 +735,17 @@ int main(int argc, char **argv, char **envp) { } + if (instrument_mode == 0) { + +#ifndef USE_TRACE_PC + if (getenv("AFL_LLVM_WHITELIST")) + instrument_mode = INSTRUMENT_AFL; + else +#endif + instrument_mode = INSTRUMENT_PCGUARD; + + } + if (instrument_opt_mode && lto_mode) FATAL( "CTX and NGRAM can not be used in LTO mode (and would make LTO " -- cgit 1.4.1 From a5ef93c83a958b5df1ee1c602c687122648aadb6 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Fri, 22 May 2020 11:42:04 +0200 Subject: fix cmplog for llvm 11-dev --- docs/Changelog.md | 1 + llvm_mode/afl-llvm-rt.o.c | 2 +- llvm_mode/cmplog-routines-pass.cc | 9 +++++---- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 8393a690..71738913 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -23,6 +23,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. feature is used. - lowered minimum required llvm version to 3.4 (except LLVMInsTrim, which needs 3.8.0) + - small change to cmplog to make it work with current llvm 11-dev - fixed afl-gcc/afl-as that could break on fast systems reusing pids in the same second - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk diff --git a/llvm_mode/afl-llvm-rt.o.c b/llvm_mode/afl-llvm-rt.o.c index c0d1569d..0583cb5f 100644 --- a/llvm_mode/afl-llvm-rt.o.c +++ b/llvm_mode/afl-llvm-rt.o.c @@ -892,7 +892,7 @@ static int area_is_mapped(void *ptr, size_t len) { } -void __cmplog_rtn_hook(void *ptr1, void *ptr2) { +void __cmplog_rtn_hook(u8 *ptr1, u8 *ptr2) { if (!__afl_cmp_map) return; diff --git a/llvm_mode/cmplog-routines-pass.cc b/llvm_mode/cmplog-routines-pass.cc index bb78273a..623388ba 100644 --- a/llvm_mode/cmplog-routines-pass.cc +++ b/llvm_mode/cmplog-routines-pass.cc @@ -93,16 +93,17 @@ bool CmpLogRoutines::hookRtns(Module &M) { std::vector<CallInst *> calls; LLVMContext & C = M.getContext(); - Type * VoidTy = Type::getVoidTy(C); - PointerType *VoidPtrTy = PointerType::get(VoidTy, 0); + Type *VoidTy = Type::getVoidTy(C); + // PointerType *VoidPtrTy = PointerType::get(VoidTy, 0); + IntegerType *Int8Ty = IntegerType::getInt8Ty(C); + PointerType *i8PtrTy = PointerType::get(Int8Ty, 0); #if LLVM_VERSION_MAJOR < 9 Constant * #else FunctionCallee #endif - c = M.getOrInsertFunction("__cmplog_rtn_hook", VoidTy, VoidPtrTy, - VoidPtrTy + c = M.getOrInsertFunction("__cmplog_rtn_hook", VoidTy, i8PtrTy, i8PtrTy #if LLVM_VERSION_MAJOR < 5 , NULL -- cgit 1.4.1 From 6253bea73cdfb9a4ec33fbab66d167ab5dfab7db Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Fri, 22 May 2020 12:51:21 +0200 Subject: fix test.sh --- test/test.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/test/test.sh b/test/test.sh index 2559f058..37b09968 100755 --- a/test/test.sh +++ b/test/test.sh @@ -68,6 +68,7 @@ unset LD_PRELOAD rm -rf in in2 out export ASAN_OPTIONS=detect_leaks=0:allocator_may_return_null=1:abort_on_error=1:symbolize=0 +export AFL_LLVM_INSTRUMENT=AFL # on OpenBSD we need to work with llvm from /usr/local/bin test -e /usr/local/bin/opt && { -- cgit 1.4.1 From 536397b22fb497bc26675e2141d4364b22876bfb Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Fri, 22 May 2020 13:31:16 +0200 Subject: travis debug --- test/test.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/test/test.sh b/test/test.sh index 37b09968..37581d5f 100755 --- a/test/test.sh +++ b/test/test.sh @@ -352,6 +352,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { rm -f test-instr.instrim test.out } || { $ECHO "$RED[!] llvm_mode InsTrim compilation failed" + AFL_LLVM_INSTRIM=1 AFL_LLVM_INSTRIM_LOOPHEAD=1 ../afl-clang-fast -o test-instr.instrim ../test-instr.c CODE=1 } } || { -- cgit 1.4.1 From 7d3cfcfd0bbcf8049e0952bbc96939f3f997186a Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Fri, 22 May 2020 13:49:50 +0200 Subject: more test.sh fixes --- test/test.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/test.sh b/test/test.sh index 37581d5f..cf1f1797 100755 --- a/test/test.sh +++ b/test/test.sh @@ -340,7 +340,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { # now for the special llvm_mode things test -e ../libLLVMInsTrim.so && { - AFL_LLVM_INSTRIM=1 AFL_LLVM_INSTRIM_LOOPHEAD=1 ../afl-clang-fast -o test-instr.instrim ../test-instr.c > /dev/null 2>test.out + AFL_LLVM_INSTRUMENT=CFG AFL_LLVM_INSTRIM_LOOPHEAD=1 ../afl-clang-fast -o test-instr.instrim ../test-instr.c > /dev/null 2>test.out test -e test-instr.instrim && { TUPLES=`echo 0|../afl-showmap -m ${MEM_LIMIT} -o /dev/null -- ./test-instr.instrim 2>&1 | grep Captur | awk '{print$3}'` test "$TUPLES" -gt 2 -a "$TUPLES" -lt 5 && { @@ -352,13 +352,13 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { rm -f test-instr.instrim test.out } || { $ECHO "$RED[!] llvm_mode InsTrim compilation failed" - AFL_LLVM_INSTRIM=1 AFL_LLVM_INSTRIM_LOOPHEAD=1 ../afl-clang-fast -o test-instr.instrim ../test-instr.c CODE=1 } } || { $ECHO "$YELLOW[-] llvm_mode InsTrim not compiled, cannot test" INCOMPLETE=1 } + AFL_LLVM_INSTRUMENT=CFG AFL_DEBUG=1 AFL_LLVM_LAF_SPLIT_SWITCHES=1 AFL_LLVM_LAF_TRANSFORM_COMPARES=1 AFL_LLVM_LAF_SPLIT_COMPARES=1 ../afl-clang-fast -o test-compcov.compcov test-compcov.c > test.out 2>&1 test -e test-compcov.compcov && { grep --binary-files=text -Eq " [ 12][0-9][0-9] location| [3-9][0-9] location" test.out && { -- cgit 1.4.1 From 0f8da71588ecf0de4b7e56754107c2fedd6cbb0f Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Fri, 22 May 2020 13:50:39 +0200 Subject: more test.sh fixes --- test/test.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/test.sh b/test/test.sh index cf1f1797..8d9e7e00 100755 --- a/test/test.sh +++ b/test/test.sh @@ -358,7 +358,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { $ECHO "$YELLOW[-] llvm_mode InsTrim not compiled, cannot test" INCOMPLETE=1 } - AFL_LLVM_INSTRUMENT=CFG + AFL_LLVM_INSTRUMENT=AFL AFL_DEBUG=1 AFL_LLVM_LAF_SPLIT_SWITCHES=1 AFL_LLVM_LAF_TRANSFORM_COMPARES=1 AFL_LLVM_LAF_SPLIT_COMPARES=1 ../afl-clang-fast -o test-compcov.compcov test-compcov.c > test.out 2>&1 test -e test-compcov.compcov && { grep --binary-files=text -Eq " [ 12][0-9][0-9] location| [3-9][0-9] location" test.out && { -- cgit 1.4.1 From 74f01881e36e45005ed2080e351323367532ee01 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Fri, 22 May 2020 16:56:05 +0200 Subject: small enhancements for llvm11 --- llvm_mode/afl-llvm-rt.o.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/llvm_mode/afl-llvm-rt.o.c b/llvm_mode/afl-llvm-rt.o.c index 0583cb5f..dac35796 100644 --- a/llvm_mode/afl-llvm-rt.o.c +++ b/llvm_mode/afl-llvm-rt.o.c @@ -63,8 +63,14 @@ is used for instrumentation output before __afl_map_shm() has a chance to run. It will end up as .comm, so it shouldn't be too wasteful. */ +#if MAP_SIZE <= 65536 + #define MAP_INITIAL_SIZE 256000 +#else + #define MAP_INITIAL_SIZE MAP_SIZE +#endif + #ifdef AFL_REAL_LD -u8 __afl_area_initial[256000]; +u8 __afl_area_initial[MAP_INITIAL_SIZE]; #else u8 __afl_area_initial[MAP_SIZE]; #endif -- cgit 1.4.1 From 38fe1c60666d9e8cb3d7b825e5a926111b2160d5 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Fri, 22 May 2020 20:59:32 +0200 Subject: more help for LTO issues --- llvm_mode/README.lto.md | 11 +++++++++-- src/afl-forkserver.c | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/llvm_mode/README.lto.md b/llvm_mode/README.lto.md index fa5b8665..88b1517d 100644 --- a/llvm_mode/README.lto.md +++ b/llvm_mode/README.lto.md @@ -6,8 +6,6 @@ This version requires a current llvm 11 compiled from the github master. 1. Use afl-clang-lto/afl-clang-lto++ because it is faster and gives better coverage than anything else that is out there in the AFL world - 1a. Set AFL_LLVM_INSTRUMENT=CFG if you want the InsTrimLTO version - (recommended) 2. You can use it together with llvm_mode: laf-intel and whitelisting features and can be combined with cmplog/Redqueen @@ -20,6 +18,8 @@ This version requires a current llvm 11 compiled from the github master. note that if that target uses _init functions or early constructors then also set `AFL_LLVM_MAP_DYNAMIC=1` as your target will crash otherwise +6. If you get the error `error: Invalid record` at link time you must decide + between LTO or cmplog/laf-intel ## Introduction and problem description @@ -134,6 +134,13 @@ and on some target you have to to AR=/RANLIB= even for make as the configure scr Other targets ignore environment variables and need the parameters set via `./configure --cc=... --cxx= --ranlib= ...` etc. (I am looking at you ffmpeg!). +### error: Invalid record + +This error only occurs if cmplog or laf-intel were activated. +If you see the error `error: Invalid record` at link time then an +instrumentation went wrong. You now must choose, either use afl-clang-fast +and keep cmplog/laf-intel, or drop cmplog/laf-intel and keep using afl-clang-lto. + ### compiling programs still fail afl-clang-lto is still work in progress. diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index 1c0ba349..076fa392 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -679,7 +679,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, "Hmm, looks like the target binary terminated before we could" "complete a handshake with the injected code.\n" "If the target was compiled with afl-clang-lto then recompiling with" - "AFL_LLVM_MAP_DYNAMIC might solve your problem.\n" + " AFL_LLVM_MAP_DYNAMIC might solve your problem.\n" "Otherwise there is a horrible bug in the fuzzer.\n" "Poke <afl-users@googlegroups.com> for troubleshooting tips.\n"); -- cgit 1.4.1 From c64ea494320f174575206006d0ea8c098c1a71e1 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Sat, 23 May 2020 01:37:21 +0200 Subject: AFL_LLVM_LAF_ALL --- docs/Changelog.md | 1 + docs/env_variables.md | 9 +++++++-- llvm_mode/README.laf-intel.md | 3 +++ llvm_mode/afl-clang-fast.c | 17 +++++++++++++---- src/afl-common.c | 2 +- 5 files changed, 25 insertions(+), 7 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 71738913..08952717 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -24,6 +24,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - lowered minimum required llvm version to 3.4 (except LLVMInsTrim, which needs 3.8.0) - small change to cmplog to make it work with current llvm 11-dev + - added AFL_LLVM_LAF_ALL, sets all laf-intel settings - fixed afl-gcc/afl-as that could break on fast systems reusing pids in the same second - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk diff --git a/docs/env_variables.md b/docs/env_variables.md index 2668be7d..867e937e 100644 --- a/docs/env_variables.md +++ b/docs/env_variables.md @@ -190,13 +190,18 @@ Then there are a few specific features that are only available in llvm_mode: to allow afl-fuzz to find otherwise rather impossible paths. It is not restricted to Intel CPUs ;-) - - Setting AFL_LLVM_LAF_SPLIT_SWITCHES will split switch()es - - Setting AFL_LLVM_LAF_TRANSFORM_COMPARES will split string compare functions + - Setting AFL_LLVM_LAF_SPLIT_SWITCHES will split switch()es + - Setting AFL_LLVM_LAF_SPLIT_COMPARES will split all floating point and 64, 32 and 16 bit integer CMP instructions + - Setting AFL_LLVM_LAF_SPLIT_FLOATS will split floating points, needs + AFL_LLVM_LAF_SPLIT_COMPARES to be set + + - Setting AFL_LLVM_LAF_ALL sets all of the above + See llvm_mode/README.laf-intel.md for more information. ### WHITELIST diff --git a/llvm_mode/README.laf-intel.md b/llvm_mode/README.laf-intel.md index 462c7bac..2fa4bc26 100644 --- a/llvm_mode/README.laf-intel.md +++ b/llvm_mode/README.laf-intel.md @@ -37,3 +37,6 @@ series of sign, exponent and mantissa comparisons followed by splitting each of them into 8 bit comparisons when necessary. It is activated with the `AFL_LLVM_LAF_SPLIT_FLOATS` setting, available only when `AFL_LLVM_LAF_SPLIT_COMPARES` is set. + +You can also set `AFL_LLVM_LAF_ALL` and have all of the above enabled :-) + diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index 2cc40b62..2aeb0400 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -829,14 +829,14 @@ int main(int argc, char **argv, char **envp) { "AFL_LLVM_NOT_ZERO: use cycling trace counters that skip zero\n" "AFL_LLVM_SKIP_NEVERZERO: do not skip zero on trace counters\n" "AFL_LLVM_LAF_SPLIT_COMPARES: enable cascaded comparisons\n" - "AFL_LLVM_LAF_SPLIT_FLOATS: transform floating point comp. to " - "cascaded " - "comp.\n" + "AFL_LLVM_LAF_SPLIT_COMPARES_BITW: size limit (default 8)\n" "AFL_LLVM_LAF_SPLIT_SWITCHES: casc. comp. in 'switch'\n" " to cascaded comparisons\n" + "AFL_LLVM_LAF_SPLIT_FLOATS: transform floating point comp. to " + "cascaded comp.\n" "AFL_LLVM_LAF_TRANSFORM_COMPARES: transform library comparison " "function calls\n" - "AFL_LLVM_LAF_SPLIT_COMPARES_BITW: size limit (default 8)\n" + "AFL_LLVM_LAF_ALL: enables all LAF splits/transforms\n" "AFL_LLVM_WHITELIST: enable whitelisting (selective " "instrumentation)\n" "AFL_NO_BUILTIN: compile for use with libtokencap.so\n" @@ -925,6 +925,15 @@ int main(int argc, char **argv, char **envp) { check_environment_vars(envp); + if (getenv("AFL_LLVM_LAF_ALL")) { + + setenv("AFL_LLVM_LAF_SPLIT_SWITCHES", "1", 1); + setenv("AFL_LLVM_LAF_SPLIT_COMPARES", "1", 1); + setenv("AFL_LLVM_LAF_SPLIT_FLOATS", "1", 1); + setenv("AFL_LLVM_LAF_TRANSFORM_COMPARES", "1", 1); + + } + cmplog_mode = getenv("AFL_CMPLOG") || getenv("AFL_LLVM_CMPLOG"); if (!be_quiet && cmplog_mode) printf("CmpLog mode by <andreafioraldi@gmail.com>\n"); diff --git a/src/afl-common.c b/src/afl-common.c index 808c9812..1bb58a60 100644 --- a/src/afl-common.c +++ b/src/afl-common.c @@ -67,7 +67,7 @@ char *afl_environment_variables[] = { "AFL_LLVM_SKIPSINGLEBLOCK", "AFL_LLVM_INSTRIM_SKIPSINGLEBLOCK", "AFL_LLVM_LAF_SPLIT_COMPARES", "AFL_LLVM_LAF_SPLIT_COMPARES_BITW", "AFL_LLVM_LAF_SPLIT_FLOATS", "AFL_LLVM_LAF_SPLIT_SWITCHES", - "AFL_LLVM_LAF_TRANSFORM_COMPARES", "AFL_LLVM_MAP_ADDR", + "AFL_LLVM_LAF_ALL", "AFL_LLVM_LAF_TRANSFORM_COMPARES", "AFL_LLVM_MAP_ADDR", "AFL_LLVM_MAP_DYNAMIC", "AFL_LLVM_NGRAM_SIZE", "AFL_NGRAM_SIZE", "AFL_LLVM_NOT_ZERO", "AFL_LLVM_WHITELIST", "AFL_LLVM_SKIP_NEVERZERO", "AFL_NO_AFFINITY", "AFL_LLVM_LTO_STARTID", "AFL_LLVM_LTO_DONTWRITEID", -- cgit 1.4.1 From d7ea8356a75a7e9076149d002bf3bd3b8045fe15 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Sat, 23 May 2020 01:53:42 +0200 Subject: installing llvm 11 --- llvm_mode/README.lto.md | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/llvm_mode/README.lto.md b/llvm_mode/README.lto.md index 88b1517d..0415076a 100644 --- a/llvm_mode/README.lto.md +++ b/llvm_mode/README.lto.md @@ -50,7 +50,8 @@ and many dead ends until we got to this: The result: * 10-25% speed gain compared to llvm_mode * guaranteed non-colliding edge coverage :-) - * The compile time especially for libraries can be longer + * The compile time especially for binaries to an instrumented library can be + much longer Example build output from a libtiff build: ``` @@ -61,8 +62,30 @@ AUTODICTIONARY: 11 strings found [+] Instrumented 12071 locations with no collisions (on average 1046 collisions would be in afl-gcc/afl-clang-fast) (non-hardened mode). ``` -## Building llvm 11 +## Getting llvm 11 +### Installing llvm 11 +Installing the llvm snapshot builds is easy and mostly painless: + +In the follow line change `NAME` for your Debian or Ubuntu release name +(e.g. buster, focal, eon, etc.): +``` +echo deb http://apt.llvm.org/NAME/ llvm-toolchain-NAME NAME >> /etc/apt/sources.list +``` +then add the pgp key of llvm and install the packages: +``` +wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - +apt-get update && apt-get upgrade -y +apt-get install -y clang-11 clang-tools-11 libc++1-11 libc++-11-dev \ + libc++abi1-11 libc++abi-11-dev libclang1-11 libclang-11-dev \ + libclang-common-11-dev libclang-cpp11 libclang-cpp11-dev liblld-11 \ + liblld-11-dev liblldb-11 liblldb-11-dev libllvm11 libomp-11-dev \ + libomp5-11 lld-11 lldb-11 llvm-11 llvm-11-dev llvm-11-runtime llvm-11-tools +``` + +### Building llvm 11 + +Building llvm from github takes quite some long time and is not painless: ``` $ sudo apt install binutils-dev # this is *essential*! $ git clone https://github.com/llvm/llvm-project -- cgit 1.4.1 From 0245f8438d71b07e2a2415e8880bd4bbd70b5859 Mon Sep 17 00:00:00 2001 From: hexcoder <hexcoder-@users.noreply.github.com> Date: Sat, 23 May 2020 08:15:20 +0200 Subject: forkserver: missing space in message --- src/afl-forkserver.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index 076fa392..b67aedde 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -677,7 +677,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, SAYF("\n" cLRD "[-] " cRST "Hmm, looks like the target binary terminated before we could" - "complete a handshake with the injected code.\n" + " complete a handshake with the injected code.\n" "If the target was compiled with afl-clang-lto then recompiling with" " AFL_LLVM_MAP_DYNAMIC might solve your problem.\n" "Otherwise there is a horrible bug in the fuzzer.\n" -- cgit 1.4.1 From 38df6eb3a9d572d13a0554f6d511723feb644be6 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Sat, 23 May 2020 17:00:02 +0200 Subject: LTO whitelist functionality rewritten, now anything can be skipped --- docs/Changelog.md | 2 + llvm_mode/README.lto.md | 5 -- llvm_mode/afl-llvm-lto-instrim.so.cc | 11 +++ llvm_mode/afl-llvm-lto-instrumentation.so.cc | 11 +++ llvm_mode/afl-llvm-lto-whitelist.so.cc | 125 +++++++++++++-------------- 5 files changed, 83 insertions(+), 71 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 08952717..ae398b66 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -25,6 +25,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. which needs 3.8.0) - small change to cmplog to make it work with current llvm 11-dev - added AFL_LLVM_LAF_ALL, sets all laf-intel settings + - LTO whitelist functionality rewritten, now main, _init etc functions + need not to be whitelisted anymore - fixed afl-gcc/afl-as that could break on fast systems reusing pids in the same second - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk diff --git a/llvm_mode/README.lto.md b/llvm_mode/README.lto.md index 0415076a..4790c167 100644 --- a/llvm_mode/README.lto.md +++ b/llvm_mode/README.lto.md @@ -190,11 +190,6 @@ target will likely crash when started. This can be avoided by compiling with This can e.g. happen with OpenSSL. -## Upcoming Work - -1. Currently the LTO whitelist feature does not allow to instrument main, - start and init functions - ## History This was originally envisioned by hexcoder- in Summer 2019, however we saw no diff --git a/llvm_mode/afl-llvm-lto-instrim.so.cc b/llvm_mode/afl-llvm-lto-instrim.so.cc index a7d9b756..27504e8d 100644 --- a/llvm_mode/afl-llvm-lto-instrim.so.cc +++ b/llvm_mode/afl-llvm-lto-instrim.so.cc @@ -561,6 +561,17 @@ struct InsTrimLTO : public ModulePass { if (F.size() < function_minimum_size) continue; if (isBlacklisted(&F)) continue; + // whitelist check + AttributeList Attrs = F.getAttributes(); + if (Attrs.hasAttribute(-1, StringRef("skipinstrument"))) { + + if (debug) + fprintf(stderr, "DEBUG: Function %s is not whitelisted\n", + F.getName().str().c_str()); + continue; + + } + std::unordered_set<BasicBlock *> MS; if (!MarkSetOpt) { diff --git a/llvm_mode/afl-llvm-lto-instrumentation.so.cc b/llvm_mode/afl-llvm-lto-instrumentation.so.cc index f44b336e..cbe68171 100644 --- a/llvm_mode/afl-llvm-lto-instrumentation.so.cc +++ b/llvm_mode/afl-llvm-lto-instrumentation.so.cc @@ -197,6 +197,17 @@ bool AFLLTOPass::runOnModule(Module &M) { if (F.size() < function_minimum_size) continue; if (isBlacklisted(&F)) continue; + // whitelist check + AttributeList Attrs = F.getAttributes(); + if (Attrs.hasAttribute(-1, StringRef("skipinstrument"))) { + + if (debug) + fprintf(stderr, "DEBUG: Function %s is not whitelisted\n", + F.getName().str().c_str()); + continue; + + } + std::vector<BasicBlock *> InsBlocks; if (autodictionary) { diff --git a/llvm_mode/afl-llvm-lto-whitelist.so.cc b/llvm_mode/afl-llvm-lto-whitelist.so.cc index a116c4ea..8856ce21 100644 --- a/llvm_mode/afl-llvm-lto-whitelist.so.cc +++ b/llvm_mode/afl-llvm-lto-whitelist.so.cc @@ -122,64 +122,65 @@ bool AFLwhitelist::runOnModule(Module &M) { for (auto &F : M) { + if (F.size() < 1) continue; + // fprintf(stderr, "F:%s\n", F.getName().str().c_str()); if (isBlacklisted(&F)) continue; - for (auto &BB : F) { + BasicBlock::iterator IP = F.getEntryBlock().getFirstInsertionPt(); + IRBuilder<> IRB(&(*IP)); - BasicBlock::iterator IP = BB.getFirstInsertionPt(); - IRBuilder<> IRB(&(*IP)); + if (!myWhitelist.empty()) { - if (!myWhitelist.empty()) { + bool instrumentFunction = false; - bool instrumentBlock = false; + /* Get the current location using debug information. + * For now, just instrument the block if we are not able + * to determine our location. */ + DebugLoc Loc = IP->getDebugLoc(); + if (Loc) { - /* Get the current location using debug information. - * For now, just instrument the block if we are not able - * to determine our location. */ - DebugLoc Loc = IP->getDebugLoc(); - if (Loc) { + DILocation *cDILoc = dyn_cast<DILocation>(Loc.getAsMDNode()); - DILocation *cDILoc = dyn_cast<DILocation>(Loc.getAsMDNode()); + unsigned int instLine = cDILoc->getLine(); + StringRef instFilename = cDILoc->getFilename(); - unsigned int instLine = cDILoc->getLine(); - StringRef instFilename = cDILoc->getFilename(); + if (instFilename.str().empty()) { - if (instFilename.str().empty()) { + /* If the original location is empty, try using the inlined location + */ + DILocation *oDILoc = cDILoc->getInlinedAt(); + if (oDILoc) { - /* If the original location is empty, try using the inlined location - */ - DILocation *oDILoc = cDILoc->getInlinedAt(); - if (oDILoc) { - - instFilename = oDILoc->getFilename(); - instLine = oDILoc->getLine(); - - } + instFilename = oDILoc->getFilename(); + instLine = oDILoc->getLine(); } - (void)instLine; + } - /* Continue only if we know where we actually are */ - if (!instFilename.str().empty()) { + (void)instLine; - for (std::list<std::string>::iterator it = myWhitelist.begin(); - it != myWhitelist.end(); ++it) { + if (debug) + SAYF(cMGN "[D] " cRST "function %s is in file %s\n", + F.getName().str().c_str(), instFilename.str().c_str()); + /* Continue only if we know where we actually are */ + if (!instFilename.str().empty()) { - /* We don't check for filename equality here because - * filenames might actually be full paths. Instead we - * check that the actual filename ends in the filename - * specified in the list. */ - if (instFilename.str().length() >= it->length()) { + for (std::list<std::string>::iterator it = myWhitelist.begin(); + it != myWhitelist.end(); ++it) { - if (instFilename.str().compare( - instFilename.str().length() - it->length(), - it->length(), *it) == 0) { + /* We don't check for filename equality here because + * filenames might actually be full paths. Instead we + * check that the actual filename ends in the filename + * specified in the list. */ + if (instFilename.str().length() >= it->length()) { - instrumentBlock = true; - break; + if (instFilename.str().compare( + instFilename.str().length() - it->length(), it->length(), + *it) == 0) { - } + instrumentFunction = true; + break; } @@ -189,43 +190,35 @@ bool AFLwhitelist::runOnModule(Module &M) { } - /* Either we couldn't figure out our location or the location is - * not whitelisted, so we skip instrumentation. - * We do this by renaming the function. */ - if (!instrumentBlock) { - - if (F.getName().compare("main") == 0 || - F.getName().compare("start") == 0 || - F.getName().compare("_start") == 0 || - F.getName().compare("init") == 0 || - F.getName().compare("_init") == 0) { - - // We do not honor be_quiet for this one - WARNF("Cannot ignore functions main/init/start"); - - } else { - - // StringRef newName = StringRef("ign.") + F.getName(); - if (debug) - SAYF(cMGN "[D] " cRST "renamed %s to ign.%s\n", - F.getName().str().c_str(), F.getName().str().c_str()); - Function *_F(&F); - _F->setName("ign." + F.getName()); - - } + } - } else if (debug) + /* Either we couldn't figure out our location or the location is + * not whitelisted, so we skip instrumentation. + * We do this by renaming the function. */ + if (instrumentFunction == true) { + if (debug) SAYF(cMGN "[D] " cRST "function %s is in whitelist\n", F.getName().str().c_str()); } else { - PFATAL("Whitelist is empty"); + if (debug) + SAYF(cMGN "[D] " cRST "function %s is NOT in whitelist\n", + F.getName().str().c_str()); + + auto & Ctx = F.getContext(); + AttributeList Attrs = F.getAttributes(); + AttrBuilder NewAttrs; + NewAttrs.addAttribute("skipinstrument"); + F.setAttributes( + Attrs.addAttributes(Ctx, AttributeList::FunctionIndex, NewAttrs)); } - break; + } else { + + PFATAL("Whitelist is empty"); } -- cgit 1.4.1 From 68e66fa92090f7acd3555c8d64ee29ff97334f02 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Sun, 24 May 2020 01:59:08 +0200 Subject: fix compare-transform for strn?casecmp --- docs/Changelog.md | 2 ++ llvm_mode/afl-clang-fast.c | 24 ++++++++++++++---------- llvm_mode/compare-transform-pass.so.cc | 10 ++++++++-- test/test-compcov.c | 2 ++ 4 files changed, 26 insertions(+), 12 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index ae398b66..4b6e90e5 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -27,6 +27,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - added AFL_LLVM_LAF_ALL, sets all laf-intel settings - LTO whitelist functionality rewritten, now main, _init etc functions need not to be whitelisted anymore + - fixed crash in compare-transform-pass when strcasemp/strncasecmp was + tried to be instrumented - fixed afl-gcc/afl-as that could break on fast systems reusing pids in the same second - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index 2aeb0400..8791c5ae 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -220,6 +220,20 @@ static void edit_params(u32 argc, char **argv, char **envp) { afl-clang-lto(++) */ + if (lto_mode) { + + if (getenv("AFL_LLVM_WHITELIST") != NULL) { + + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = "-load"; + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = + alloc_printf("%s/afl-llvm-lto-whitelist.so", obj_path); + + } + + } + // laf if (getenv("LAF_SPLIT_SWITCHES") || getenv("AFL_LLVM_LAF_SPLIT_SWITCHES")) { @@ -289,16 +303,6 @@ static void edit_params(u32 argc, char **argv, char **envp) { if (lto_mode) { - if (getenv("AFL_LLVM_WHITELIST") != NULL) { - - cc_params[cc_par_cnt++] = "-Xclang"; - cc_params[cc_par_cnt++] = "-load"; - cc_params[cc_par_cnt++] = "-Xclang"; - cc_params[cc_par_cnt++] = - alloc_printf("%s/afl-llvm-lto-whitelist.so", obj_path); - - } - cc_params[cc_par_cnt++] = alloc_printf("-fuse-ld=%s", AFL_REAL_LD); cc_params[cc_par_cnt++] = "-Wl,--allow-multiple-definition"; if (instrument_mode == INSTRUMENT_CFG) diff --git a/llvm_mode/compare-transform-pass.so.cc b/llvm_mode/compare-transform-pass.so.cc index 1ebc54d7..2f5eb341 100644 --- a/llvm_mode/compare-transform-pass.so.cc +++ b/llvm_mode/compare-transform-pass.so.cc @@ -438,9 +438,13 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, for (uint64_t i = 0; i < constLen; i++) { - BasicBlock *cur_bb = next_bb; + BasicBlock * cur_bb = next_bb; + unsigned char c; - char c = isCaseInsensitive ? tolower(ConstStr[i]) : ConstStr[i]; + if (isCaseInsensitive) + c = (unsigned char)(tolower((int)ConstStr[i]) & 0xff); + else + c = (unsigned char)ConstStr[i]; BasicBlock::iterator IP = next_bb->getFirstInsertionPt(); IRBuilder<> IRB(&*IP); @@ -448,9 +452,11 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, Value *v = ConstantInt::get(Int64Ty, i); Value *ele = IRB.CreateInBoundsGEP(VarStr, v, "empty"); Value *load = IRB.CreateLoad(ele); + if (isCaseInsensitive) { // load >= 'A' && load <= 'Z' ? load | 0x020 : load + load = IRB.CreateZExt(load, Int32Ty); std::vector<Value *> args; args.push_back(load); load = IRB.CreateCall(tolowerFn, args, "tmp"); diff --git a/test/test-compcov.c b/test/test-compcov.c index c8dd674e..a2202a22 100644 --- a/test/test-compcov.c +++ b/test/test-compcov.c @@ -39,6 +39,8 @@ int main(int argc, char **argv) { printf("short local var memcmp works!\n"); else if (memcmp(global_cmpval, input, sizeof(global_cmpval)) == 0) printf("global var memcmp works!\n"); + else if (strncasecmp("-h", input, 2) == 0) + printf("this is not the help you are looking for\n"); else printf("I do not know your string\n"); -- cgit 1.4.1 From fc574086ec8beff72a032f73884fb9f1f0d02f47 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Sun, 24 May 2020 15:15:17 +0200 Subject: fix cmplog --- docs/Changelog.md | 3 ++- llvm_mode/cmplog-routines-pass.cc | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 4b6e90e5..6115a0cc 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -28,7 +28,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - LTO whitelist functionality rewritten, now main, _init etc functions need not to be whitelisted anymore - fixed crash in compare-transform-pass when strcasemp/strncasecmp was - tried to be instrumented + tried to be instrumented with LTO + - fixed crash in cmplog with LTO - fixed afl-gcc/afl-as that could break on fast systems reusing pids in the same second - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk diff --git a/llvm_mode/cmplog-routines-pass.cc b/llvm_mode/cmplog-routines-pass.cc index 623388ba..e05a1843 100644 --- a/llvm_mode/cmplog-routines-pass.cc +++ b/llvm_mode/cmplog-routines-pass.cc @@ -164,8 +164,10 @@ bool CmpLogRoutines::hookRtns(Module &M) { IRB.SetInsertPoint(callInst); std::vector<Value *> args; - args.push_back(v1P); - args.push_back(v2P); + Value * v1Pcasted = IRB.CreatePointerCast(v1P, i8PtrTy); + Value * v2Pcasted = IRB.CreatePointerCast(v2P, i8PtrTy); + args.push_back(v1Pcasted); + args.push_back(v2Pcasted); IRB.CreateCall(cmplogHookFn, args, "tmp"); -- cgit 1.4.1 From 3eef1560a277e0a2003f58824285d4bfec754ff7 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Mon, 25 May 2020 09:14:30 +0200 Subject: remove not needed error description --- llvm_mode/README.lto.md | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/llvm_mode/README.lto.md b/llvm_mode/README.lto.md index 4790c167..99bcc50d 100644 --- a/llvm_mode/README.lto.md +++ b/llvm_mode/README.lto.md @@ -18,9 +18,6 @@ This version requires a current llvm 11 compiled from the github master. note that if that target uses _init functions or early constructors then also set `AFL_LLVM_MAP_DYNAMIC=1` as your target will crash otherwise -6. If you get the error `error: Invalid record` at link time you must decide - between LTO or cmplog/laf-intel - ## Introduction and problem description A big issue with how afl/afl++ works is that the basic block IDs that are @@ -157,13 +154,6 @@ and on some target you have to to AR=/RANLIB= even for make as the configure scr Other targets ignore environment variables and need the parameters set via `./configure --cc=... --cxx= --ranlib= ...` etc. (I am looking at you ffmpeg!). -### error: Invalid record - -This error only occurs if cmplog or laf-intel were activated. -If you see the error `error: Invalid record` at link time then an -instrumentation went wrong. You now must choose, either use afl-clang-fast -and keep cmplog/laf-intel, or drop cmplog/laf-intel and keep using afl-clang-lto. - ### compiling programs still fail afl-clang-lto is still work in progress. -- cgit 1.4.1 From 4c394a9d7b0477811531e8567dccb043a9c4a279 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Mon, 25 May 2020 10:57:15 +0200 Subject: new todo --- TODO.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/TODO.md b/TODO.md index e7f5b257..3ee8d091 100644 --- a/TODO.md +++ b/TODO.md @@ -7,6 +7,8 @@ - namespace for targets? e.g. network - libradamsa as a custom module? - learn from honggfuzz + - for persistent mode, have a functionality that transports the test case + via shared memory (and the int write to the FD from afl-fuzz is the size) ## Further down the road -- cgit 1.4.1 From 1e597a64dcb4eba23785f6c2c094c3d868982cc4 Mon Sep 17 00:00:00 2001 From: Robert Scott <code@humanleg.org.uk> Date: Mon, 18 May 2020 22:14:32 +0100 Subject: llvm_mode compare-transform-pass: refactor comparison length determination make this clearer and handle case with embedded null characters in const string properly --- llvm_mode/compare-transform-pass.so.cc | 79 ++++++++++++++++++---------------- 1 file changed, 43 insertions(+), 36 deletions(-) diff --git a/llvm_mode/compare-transform-pass.so.cc b/llvm_mode/compare-transform-pass.so.cc index 2f5eb341..4879994a 100644 --- a/llvm_mode/compare-transform-pass.so.cc +++ b/llvm_mode/compare-transform-pass.so.cc @@ -304,17 +304,24 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, if (!(HasStr1 || HasStr2)) continue; if (isMemcmp || isStrncmp || isStrncasecmp) { - /* check if third operand is a constant integer * strlen("constStr") and sizeof() are treated as constant */ Value * op2 = callInst->getArgOperand(2); ConstantInt *ilen = dyn_cast<ConstantInt>(op2); - if (!ilen) continue; - /* final precaution: if size of compare is larger than constant - * string skip it*/ - uint64_t literalLength = HasStr1 ? Str1.size() : Str2.size(); - if (literalLength + 1 < ilen->getZExtValue()) continue; - + if (ilen) { + uint64_t len = ilen->getZExtValue(); + // if len is zero this is a pointless call but allow real + // implementation to worry about that + if (!len) continue; + + if (isMemcmp) { + // if size of compare is larger than constant string this is + // likely a bug but allow real implementation to worry about + // that + uint64_t literalLength = HasStr1 ? Str1.size() : Str2.size(); + if (literalLength + 1 < ilen->getZExtValue()) continue; + } + } else continue; } calls.push_back(callInst); @@ -341,7 +348,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, Value * VarStr; bool HasStr1 = getConstantStringInfo(Str1P, Str1); bool HasStr2 = getConstantStringInfo(Str2P, Str2); - uint64_t constLen, sizedLen; + uint64_t constStrLen, constSizedLen, unrollLen; bool isMemcmp = !callInst->getCalledFunction()->getName().compare(StringRef("memcmp")); bool isSizedcmp = isMemcmp || @@ -349,23 +356,12 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, StringRef("strncmp")) || !callInst->getCalledFunction()->getName().compare( StringRef("strncasecmp")); + bool isConstSized = isSizedcmp && isa<ConstantInt>(callInst->getArgOperand(2)); bool isCaseInsensitive = !callInst->getCalledFunction()->getName().compare( StringRef("strcasecmp")) || !callInst->getCalledFunction()->getName().compare( StringRef("strncasecmp")); - if (isSizedcmp) { - - Value * op2 = callInst->getArgOperand(2); - ConstantInt *ilen = dyn_cast<ConstantInt>(op2); - sizedLen = ilen->getZExtValue(); - - } else { - - sizedLen = 0; - - } - if (!(HasStr1 || HasStr2)) { // do we have a saved local or global variable initialization? @@ -389,35 +385,46 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, } + if (isConstSized) { + + Value * op2 = callInst->getArgOperand(2); + constSizedLen = dyn_cast<ConstantInt>(op2)->getZExtValue(); + + } + if (HasStr1) { TmpConstStr = Str1.str(); VarStr = Str2P; - constLen = isMemcmp ? sizedLen : TmpConstStr.length(); } else { TmpConstStr = Str2.str(); VarStr = Str1P; - constLen = isMemcmp ? sizedLen : TmpConstStr.length(); } - /* properly handle zero terminated C strings by adding the terminating 0 to - * the StringRef (in comparison to std::string a StringRef has built-in - * runtime bounds checking, which makes debugging easier) */ + // add null termination character implicit in c strings TmpConstStr.append("\0", 1); - if (!sizedLen) constLen++; + + // in the unusual case the const str has embedded null + // characters, the string comparison functions should terminate + // at the first null + if (!isMemcmp) + TmpConstStr.assign(TmpConstStr, 0, TmpConstStr.find('\0') + 1); + + constStrLen = TmpConstStr.length(); + // prefer use of StringRef (in comparison to std::string a StringRef has + // built-in runtime bounds checking, which makes debugging easier) ConstStr = StringRef(TmpConstStr); - // fprintf(stderr, "issized: %d, const > sized ? %u > %u\n", isSizedcmp, - // constLen, sizedLen); - if (isSizedcmp && constLen > sizedLen && sizedLen) constLen = sizedLen; - if (constLen > TmpConstStr.length()) constLen = TmpConstStr.length(); - if (!constLen) constLen = TmpConstStr.length(); - if (!constLen) continue; + + if (isConstSized) + unrollLen = constSizedLen < constStrLen ? constSizedLen : constStrLen; + else + unrollLen = constStrLen; if (!be_quiet) - errs() << callInst->getCalledFunction()->getName() << ": len " << constLen + errs() << callInst->getCalledFunction()->getName() << ": len " << unrollLen << ": " << ConstStr << "\n"; /* split before the call instruction */ @@ -426,7 +433,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, BasicBlock *next_bb = BasicBlock::Create(C, "cmp_added", end_bb->getParent(), end_bb); BranchInst::Create(end_bb, next_bb); - PHINode *PN = PHINode::Create(Int32Ty, constLen + 1, "cmp_phi"); + PHINode *PN = PHINode::Create(Int32Ty, unrollLen + 1, "cmp_phi"); #if LLVM_VERSION_MAJOR < 8 TerminatorInst *term = bb->getTerminator(); @@ -436,7 +443,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, BranchInst::Create(next_bb, bb); term->eraseFromParent(); - for (uint64_t i = 0; i < constLen; i++) { + for (uint64_t i = 0; i < unrollLen; i++) { BasicBlock * cur_bb = next_bb; unsigned char c; @@ -473,7 +480,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, Value *sext = IRB.CreateSExt(isub, Int32Ty); PN->addIncoming(sext, cur_bb); - if (i < constLen - 1) { + if (i < unrollLen - 1) { next_bb = BasicBlock::Create(C, "cmp_added", end_bb->getParent(), end_bb); -- cgit 1.4.1 From 707145c491366825b5595eada29fbb2e87e800fd Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Mon, 25 May 2020 16:40:55 +0200 Subject: persistent mode: shared memory test case transfer --- docs/Changelog.md | 2 + examples/persistent_demo/persistent_demo.c | 14 ++- examples/persistent_demo/persistent_demo_new.c | 118 +++++++++++++++++++++++++ include/afl-fuzz.h | 1 + include/config.h | 4 + include/forkserver.h | 8 ++ include/types.h | 3 +- llvm_mode/afl-clang-fast.c | 8 ++ llvm_mode/afl-llvm-rt.o.c | 91 +++++++++++++++++-- src/afl-forkserver.c | 79 ++++++++++++----- src/afl-fuzz-init.c | 24 +++++ src/afl-fuzz-run.c | 10 +++ src/afl-fuzz.c | 8 ++ 13 files changed, 340 insertions(+), 30 deletions(-) create mode 100644 examples/persistent_demo/persistent_demo_new.c diff --git a/docs/Changelog.md b/docs/Changelog.md index 6115a0cc..884de0b1 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -10,6 +10,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. ### Version ++2.65d (dev) + - initial support for persistent mode shared memory testcase handover + (instead of via files/stdin) - afl-fuzz: - -S slaves now only sync from the master to increase performance, the -M master stilly syncs from everyone. Added checks that exactly diff --git a/examples/persistent_demo/persistent_demo.c b/examples/persistent_demo/persistent_demo.c index 36f12850..41cd9e38 100644 --- a/examples/persistent_demo/persistent_demo.c +++ b/examples/persistent_demo/persistent_demo.c @@ -63,7 +63,7 @@ int main(int argc, char **argv) { We just have some trivial inline code that faults on 'foo!'. */ /* do we have enough data? */ - if (len < 4) return 0; + if (len < 8) return 0; if (buf[0] == 'f') { @@ -77,7 +77,17 @@ int main(int argc, char **argv) { if (buf[3] == '!') { printf("four\n"); - abort(); + if (buf[4] == '!') { + + printf("five\n"); + if (buf[5] == '!') { + + printf("six\n"); + abort(); + + } + + } } diff --git a/examples/persistent_demo/persistent_demo_new.c b/examples/persistent_demo/persistent_demo_new.c new file mode 100644 index 00000000..fffd40b6 --- /dev/null +++ b/examples/persistent_demo/persistent_demo_new.c @@ -0,0 +1,118 @@ +/* + american fuzzy lop++ - persistent mode example + -------------------------------------------- + + Originally written by Michal Zalewski + + Copyright 2015 Google Inc. All rights reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at: + + http://www.apache.org/licenses/LICENSE-2.0 + + This file demonstrates the high-performance "persistent mode" that may be + suitable for fuzzing certain fast and well-behaved libraries, provided that + they are stateless or that their internal state can be easily reset + across runs. + + To make this work, the library and this shim need to be compiled in LLVM + mode using afl-clang-fast (other compiler wrappers will *not* work). + + */ + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <signal.h> +#include <string.h> + +__AFL_FUZZ_INIT(); + +unsigned int crc32_for_byte(unsigned int r) { + + for (int j = 0; j < 8; ++j) + r = (r & 1 ? 0 : (unsigned int)0xEDB88320L) ^ r >> 1; + return r ^ (unsigned int)0xFF000000L; + +} + +unsigned int crc32(unsigned char *data, unsigned int n_bytes) { + + static unsigned char table[0x100]; + unsigned int crc = 0; + if (!*table) + for (unsigned int i = 0; i < 0x100; ++i) + table[i] = crc32_for_byte(i); + for (unsigned int i = 0; i < n_bytes; ++i) + crc = table[(unsigned char)crc ^ (data)[i]] ^ crc >> 8; + return crc; + +} + +/* Main entry point. */ + +int main(int argc, char **argv) { + + ssize_t len; /* how much input did we read? */ + unsigned char *buf; /* test case buffer pointer */ + + /* The number passed to __AFL_LOOP() controls the maximum number of + iterations before the loop exits and the program is allowed to + terminate normally. This limits the impact of accidental memory leaks + and similar hiccups. */ + + buf = __AFL_FUZZ_TESTCASE_BUF; + + while (__AFL_LOOP(1000)) { + + len = __AFL_FUZZ_TESTCASE_LEN; + + /* do we have enough data? */ + if (len < 8) return 0; + + if (buf[0] == 'f') { + + printf("one\n"); + if (buf[1] == 'o') { + + printf("two\n"); + if (buf[2] == 'o') { + + printf("three\n"); + if (buf[3] == '!') { + + printf("four\n"); + if (buf[4] == '!') { + + printf("five\n"); + if (buf[6] == '!') { + + printf("six\n"); + abort(); + + } + + } + + } + + } + + } + + } + + /*** END PLACEHOLDER CODE ***/ + + } + + /* Once the loop is exited, terminate normally - AFL will restart the process + when this happens, with a clean slate when it comes to allocated memory, + leftover file descriptors, etc. */ + + return 0; + +} + diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index 6e74f824..32ae2a58 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -342,6 +342,7 @@ typedef struct afl_state { afl_forkserver_t fsrv; sharedmem_t shm; + sharedmem_t * shm_fuzz; afl_env_vars_t afl_env; char **argv; /* argv if needed */ diff --git a/include/config.h b/include/config.h index 6fde8b36..57efd0f6 100644 --- a/include/config.h +++ b/include/config.h @@ -304,6 +304,10 @@ #define SHM_ENV_VAR "__AFL_SHM_ID" +/* Environment variable used to pass SHM FUZZ ID to the called program. */ + +#define SHM_FUZZ_ENV_VAR "__AFL_SHM_FUZZ_ID" + /* Other less interesting, internal-only variables. */ #define CLANG_ENV_VAR "__AFL_CLANG_MODE" diff --git a/include/forkserver.h b/include/forkserver.h index e8ac2837..00555d7e 100644 --- a/include/forkserver.h +++ b/include/forkserver.h @@ -73,10 +73,18 @@ typedef struct afl_forkserver { u8 last_kill_signal; /* Signal that killed the child */ + u8 use_shdmen_fuzz; /* use shared mem for test cases */ + + u8 support_shdmen_fuzz; /* set by afl-fuzz */ + u8 use_fauxsrv; /* Fauxsrv for non-forking targets? */ u8 qemu_mode; /* if running in qemu mode or not */ + u32 shdmem_fuzz_len; /* length of the fuzzing test case */ + + u8 *shdmem_fuzz; /* allocated memory for fuzzing */ + char *cmplog_binary; /* the name of the cmplog binary */ /* Function to kick off the forkserver child */ diff --git a/include/types.h b/include/types.h index f95c4be2..95ca2689 100644 --- a/include/types.h +++ b/include/types.h @@ -43,10 +43,11 @@ typedef uint32_t u32; #define FS_ERROR_MMAP 16 /* Reporting options */ -#define FS_OPT_ENABLED 0x8f000001 +#define FS_OPT_ENABLED 0x80000001 #define FS_OPT_MAPSIZE 0x40000000 #define FS_OPT_SNAPSHOT 0x20000000 #define FS_OPT_AUTODICT 0x10000000 +#define FS_OPT_SHDMEM_FUZZ 0x01000000 // FS_OPT_MAX_MAPSIZE is 8388608 = 0x800000 = 2^23 = 1 << 22 #define FS_OPT_MAX_MAPSIZE ((0x00fffffe >> 1) + 1) #define FS_OPT_GET_MAPSIZE(x) (((x & 0x00fffffe) >> 1) + 1) diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index 8791c5ae..e8f20bb2 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -489,6 +489,14 @@ static void edit_params(u32 argc, char **argv, char **envp) { */ + cc_params[cc_par_cnt++] = + "-D__AFL_FUZZ_INIT()=" + "int __afl_sharedmem_fuzzing = 1;" + "extern unsigned int __afl_fuzz_len;" + "extern unsigned char *__afl_fuzz_ptr;"; + cc_params[cc_par_cnt++] = "-D__AFL_FUZZ_TESTCASE_BUF=__afl_fuzz_ptr"; + cc_params[cc_par_cnt++] = "-D__AFL_FUZZ_TESTCASE_LEN=__afl_fuzz_len"; + cc_params[cc_par_cnt++] = "-D__AFL_LOOP(_A)=" "({ static volatile char *_B __attribute__((used)); " diff --git a/llvm_mode/afl-llvm-rt.o.c b/llvm_mode/afl-llvm-rt.o.c index dac35796..a461bc03 100644 --- a/llvm_mode/afl-llvm-rt.o.c +++ b/llvm_mode/afl-llvm-rt.o.c @@ -76,6 +76,8 @@ u8 __afl_area_initial[MAP_SIZE]; #endif u8 *__afl_area_ptr = __afl_area_initial; u8 *__afl_dictionary; +u8 *__afl_fuzz_ptr; +u32 __afl_fuzz_len; u32 __afl_final_loc; u32 __afl_map_size = MAP_SIZE; @@ -92,6 +94,8 @@ __thread u32 __afl_prev_ctx; __thread u32 __afl_cmp_counter; #endif +int __afl_sharedmem_fuzzing __attribute__((weak)); + struct cmp_map *__afl_cmp_map; /* Running in persistent mode? */ @@ -109,6 +113,59 @@ void send_forkserver_error(int error) { } +/* SHM fuzzing setup. */ + +static void __afl_map_shm_fuzz() { + + char *id_str = getenv(SHM_FUZZ_ENV_VAR); + + if (id_str) { + +#ifdef USEMMAP + const char * shm_file_path = id_str; + int shm_fd = -1; + unsigned char *shm_base = NULL; + + /* create the shared memory segment as if it was a file */ + shm_fd = shm_open(shm_file_path, O_RDWR, 0600); + if (shm_fd == -1) { + + fprintf(stderr, "shm_open() failed for fuzz\n"); + send_forkserver_error(FS_ERROR_SHM_OPEN); + exit(1); + + } + + __afl_fuzz_ptr = mmap(0, MAX_FILE, PROT_READ, MAP_SHARED, shm_fd, 0); + +#else + u32 shm_id = atoi(id_str); + + __afl_fuzz_ptr = shmat(shm_id, NULL, 0); + +#endif + + /* Whooooops. */ + + if (__afl_fuzz_ptr == (void *)-1) { + + fprintf(stderr, "Error: could not access fuzzing shared memory\n"); + exit(1); + + } + + if (getenv("AFL_DEBUG")) + fprintf(stderr, "DEBUG: successfully got fuzzing shared memory\n"); + + } else { + + fprintf(stderr, "Error: variable for fuzzing shared memory is not set\n"); + exit(1); + + } + +} + /* SHM setup. */ static void __afl_map_shm(void) { @@ -310,17 +367,25 @@ static void __afl_start_snapshots(void) { assume we're not running in forkserver mode and just execute program. */ status |= (FS_OPT_ENABLED | FS_OPT_SNAPSHOT); + if (__afl_sharedmem_fuzzing != 0) status |= FS_OPT_SHDMEM_FUZZ; if (__afl_map_size <= FS_OPT_MAX_MAPSIZE) status |= (FS_OPT_SET_MAPSIZE(__afl_map_size) | FS_OPT_MAPSIZE); - if (__afl_dictionary_len > 0 && __afl_dictionary) status |= FS_OPT_AUTODICT; + if (__afl_dictionary_len && __afl_dictionary) status |= FS_OPT_AUTODICT; memcpy(tmp, &status, 4); if (write(FORKSRV_FD + 1, tmp, 4) != 4) return; - if (__afl_dictionary_len > 0 && __afl_dictionary) { + if (__afl_sharedmem_fuzzing || (__afl_dictionary_len && __afl_dictionary)) { if (read(FORKSRV_FD, &was_killed, 4) != 4) _exit(1); + if ((was_killed & (0xffffffff & (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ))) == + (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ)) { + + __afl_map_shm_fuzz(); + + } + if ((was_killed & (FS_OPT_ENABLED | FS_OPT_AUTODICT)) == (FS_OPT_ENABLED | FS_OPT_AUTODICT)) { @@ -357,7 +422,7 @@ static void __afl_start_snapshots(void) { // uh this forkserver master does not understand extended option passing // or does not want the dictionary - already_read_first = 1; + if (!__afl_fuzz_ptr) already_read_first = 1; } @@ -378,6 +443,9 @@ static void __afl_start_snapshots(void) { } + __afl_fuzz_len = (was_killed >> 8); + was_killed = (was_killed & 0xff); + /* If we stopped the child in persistent mode, but there was a race condition and afl-fuzz already issued SIGKILL, write off the old process. */ @@ -473,7 +541,8 @@ static void __afl_start_forkserver(void) { if (__afl_map_size <= FS_OPT_MAX_MAPSIZE) status |= (FS_OPT_SET_MAPSIZE(__afl_map_size) | FS_OPT_MAPSIZE); - if (__afl_dictionary_len > 0 && __afl_dictionary) status |= FS_OPT_AUTODICT; + if (__afl_dictionary_len && __afl_dictionary) status |= FS_OPT_AUTODICT; + if (__afl_sharedmem_fuzzing != 0) status |= FS_OPT_SHDMEM_FUZZ; if (status) status |= (FS_OPT_ENABLED); memcpy(tmp, &status, 4); @@ -482,10 +551,17 @@ static void __afl_start_forkserver(void) { if (write(FORKSRV_FD + 1, tmp, 4) != 4) return; - if (__afl_dictionary_len > 0 && __afl_dictionary) { + if (__afl_sharedmem_fuzzing || (__afl_dictionary_len && __afl_dictionary)) { if (read(FORKSRV_FD, &was_killed, 4) != 4) _exit(1); + if ((was_killed & (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ)) == + (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ)) { + + __afl_map_shm_fuzz(); + + } + if ((was_killed & (FS_OPT_ENABLED | FS_OPT_AUTODICT)) == (FS_OPT_ENABLED | FS_OPT_AUTODICT)) { @@ -522,7 +598,7 @@ static void __afl_start_forkserver(void) { // uh this forkserver master does not understand extended option passing // or does not want the dictionary - already_read_first = 1; + if (!__afl_fuzz_ptr) already_read_first = 1; } @@ -544,6 +620,9 @@ static void __afl_start_forkserver(void) { } + __afl_fuzz_len = (was_killed >> 8); + was_killed = (was_killed & 0xff); + /* If we stopped the child in persistent mode, but there was a race condition and afl-fuzz already issued SIGKILL, write off the old process. */ diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index b67aedde..137a4f99 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -442,7 +442,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, if ((status & FS_OPT_ENABLED) == FS_OPT_ENABLED) { - if (!be_quiet && getenv("AFL_DEBUG")) { + if (getenv("AFL_DEBUG")) { ACTF("Extended forkserver functions received (%08x).", status); @@ -455,6 +455,28 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, } + if ((status & FS_OPT_SHDMEM_FUZZ) == FS_OPT_SHDMEM_FUZZ) { + + if (fsrv->support_shdmen_fuzz) { + + fsrv->use_shdmen_fuzz = 1; + if (!be_quiet) { ACTF("Using SHARED MEMORY FUZZING feature."); } + + if ((status & FS_OPT_AUTODICT) == 0) { + + u32 send_status = (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ); + if (write(fsrv->fsrv_ctl_fd, &send_status, 4) != 4) { + + FATAL("Writing to forkserver failed."); + + } + + } + + } + + } + if ((status & FS_OPT_MAPSIZE) == FS_OPT_MAPSIZE) { u32 tmp_map_size = FS_OPT_GET_MAPSIZE(status); @@ -490,7 +512,10 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, if (fsrv->function_ptr == NULL || fsrv->function_opt == NULL) { // this is not afl-fuzz - we deny and return - status = (0xffffffff ^ (FS_OPT_ENABLED | FS_OPT_AUTODICT)); + if (fsrv->use_shdmen_fuzz) + status = (FS_OPT_ENABLED | FS_OPT_AUTODICT | FS_OPT_SHDMEM_FUZZ); + else + status = (FS_OPT_ENABLED | FS_OPT_AUTODICT); if (write(fsrv->fsrv_ctl_fd, &status, 4) != 4) { FATAL("Writing to forkserver failed."); @@ -749,39 +774,48 @@ static void afl_fsrv_kill(afl_forkserver_t *fsrv) { void afl_fsrv_write_to_testcase(afl_forkserver_t *fsrv, u8 *buf, size_t len) { - s32 fd = fsrv->out_fd; + if (fsrv->shdmem_fuzz) { - if (fsrv->out_file) { + memcpy(fsrv->shdmem_fuzz, buf, len); + fsrv->shdmem_fuzz_len = len; - if (fsrv->no_unlink) { + } else { - fd = open(fsrv->out_file, O_WRONLY | O_CREAT | O_TRUNC, 0600); + s32 fd = fsrv->out_fd; - } else { + if (fsrv->out_file) { - unlink(fsrv->out_file); /* Ignore errors. */ - fd = open(fsrv->out_file, O_WRONLY | O_CREAT | O_EXCL, 0600); + if (fsrv->no_unlink) { - } + fd = open(fsrv->out_file, O_WRONLY | O_CREAT | O_TRUNC, 0600); - if (fd < 0) { PFATAL("Unable to create '%s'", fsrv->out_file); } + } else { - } else { + unlink(fsrv->out_file); /* Ignore errors. */ + fd = open(fsrv->out_file, O_WRONLY | O_CREAT | O_EXCL, 0600); - lseek(fd, 0, SEEK_SET); + } - } + if (fd < 0) { PFATAL("Unable to create '%s'", fsrv->out_file); } - ck_write(fd, buf, len, fsrv->out_file); + } else { - if (!fsrv->out_file) { + lseek(fd, 0, SEEK_SET); - if (ftruncate(fd, len)) { PFATAL("ftruncate() failed"); } - lseek(fd, 0, SEEK_SET); + } - } else { + ck_write(fd, buf, len, fsrv->out_file); - close(fd); + if (!fsrv->out_file) { + + if (ftruncate(fd, len)) { PFATAL("ftruncate() failed"); } + lseek(fd, 0, SEEK_SET); + + } else { + + close(fd); + + } } @@ -795,6 +829,7 @@ fsrv_run_result_t afl_fsrv_run_target(afl_forkserver_t *fsrv, u32 timeout, s32 res; u32 exec_ms; + u32 write_value = fsrv->last_run_timed_out; /* After this memset, fsrv->trace_bits[] are effectively volatile, so we must prevent any earlier operations from venturing into that @@ -804,10 +839,12 @@ fsrv_run_result_t afl_fsrv_run_target(afl_forkserver_t *fsrv, u32 timeout, MEM_BARRIER(); + if (fsrv->shdmem_fuzz_len) write_value += (fsrv->shdmem_fuzz_len << 8); + /* we have the fork server (or faux server) up and running First, tell it if the previous run timed out. */ - if ((res = write(fsrv->fsrv_ctl_fd, &fsrv->last_run_timed_out, 4)) != 4) { + if ((res = write(fsrv->fsrv_ctl_fd, &write_value, 4)) != 4) { if (*stop_soon_p) { return 0; } RPFATAL(res, "Unable to request new process from fork server (OOM?)"); diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c index dd85a8f4..9349fefe 100644 --- a/src/afl-fuzz-init.c +++ b/src/afl-fuzz-init.c @@ -2153,6 +2153,30 @@ void check_binary(afl_state_t *afl, u8 *fname) { OKF(cPIN "Persistent mode binary detected."); setenv(PERSIST_ENV_VAR, "1", 1); afl->persistent_mode = 1; + // do not fail if we can not get the fuzzing shared mem + if ((afl->shm_fuzz = calloc(1, sizeof(sharedmem_t)))) { + + // we need to set the dumb mode to not overwrite the SHM_ENV_VAR + if ((afl->fsrv.shdmem_fuzz = afl_shm_init(afl->shm_fuzz, MAX_FILE, 1))) { + +#ifdef USEMMAP + setenv(SHM_FUZZ_ENV_VAR, afl->shm_fuzz->g_shm_file_path, 1); +#else + u8 *shm_str; + shm_str = alloc_printf("%d", afl->shm_fuzz->shm_id); + setenv(SHM_FUZZ_ENV_VAR, shm_str, 1); + ck_free(shm_str); +#endif + afl->fsrv.support_shdmen_fuzz = 1; + + } else { + + free(afl->shm_fuzz); + afl->shm_fuzz = NULL; + + } + + } } else if (getenv("AFL_PERSISTENT")) { diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c index 8a1f02a7..04450363 100644 --- a/src/afl-fuzz-run.c +++ b/src/afl-fuzz-run.c @@ -231,6 +231,16 @@ u8 calibrate_case(afl_state_t *afl, struct queue_entry *q, u8 *use_mem, afl_fsrv_start(&afl->fsrv, afl->argv, &afl->stop_soon, afl->afl_env.afl_debug_child_output); + if (afl->fsrv.support_shdmen_fuzz && !afl->fsrv.use_shdmen_fuzz) { + + afl_shm_deinit(afl->shm_fuzz); + free(afl->shm_fuzz); + afl->shm_fuzz = NULL; + afl->fsrv.support_shdmen_fuzz = 0; + afl->fsrv.shdmem_fuzz = NULL; + + } + } if (q->exec_cksum) { diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index c07371a8..e024e9a4 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -1379,6 +1379,14 @@ stop_fuzzing: destroy_extras(afl); destroy_custom_mutators(afl); afl_shm_deinit(&afl->shm); + + if (afl->shm_fuzz) { + + afl_shm_deinit(afl->shm_fuzz); + free(afl->shm_fuzz); + + } + afl_fsrv_deinit(&afl->fsrv); if (afl->orig_cmdline) { ck_free(afl->orig_cmdline); } ck_free(afl->fsrv.target_path); -- cgit 1.4.1 From de78f867a48dcfa0c7b855c32f94f88c3ede7f1b Mon Sep 17 00:00:00 2001 From: hexcoder <hexcoder-@users.noreply.github.com> Date: Mon, 25 May 2020 18:16:37 +0200 Subject: Changelog: typos --- docs/Changelog.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 884de0b1..9d4d7815 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -14,8 +14,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. (instead of via files/stdin) - afl-fuzz: - -S slaves now only sync from the master to increase performance, - the -M master stilly syncs from everyone. Added checks that exactly - one master is present and warn otherwise + the -M master still syncs from everyone. Added checks that ensure + exactly one master is present and warn otherwise - If no master is present at a sync one slave automatically becomes a temporary master until a real master shows up - llvm_mode: @@ -29,7 +29,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - added AFL_LLVM_LAF_ALL, sets all laf-intel settings - LTO whitelist functionality rewritten, now main, _init etc functions need not to be whitelisted anymore - - fixed crash in compare-transform-pass when strcasemp/strncasecmp was + - fixed crash in compare-transform-pass when strcasecmp/strncasecmp was tried to be instrumented with LTO - fixed crash in cmplog with LTO - fixed afl-gcc/afl-as that could break on fast systems reusing pids in -- cgit 1.4.1 From a0da53117081cbca03674224cad26e5dd2fe5eaf Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Mon, 25 May 2020 22:09:00 +0200 Subject: libfuzzer driver + llvm_mode compilation optimization --- examples/aflpp_driver/Makefile | 24 +++ examples/aflpp_driver/aflpp_driver.cpp | 281 +++++++++++++++++++++++++++++++++ llvm_mode/GNUmakefile | 6 +- 3 files changed, 308 insertions(+), 3 deletions(-) create mode 100644 examples/aflpp_driver/Makefile create mode 100644 examples/aflpp_driver/aflpp_driver.cpp diff --git a/examples/aflpp_driver/Makefile b/examples/aflpp_driver/Makefile new file mode 100644 index 00000000..6f7c7bc9 --- /dev/null +++ b/examples/aflpp_driver/Makefile @@ -0,0 +1,24 @@ +ifeq "" "$(LLVM_CONFIG)" + LLVM_CONFIG=llvm-config +endif + +LLVM_BINDIR = $(shell $(LLVM_CONFIG) --bindir 2>/dev/null) +ifneq "" "$(LLVM_BINDIR)" + LLVM_BINDIR := $(LLVM_BINDIR)/ +endif + + + +all: libAFLDriver.a + +aflpp_driver.o: aflpp_driver.cpp + $(LLVM_BINDIR)clang++ -O3 -march=native -stdlib=libc++ -funroll-loops -std=c++11 -c aflpp_driver.cpp + +afl-llvm-rt.o: ../../llvm_mode/afl-llvm-rt.o.c + $(LLVM_BINDIR)clang++ -O3 -march=native -funroll-loops -stdlib=libc++ -std=c++11 -c aflpp_driver.cpp + +libAFLDriver.a: aflpp_driver.o afl-llvm-rt.o + ar ru libAFLDriver.a aflpp_driver.o + +clean: + rm -f *.o libAFLDriver.a *~ core diff --git a/examples/aflpp_driver/aflpp_driver.cpp b/examples/aflpp_driver/aflpp_driver.cpp new file mode 100644 index 00000000..3dcc8c3c --- /dev/null +++ b/examples/aflpp_driver/aflpp_driver.cpp @@ -0,0 +1,281 @@ +//===- afl_driver.cpp - a glue between AFL and libFuzzer --------*- C++ -* ===// +// +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception +//===----------------------------------------------------------------------===// + +/* This file allows to fuzz libFuzzer-style target functions + (LLVMFuzzerTestOneInput) with AFL using AFL's persistent (in-process) mode. + +Usage: +################################################################################ +cat << EOF > test_fuzzer.cc +#include <stddef.h> +#include <stdint.h> +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (size > 0 && data[0] == 'H') + if (size > 1 && data[1] == 'I') + if (size > 2 && data[2] == '!') + __builtin_trap(); + return 0; +} +EOF +# Build your target with -fsanitize-coverage=trace-pc-guard using fresh clang. +clang -g -fsanitize-coverage=trace-pc-guard test_fuzzer.cc -c +# Build afl-llvm-rt.o.c from the AFL distribution. +clang -c -w $AFL_HOME/llvm_mode/afl-llvm-rt.o.c +# Build this file, link it with afl-llvm-rt.o.o and the target code. +clang++ afl_driver.cpp test_fuzzer.o afl-llvm-rt.o.o +# Run AFL: +rm -rf IN OUT; mkdir IN OUT; echo z > IN/z; +$AFL_HOME/afl-fuzz -i IN -o OUT ./a.out +################################################################################ +AFL_DRIVER_STDERR_DUPLICATE_FILENAME: Setting this *appends* stderr to the file +specified. If the file does not exist, it is created. This is useful for getting +stack traces (when using ASAN for example) or original error messages on hard +to reproduce bugs. Note that any content written to stderr will be written to +this file instead of stderr's usual location. + +AFL_DRIVER_CLOSE_FD_MASK: Similar to libFuzzer's -close_fd_mask behavior option. +If 1, close stdout at startup. If 2 close stderr; if 3 close both. + +*/ +#include <assert.h> +#include <errno.h> +#include <stdarg.h> +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> + +#include <fstream> +#include <iostream> +#include <vector> + +// Platform detection. Copied from FuzzerInternal.h +#ifdef __linux__ +#define LIBFUZZER_LINUX 1 +#define LIBFUZZER_APPLE 0 +#define LIBFUZZER_NETBSD 0 +#define LIBFUZZER_FREEBSD 0 +#define LIBFUZZER_OPENBSD 0 +#elif __APPLE__ +#define LIBFUZZER_LINUX 0 +#define LIBFUZZER_APPLE 1 +#define LIBFUZZER_NETBSD 0 +#define LIBFUZZER_FREEBSD 0 +#define LIBFUZZER_OPENBSD 0 +#elif __NetBSD__ +#define LIBFUZZER_LINUX 0 +#define LIBFUZZER_APPLE 0 +#define LIBFUZZER_NETBSD 1 +#define LIBFUZZER_FREEBSD 0 +#define LIBFUZZER_OPENBSD 0 +#elif __FreeBSD__ +#define LIBFUZZER_LINUX 0 +#define LIBFUZZER_APPLE 0 +#define LIBFUZZER_NETBSD 0 +#define LIBFUZZER_FREEBSD 1 +#define LIBFUZZER_OPENBSD 0 +#elif __OpenBSD__ +#define LIBFUZZER_LINUX 0 +#define LIBFUZZER_APPLE 0 +#define LIBFUZZER_NETBSD 0 +#define LIBFUZZER_FREEBSD 0 +#define LIBFUZZER_OPENBSD 1 +#else +#error "Support for your platform has not been implemented" +#endif + +int __afl_sharedmem_fuzzing = 1; +extern unsigned int __afl_fuzz_len; +extern unsigned char *__afl_fuzz_ptr; + +// libFuzzer interface is thin, so we don't include any libFuzzer headers. +extern "C" { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); +__attribute__((weak)) int LLVMFuzzerInitialize(int *argc, char ***argv); +} + +// Notify AFL about persistent mode. +static volatile char AFL_PERSISTENT[] = "##SIG_AFL_PERSISTENT##"; +extern "C" int __afl_persistent_loop(unsigned int); +static volatile char suppress_warning2 = AFL_PERSISTENT[0]; + +// Notify AFL about deferred forkserver. +static volatile char AFL_DEFER_FORKSVR[] = "##SIG_AFL_DEFER_FORKSRV##"; +extern "C" void __afl_manual_init(); +static volatile char suppress_warning1 = AFL_DEFER_FORKSVR[0]; + +// Input buffer. +static const size_t kMaxAflInputSize = 1 << 20; +static uint8_t AflInputBuf[kMaxAflInputSize]; + +// Use this optionally defined function to output sanitizer messages even if +// user asks to close stderr. +__attribute__((weak)) extern "C" void __sanitizer_set_report_fd(void *); + +// Keep track of where stderr content is being written to, so that +// dup_and_close_stderr can use the correct one. +static FILE *output_file = stderr; + +// Experimental feature to use afl_driver without AFL's deferred mode. +// Needs to run before __afl_auto_init. +__attribute__((constructor(0))) static void __decide_deferred_forkserver(void) { + if (getenv("AFL_DRIVER_DONT_DEFER")) { + if (unsetenv("__AFL_DEFER_FORKSRV")) { + perror("Failed to unset __AFL_DEFER_FORKSRV"); + abort(); + } + } +} + +// If the user asks us to duplicate stderr, then do it. +static void maybe_duplicate_stderr() { + char *stderr_duplicate_filename = + getenv("AFL_DRIVER_STDERR_DUPLICATE_FILENAME"); + + if (!stderr_duplicate_filename) + return; + + FILE *stderr_duplicate_stream = + freopen(stderr_duplicate_filename, "a+", stderr); + + if (!stderr_duplicate_stream) { + fprintf( + stderr, + "Failed to duplicate stderr to AFL_DRIVER_STDERR_DUPLICATE_FILENAME"); + abort(); + } + output_file = stderr_duplicate_stream; +} + +// Most of these I/O functions were inspired by/copied from libFuzzer's code. +static void discard_output(int fd) { + FILE *temp = fopen("/dev/null", "w"); + if (!temp) + abort(); + dup2(fileno(temp), fd); + fclose(temp); +} + +static void close_stdout() { discard_output(STDOUT_FILENO); } + +// Prevent the targeted code from writing to "stderr" but allow sanitizers and +// this driver to do so. +static void dup_and_close_stderr() { + int output_fileno = fileno(output_file); + int output_fd = dup(output_fileno); + if (output_fd <= 0) + abort(); + FILE *new_output_file = fdopen(output_fd, "w"); + if (!new_output_file) + abort(); + if (!__sanitizer_set_report_fd) + return; + __sanitizer_set_report_fd(reinterpret_cast<void *>(output_fd)); + discard_output(output_fileno); +} + +static void Printf(const char *Fmt, ...) { + va_list ap; + va_start(ap, Fmt); + vfprintf(output_file, Fmt, ap); + va_end(ap); + fflush(output_file); +} + +// Close stdout and/or stderr if user asks for it. +static void maybe_close_fd_mask() { + char *fd_mask_str = getenv("AFL_DRIVER_CLOSE_FD_MASK"); + if (!fd_mask_str) + return; + int fd_mask = atoi(fd_mask_str); + if (fd_mask & 2) + dup_and_close_stderr(); + if (fd_mask & 1) + close_stdout(); +} + +// Define LLVMFuzzerMutate to avoid link failures for targets that use it +// with libFuzzer's LLVMFuzzerCustomMutator. +extern "C" size_t LLVMFuzzerMutate(uint8_t *Data, size_t Size, size_t MaxSize) { + assert(false && "LLVMFuzzerMutate should not be called from afl_driver"); + return 0; +} + +// Execute any files provided as parameters. +static int ExecuteFilesOnyByOne(int argc, char **argv) { + for (int i = 1; i < argc; i++) { + std::ifstream in(argv[i], std::ios::binary); + in.seekg(0, in.end); + size_t length = in.tellg(); + in.seekg (0, in.beg); + std::cout << "Reading " << length << " bytes from " << argv[i] << std::endl; + // Allocate exactly length bytes so that we reliably catch buffer overflows. + std::vector<char> bytes(length); + in.read(bytes.data(), bytes.size()); + assert(in); + LLVMFuzzerTestOneInput(reinterpret_cast<const uint8_t *>(bytes.data()), + bytes.size()); + std::cout << "Execution successful" << std::endl; + } + return 0; +} + +int main(int argc, char **argv) { + Printf( + "======================= INFO =========================\n" + "This binary is built for AFL-fuzz.\n" + "To run the target function on individual input(s) execute this:\n" + " %s < INPUT_FILE\n" + "or\n" + " %s INPUT_FILE1 [INPUT_FILE2 ... ]\n" + "To fuzz with afl-fuzz execute this:\n" + " afl-fuzz [afl-flags] %s [-N]\n" + "afl-fuzz will run N iterations before " + "re-spawning the process (default: 1000)\n" + "======================================================\n", + argv[0], argv[0], argv[0]); + + maybe_duplicate_stderr(); + maybe_close_fd_mask(); + if (LLVMFuzzerInitialize) + LLVMFuzzerInitialize(&argc, &argv); + // Do any other expensive one-time initialization here. + + int N = 1000; + if (argc == 2 && argv[1][0] == '-') + N = atoi(argv[1] + 1); + else if(argc == 2 && (N = atoi(argv[1])) > 0) + Printf("WARNING: using the deprecated call style `%s %d`\n", argv[0], N); + else if (argc > 1) { + if (!getenv("AFL_DRIVER_DONT_DEFER")) { + __afl_sharedmem_fuzzing = 0; + __afl_manual_init(); + } + return ExecuteFilesOnyByOne(argc, argv); + exit(0); + } + + assert(N > 0); + + if (!getenv("AFL_DRIVER_DONT_DEFER")) + __afl_manual_init(); + + // Call LLVMFuzzerTestOneInput here so that coverage caused by initialization + // on the first execution of LLVMFuzzerTestOneInput is ignored. + uint8_t dummy_input[1] = {0}; + LLVMFuzzerTestOneInput(dummy_input, 1); + + int num_runs = 0; + while (__afl_persistent_loop(N)) { + if (__afl_fuzz_len > 0) { + num_runs++; + LLVMFuzzerTestOneInput(__afl_fuzz_ptr, __afl_fuzz_len); + } + } + Printf("%s: successfully executed %d input(s)\n", argv[0], num_runs); +} diff --git a/llvm_mode/GNUmakefile b/llvm_mode/GNUmakefile index 0a99202d..c0641450 100644 --- a/llvm_mode/GNUmakefile +++ b/llvm_mode/GNUmakefile @@ -355,15 +355,15 @@ endif $(CXX) $(CLANG_CFL) -shared $< -o $@ $(CLANG_LFL) afl-llvm-common.o ../afl-llvm-rt.o: afl-llvm-rt.o.c | test_deps - $(CC) $(CFLAGS) -Wno-unused-result -fPIC -c $< -o $@ + $(CLANG_BIN) $(CFLAGS) -Wno-unused-result -fPIC -c $< -o $@ ../afl-llvm-rt-32.o: afl-llvm-rt.o.c | test_deps @printf "[*] Building 32-bit variant of the runtime (-m32)... " - @$(CC) $(CFLAGS) -Wno-unused-result -m32 -fPIC -c $< -o $@ 2>/dev/null; if [ "$$?" = "0" ]; then echo "success!"; else echo "failed (that's fine)"; fi + @$(CC_SAVE) $(CFLAGS) -Wno-unused-result -m32 -fPIC -c $< -o $@ 2>/dev/null; if [ "$$?" = "0" ]; then echo "success!"; else echo "failed (that's fine)"; fi ../afl-llvm-rt-64.o: afl-llvm-rt.o.c | test_deps @printf "[*] Building 64-bit variant of the runtime (-m64)... " - @$(CC) $(CFLAGS) -Wno-unused-result -m64 -fPIC -c $< -o $@ 2>/dev/null; if [ "$$?" = "0" ]; then echo "success!"; else echo "failed (that's fine)"; fi + @$(CC_SAVE) $(CFLAGS) -Wno-unused-result -m64 -fPIC -c $< -o $@ 2>/dev/null; if [ "$$?" = "0" ]; then echo "success!"; else echo "failed (that's fine)"; fi test_build: $(PROGS) @echo "[*] Testing the CC wrapper and instrumentation output..." -- cgit 1.4.1 From 0994972c07333af3a1fecf694c6527517da966ca Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Mon, 25 May 2020 22:19:50 +0200 Subject: more performance testing --- GNUmakefile | 2 +- llvm_mode/GNUmakefile | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/GNUmakefile b/GNUmakefile index fbcc53de..0cb9ede8 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -55,7 +55,7 @@ ifneq "$(shell uname)" "Darwin" CFLAGS_OPT += -march=native endif # OS X does not like _FORTIFY_SOURCE=2 - CFLAGS_OPT += -D_FORTIFY_SOURCE=2 +# CFLAGS_OPT += -D_FORTIFY_SOURCE=2 endif ifdef STATIC diff --git a/llvm_mode/GNUmakefile b/llvm_mode/GNUmakefile index c0641450..a41dfbdf 100644 --- a/llvm_mode/GNUmakefile +++ b/llvm_mode/GNUmakefile @@ -196,7 +196,8 @@ ifeq "$(shell echo 'int main() {return 0; }' | $(CLANG_BIN) -x c - -fuse-ld=`com endif endif -CFLAGS ?= -O3 -funroll-loops -D_FORTIFY_SOURCE=2 +CFLAGS ?= -O3 -funroll-loops +# -D_FORTIFY_SOURCE=2 override CFLAGS += -Wall \ -g -Wno-pointer-sign -I ../include/ \ -DAFL_PATH=\"$(HELPER_PATH)\" -DBIN_PATH=\"$(BIN_PATH)\" \ @@ -209,7 +210,8 @@ ifdef AFL_TRACE_PC $(info Compile option AFL_TRACE_PC is deprecated, just set AFL_LLVM_INSTRUMENT=PCGUARD to activate when compiling targets ) endif -CXXFLAGS ?= -O3 -funroll-loops -D_FORTIFY_SOURCE=2 +CXXFLAGS ?= -O3 -funroll-loops +# -D_FORTIFY_SOURCE=2 override CXXFLAGS += -Wall -g -I ../include/ \ -DVERSION=\"$(VERSION)\" -Wno-variadic-macros -- cgit 1.4.1 From 7e4c5b36365e0448a7afaaee72e65792a90ab64e Mon Sep 17 00:00:00 2001 From: Robert Scott <code@humanleg.org.uk> Date: Fri, 22 May 2020 14:27:53 +0100 Subject: tests: add test of compiled compcov binary's functionality --- test/test-compcov.c | 14 ++++++++++++-- test/test.sh | 26 ++++++++++++++++++++------ 2 files changed, 32 insertions(+), 8 deletions(-) diff --git a/test/test-compcov.c b/test/test-compcov.c index a2202a22..4959c39c 100644 --- a/test/test-compcov.c +++ b/test/test-compcov.c @@ -20,9 +20,19 @@ int main(int argc, char **argv) { } if (strcmp(input, "LIBTOKENCAP") == 0) - printf("your string was libtokencap\n"); + printf("your string was LIBTOKENCAP\n"); else if (strcmp(input, "BUGMENOT") == 0) - printf("your string was bugmenot\n"); + printf("your string was BUGMENOT\n"); + else if (strncmp(input, "BANANA", 3) == 0) + printf("your string started with BAN\n"); + else if (strcmp(input, "APRI\0COT") == 0) + printf("your string was APRI\n"); + else if (strcasecmp(input, "Kiwi") == 0) + printf("your string was Kiwi\n"); + else if (strncasecmp(input, "avocado", 9) == 0) + printf("your string was avocado\n"); + else if (strncasecmp(input, "Grapes", argc > 2 ? atoi(argv[2]) : 3) == 0) + printf("your string was a prefix of Grapes\n"); else if (strcmp(input, "BUFFEROVERFLOW") == 0) { buf = (char *)malloc(16); diff --git a/test/test.sh b/test/test.sh index 8d9e7e00..7f1410ea 100755 --- a/test/test.sh +++ b/test/test.sh @@ -22,6 +22,20 @@ else GREPAOPTION= fi +test_compcov_binary_functionality() { + RUN="../afl-showmap -o /dev/null -- $1" + $RUN 'LIBTOKENCAP' | grep 'your string was LIBTOKENCAP' \ + && $RUN 'BUGMENOT' | grep 'your string was BUGMENOT' \ + && $RUN 'BANANA' | grep 'your string started with BAN' \ + && $RUN 'APRI' | grep 'your string was APRI' \ + && $RUN 'kiWI' | grep 'your string was Kiwi' \ + && $RUN 'Avocado' | grep 'your string was avocado' \ + && $RUN 'GRAX' 3 | grep 'your string was a prefix of Grapes' \ + && $RUN 'LOCALVARIABLE' | grep 'local var memcmp works!' \ + && $RUN 'abc' | grep 'short local var memcmp works!' \ + && $RUN 'GLOBALVARIABLE' | grep 'global var memcmp works!' +} > /dev/null + ECHO="printf %b\\n" $ECHO \\101 2>&1 | grep -qE '^A' || { ECHO= @@ -259,7 +273,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { $ECHO "$RED[!] llvm_mode failed" CODE=1 } - test -e test-compcov.harden && { + test -e test-compcov.harden && test_compcov_binary_functionality ./test-compcov.harden && { grep -Eq$GREPAOPTION 'stack_chk_fail|fstack-protector-all|fortified' test-compcov.harden > /dev/null 2>&1 && { $ECHO "$GREEN[+] llvm_mode hardened mode succeeded and is working" } || { @@ -360,8 +374,8 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { } AFL_LLVM_INSTRUMENT=AFL AFL_DEBUG=1 AFL_LLVM_LAF_SPLIT_SWITCHES=1 AFL_LLVM_LAF_TRANSFORM_COMPARES=1 AFL_LLVM_LAF_SPLIT_COMPARES=1 ../afl-clang-fast -o test-compcov.compcov test-compcov.c > test.out 2>&1 - test -e test-compcov.compcov && { - grep --binary-files=text -Eq " [ 12][0-9][0-9] location| [3-9][0-9] location" test.out && { + test -e test-compcov.compcov && test_compcov_binary_functionality ./test-compcov.compcov && { + grep --binary-files=text -Eq " [ 123][0-9][0-9] location| [3-9][0-9] location" test.out && { $ECHO "$GREEN[+] llvm_mode laf-intel/compcov feature works correctly" } || { $ECHO "$RED[!] llvm_mode laf-intel/compcov feature failed" @@ -374,7 +388,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { rm -f test-compcov.compcov test.out echo foobar.c > whitelist.txt AFL_DEBUG=1 AFL_LLVM_WHITELIST=whitelist.txt ../afl-clang-fast -o test-compcov test-compcov.c > test.out 2>&1 - test -e test-compcov && { + test -e test-compcov && test_compcov_binary_functionality ./test-compcov && { grep -q "No instrumentation targets found" test.out && { $ECHO "$GREEN[+] llvm_mode whitelist feature works correctly" } || { @@ -513,7 +527,7 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && { CODE=1 } - test -e test-compcov.harden.gccpi && { + test -e test-compcov.harden.gccpi && test_compcov_binary_functionality ./test-compcov.harden.gccpi && { grep -Eq$GREPAOPTION 'stack_chk_fail|fstack-protector-all|fortified' test-compcov.harden.gccpi > /dev/null 2>&1 && { $ECHO "$GREEN[+] gcc_plugin hardened mode succeeded and is working" } || { @@ -558,7 +572,7 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && { # now for the special gcc_plugin things echo foobar.c > whitelist.txt AFL_GCC_WHITELIST=whitelist.txt ../afl-gcc-fast -o test-compcov test-compcov.c > /dev/null 2>&1 - test -e test-compcov && { + test -e test-compcov && test_compcov_binary_functionality ./test-compcov && { echo 1 | ../afl-showmap -m ${MEM_LIMIT} -o - -r -- ./test-compcov 2>&1 | grep -q "Captured 1 tuples" && { $ECHO "$GREEN[+] gcc_plugin whitelist feature works correctly" } || { -- cgit 1.4.1 From f6808158c5983ed892b426d25a967996bbd4a400 Mon Sep 17 00:00:00 2001 From: Robert Scott <code@humanleg.org.uk> Date: Fri, 22 May 2020 14:32:17 +0100 Subject: llvm_mode compare-transform-pass: add handling of sized comparisons with non-const size this involved insertion of an extra length-checking bb for each character to see if we've hit the sized limit. --- llvm_mode/compare-transform-pass.so.cc | 79 +++++++++++++++++++++++----------- 1 file changed, 53 insertions(+), 26 deletions(-) diff --git a/llvm_mode/compare-transform-pass.so.cc b/llvm_mode/compare-transform-pass.so.cc index 4879994a..4e99aafb 100644 --- a/llvm_mode/compare-transform-pass.so.cc +++ b/llvm_mode/compare-transform-pass.so.cc @@ -321,7 +321,10 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, uint64_t literalLength = HasStr1 ? Str1.size() : Str2.size(); if (literalLength + 1 < ilen->getZExtValue()) continue; } - } else continue; + } else if (isMemcmp) + // this *may* supply a len greater than the constant string at + // runtime so similarly we don't want to have to handle that + continue; } calls.push_back(callInst); @@ -356,7 +359,8 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, StringRef("strncmp")) || !callInst->getCalledFunction()->getName().compare( StringRef("strncasecmp")); - bool isConstSized = isSizedcmp && isa<ConstantInt>(callInst->getArgOperand(2)); + Value *sizedValue = isSizedcmp ? callInst->getArgOperand(2) : NULL; + bool isConstSized = sizedValue && isa<ConstantInt>(sizedValue); bool isCaseInsensitive = !callInst->getCalledFunction()->getName().compare( StringRef("strcasecmp")) || !callInst->getCalledFunction()->getName().compare( @@ -387,8 +391,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, if (isConstSized) { - Value * op2 = callInst->getArgOperand(2); - constSizedLen = dyn_cast<ConstantInt>(op2)->getZExtValue(); + constSizedLen = dyn_cast<ConstantInt>(sizedValue)->getZExtValue(); } @@ -424,71 +427,95 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, unrollLen = constStrLen; if (!be_quiet) - errs() << callInst->getCalledFunction()->getName() << ": len " << unrollLen + errs() << callInst->getCalledFunction()->getName() << ": unroll len " << unrollLen + << ((isSizedcmp && !isConstSized) ? ", variable n" : "") << ": " << ConstStr << "\n"; /* split before the call instruction */ BasicBlock *bb = callInst->getParent(); BasicBlock *end_bb = bb->splitBasicBlock(BasicBlock::iterator(callInst)); - BasicBlock *next_bb = + + BasicBlock *next_lenchk_bb = NULL; + if (isSizedcmp && !isConstSized) { + next_lenchk_bb = BasicBlock::Create(C, "len_check", end_bb->getParent(), end_bb); + BranchInst::Create(end_bb, next_lenchk_bb); + } + BasicBlock *next_cmp_bb = BasicBlock::Create(C, "cmp_added", end_bb->getParent(), end_bb); - BranchInst::Create(end_bb, next_bb); - PHINode *PN = PHINode::Create(Int32Ty, unrollLen + 1, "cmp_phi"); + BranchInst::Create(end_bb, next_cmp_bb); + PHINode *PN = PHINode::Create(Int32Ty, (next_lenchk_bb ? 2 : 1) * unrollLen + 1, "cmp_phi"); + #if LLVM_VERSION_MAJOR < 8 TerminatorInst *term = bb->getTerminator(); #else Instruction *term = bb->getTerminator(); #endif - BranchInst::Create(next_bb, bb); + BranchInst::Create(next_lenchk_bb ? next_lenchk_bb : next_cmp_bb, bb); term->eraseFromParent(); for (uint64_t i = 0; i < unrollLen; i++) { - BasicBlock * cur_bb = next_bb; + BasicBlock *cur_cmp_bb = next_cmp_bb, *cur_lenchk_bb = next_lenchk_bb; unsigned char c; + if (cur_lenchk_bb) { + + IRBuilder<> cur_lenchk_IRB(&*(cur_lenchk_bb->getFirstInsertionPt())); + Value *icmp = cur_lenchk_IRB.CreateICmpEQ( + sizedValue, ConstantInt::get(Int64Ty, i)); + cur_lenchk_IRB.CreateCondBr(icmp, end_bb, cur_cmp_bb); + cur_lenchk_bb->getTerminator()->eraseFromParent(); + + PN->addIncoming(ConstantInt::get(Int32Ty, 0), cur_lenchk_bb); + + } + if (isCaseInsensitive) c = (unsigned char)(tolower((int)ConstStr[i]) & 0xff); else c = (unsigned char)ConstStr[i]; - BasicBlock::iterator IP = next_bb->getFirstInsertionPt(); - IRBuilder<> IRB(&*IP); + IRBuilder<> cur_cmp_IRB(&*(cur_cmp_bb->getFirstInsertionPt())); Value *v = ConstantInt::get(Int64Ty, i); - Value *ele = IRB.CreateInBoundsGEP(VarStr, v, "empty"); - Value *load = IRB.CreateLoad(ele); + Value *ele = cur_cmp_IRB.CreateInBoundsGEP(VarStr, v, "empty"); + Value *load = cur_cmp_IRB.CreateLoad(ele); if (isCaseInsensitive) { // load >= 'A' && load <= 'Z' ? load | 0x020 : load - load = IRB.CreateZExt(load, Int32Ty); + load = cur_cmp_IRB.CreateZExt(load, Int32Ty); std::vector<Value *> args; args.push_back(load); - load = IRB.CreateCall(tolowerFn, args, "tmp"); - load = IRB.CreateTrunc(load, Int8Ty); + load = cur_cmp_IRB.CreateCall(tolowerFn, args, "tmp"); + load = cur_cmp_IRB.CreateTrunc(load, Int8Ty); } Value *isub; if (HasStr1) - isub = IRB.CreateSub(ConstantInt::get(Int8Ty, c), load); + isub = cur_cmp_IRB.CreateSub(ConstantInt::get(Int8Ty, c), load); else - isub = IRB.CreateSub(load, ConstantInt::get(Int8Ty, c)); + isub = cur_cmp_IRB.CreateSub(load, ConstantInt::get(Int8Ty, c)); - Value *sext = IRB.CreateSExt(isub, Int32Ty); - PN->addIncoming(sext, cur_bb); + Value *sext = cur_cmp_IRB.CreateSExt(isub, Int32Ty); + PN->addIncoming(sext, cur_cmp_bb); if (i < unrollLen - 1) { - next_bb = + if (cur_lenchk_bb) { + next_lenchk_bb = BasicBlock::Create(C, "len_check", end_bb->getParent(), end_bb); + BranchInst::Create(end_bb, next_lenchk_bb); + } + + next_cmp_bb = BasicBlock::Create(C, "cmp_added", end_bb->getParent(), end_bb); - BranchInst::Create(end_bb, next_bb); + BranchInst::Create(end_bb, next_cmp_bb); - Value *icmp = IRB.CreateICmpEQ(isub, ConstantInt::get(Int8Ty, 0)); - IRB.CreateCondBr(icmp, next_bb, end_bb); - cur_bb->getTerminator()->eraseFromParent(); + Value *icmp = cur_cmp_IRB.CreateICmpEQ(isub, ConstantInt::get(Int8Ty, 0)); + cur_cmp_IRB.CreateCondBr(icmp, next_lenchk_bb ? next_lenchk_bb : next_cmp_bb, end_bb); + cur_cmp_bb->getTerminator()->eraseFromParent(); } else { -- cgit 1.4.1 From 996e1515b320fb2d44c367dea7b4d26f2d56f5df Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Tue, 26 May 2020 13:19:57 +0200 Subject: better performance compilation options for afl++ and targets --- GNUmakefile | 8 ++++---- TODO.md | 1 + docs/Changelog.md | 1 + examples/aflpp_driver/GNUmakefile | 27 +++++++++++++++++++++++++++ examples/aflpp_driver/Makefile | 26 ++------------------------ llvm_mode/GNUmakefile | 12 +++++------- llvm_mode/Makefile | 2 +- llvm_mode/afl-clang-fast.c | 6 +++--- llvm_mode/afl-llvm-rt.o.c | 4 ++-- 9 files changed, 46 insertions(+), 41 deletions(-) create mode 100644 examples/aflpp_driver/GNUmakefile diff --git a/GNUmakefile b/GNUmakefile index 0cb9ede8..14ecfaad 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -51,11 +51,11 @@ endif endif ifneq "$(shell uname)" "Darwin" - ifeq "$(shell echo 'int main() {return 0; }' | $(CC) $(CFLAGS) -Werror -x c - -march=native -o .test 2>/dev/null && echo 1 || echo 0 ; rm -f .test )" "1" - CFLAGS_OPT += -march=native - endif + #ifeq "$(shell echo 'int main() {return 0; }' | $(CC) $(CFLAGS) -Werror -x c - -march=native -o .test 2>/dev/null && echo 1 || echo 0 ; rm -f .test )" "1" + # CFLAGS_OPT += -march=native + #endif # OS X does not like _FORTIFY_SOURCE=2 -# CFLAGS_OPT += -D_FORTIFY_SOURCE=2 + CFLAGS_OPT += -D_FORTIFY_SOURCE=2 endif ifdef STATIC diff --git a/TODO.md b/TODO.md index 3ee8d091..b7d51369 100644 --- a/TODO.md +++ b/TODO.md @@ -9,6 +9,7 @@ - learn from honggfuzz - for persistent mode, have a functionality that transports the test case via shared memory (and the int write to the FD from afl-fuzz is the size) + - CPU affinity for many cores? ## Further down the road diff --git a/docs/Changelog.md b/docs/Changelog.md index 9d4d7815..5f404dba 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -32,6 +32,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - fixed crash in compare-transform-pass when strcasecmp/strncasecmp was tried to be instrumented with LTO - fixed crash in cmplog with LTO + - slightly better performance compilation options for afl++ and targets - fixed afl-gcc/afl-as that could break on fast systems reusing pids in the same second - added lots of dictionaries from oss-fuzz, go-fuzz and Jakub Wilk diff --git a/examples/aflpp_driver/GNUmakefile b/examples/aflpp_driver/GNUmakefile new file mode 100644 index 00000000..fca3fd2c --- /dev/null +++ b/examples/aflpp_driver/GNUmakefile @@ -0,0 +1,27 @@ +ifeq "" "$(LLVM_CONFIG)" + LLVM_CONFIG=llvm-config +endif + +LLVM_BINDIR = $(shell $(LLVM_CONFIG) --bindir 2>/dev/null) +ifneq "" "$(LLVM_BINDIR)" + LLVM_BINDIR := $(LLVM_BINDIR)/ +endif + +FLAGS=-O3 -funroll-loops + +all: libAFLDriver.a libAFLDriver2.a + +aflpp_driver.o: aflpp_driver.cpp + $(LLVM_BINDIR)clang++ $(FLAGS) -stdlib=libc++ -funroll-loops -std=c++11 -c aflpp_driver.cpp + +afl-llvm-rt.o: ../../llvm_mode/afl-llvm-rt.o.c + $(LLVM_BINDIR)clang $(FLAGS) -I../../include -c -o afl-llvm-rt.o ../../llvm_mode/afl-llvm-rt.o.c + +libAFLDriver.a: aflpp_driver.o + ar ru libAFLDriver.a aflpp_driver.o + +libAFLDriver2.a: aflpp_driver.o afl-llvm-rt.o + ar ru libAFLDriver2.a aflpp_driver.o afl-llvm-rt.o + +clean: + rm -f *.o libAFLDriver*.a *~ core diff --git a/examples/aflpp_driver/Makefile b/examples/aflpp_driver/Makefile index 6f7c7bc9..3666a74d 100644 --- a/examples/aflpp_driver/Makefile +++ b/examples/aflpp_driver/Makefile @@ -1,24 +1,2 @@ -ifeq "" "$(LLVM_CONFIG)" - LLVM_CONFIG=llvm-config -endif - -LLVM_BINDIR = $(shell $(LLVM_CONFIG) --bindir 2>/dev/null) -ifneq "" "$(LLVM_BINDIR)" - LLVM_BINDIR := $(LLVM_BINDIR)/ -endif - - - -all: libAFLDriver.a - -aflpp_driver.o: aflpp_driver.cpp - $(LLVM_BINDIR)clang++ -O3 -march=native -stdlib=libc++ -funroll-loops -std=c++11 -c aflpp_driver.cpp - -afl-llvm-rt.o: ../../llvm_mode/afl-llvm-rt.o.c - $(LLVM_BINDIR)clang++ -O3 -march=native -funroll-loops -stdlib=libc++ -std=c++11 -c aflpp_driver.cpp - -libAFLDriver.a: aflpp_driver.o afl-llvm-rt.o - ar ru libAFLDriver.a aflpp_driver.o - -clean: - rm -f *.o libAFLDriver.a *~ core +all: + @gmake all || echo please install GNUmake diff --git a/llvm_mode/GNUmakefile b/llvm_mode/GNUmakefile index a41dfbdf..50a6be2b 100644 --- a/llvm_mode/GNUmakefile +++ b/llvm_mode/GNUmakefile @@ -160,9 +160,9 @@ endif # After we set CC/CXX we can start makefile magic tests -ifeq "$(shell echo 'int main() {return 0; }' | $(CC) -x c - -march=native -o .test 2>/dev/null && echo 1 || echo 0 ; rm -f .test )" "1" - CFLAGS_OPT = -march=native -endif +#ifeq "$(shell echo 'int main() {return 0; }' | $(CC) -x c - -march=native -o .test 2>/dev/null && echo 1 || echo 0 ; rm -f .test )" "1" +# CFLAGS_OPT = -march=native +#endif ifeq "$(shell echo 'int main() {return 0; }' | $(CLANG_BIN) -x c - -flto=full -o .test 2>/dev/null && echo 1 || echo 0 ; rm -f .test )" "1" AFL_CLANG_FLTO ?= -flto=full @@ -196,8 +196,7 @@ ifeq "$(shell echo 'int main() {return 0; }' | $(CLANG_BIN) -x c - -fuse-ld=`com endif endif -CFLAGS ?= -O3 -funroll-loops -# -D_FORTIFY_SOURCE=2 +CFLAGS ?= -O3 -funroll-loops -D_FORTIFY_SOURCE=2 override CFLAGS += -Wall \ -g -Wno-pointer-sign -I ../include/ \ -DAFL_PATH=\"$(HELPER_PATH)\" -DBIN_PATH=\"$(BIN_PATH)\" \ @@ -210,8 +209,7 @@ ifdef AFL_TRACE_PC $(info Compile option AFL_TRACE_PC is deprecated, just set AFL_LLVM_INSTRUMENT=PCGUARD to activate when compiling targets ) endif -CXXFLAGS ?= -O3 -funroll-loops -# -D_FORTIFY_SOURCE=2 +CXXFLAGS ?= -O3 -funroll-loops -D_FORTIFY_SOURCE=2 override CXXFLAGS += -Wall -g -I ../include/ \ -DVERSION=\"$(VERSION)\" -Wno-variadic-macros diff --git a/llvm_mode/Makefile b/llvm_mode/Makefile index 0b306dde..3666a74d 100644 --- a/llvm_mode/Makefile +++ b/llvm_mode/Makefile @@ -1,2 +1,2 @@ all: - @echo please use GNU make, thanks! + @gmake all || echo please install GNUmake diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index e8f20bb2..fb072651 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -335,7 +335,7 @@ static void edit_params(u32 argc, char **argv, char **envp) { } - cc_params[cc_par_cnt++] = "-Qunused-arguments"; + //cc_params[cc_par_cnt++] = "-Qunused-arguments"; // in case LLVM is installed not via a package manager or "make install" // e.g. compiled download or compiled from github then it's ./lib directory @@ -440,8 +440,8 @@ static void edit_params(u32 argc, char **argv, char **envp) { cc_params[cc_par_cnt++] = "-g"; cc_params[cc_par_cnt++] = "-O3"; cc_params[cc_par_cnt++] = "-funroll-loops"; - if (strlen(march_opt) > 1 && march_opt[0] == '-') - cc_params[cc_par_cnt++] = march_opt; + //if (strlen(march_opt) > 1 && march_opt[0] == '-') + // cc_params[cc_par_cnt++] = march_opt; } diff --git a/llvm_mode/afl-llvm-rt.o.c b/llvm_mode/afl-llvm-rt.o.c index a461bc03..b151de8e 100644 --- a/llvm_mode/afl-llvm-rt.o.c +++ b/llvm_mode/afl-llvm-rt.o.c @@ -789,12 +789,12 @@ void __sanitizer_cov_trace_pc_guard(uint32_t *guard) { void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) { u32 inst_ratio = 100; - u8 *x; + char *x; if (start == stop || *start) return; x = getenv("AFL_INST_RATIO"); - if (x) inst_ratio = atoi(x); + if (x) inst_ratio = (u32)atoi(x); if (!inst_ratio || inst_ratio > 100) { -- cgit 1.4.1 From 1cae68dde32abf9c7fe83cb9a91890deba973834 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Tue, 26 May 2020 15:20:42 +0200 Subject: persistent mode shared memory fuzzing - done --- docs/Changelog.md | 4 +- examples/persistent_demo/Makefile | 6 ++ llvm_mode/README.md | 106 +++-------------------- llvm_mode/README.persistent_mode.md | 168 ++++++++++++++++++++++++++++++++++++ llvm_mode/afl-clang-fast.c | 17 ++-- llvm_mode/afl-llvm-rt.o.c | 2 +- 6 files changed, 199 insertions(+), 104 deletions(-) create mode 100644 examples/persistent_demo/Makefile create mode 100644 llvm_mode/README.persistent_mode.md diff --git a/docs/Changelog.md b/docs/Changelog.md index 5f404dba..6c0ad104 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -10,8 +10,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. ### Version ++2.65d (dev) - - initial support for persistent mode shared memory testcase handover - (instead of via files/stdin) + - persistent mode shared memory testcase handover (instead of via + files/stdin) - x2 performance increase! - afl-fuzz: - -S slaves now only sync from the master to increase performance, the -M master still syncs from everyone. Added checks that ensure diff --git a/examples/persistent_demo/Makefile b/examples/persistent_demo/Makefile new file mode 100644 index 00000000..cbbb7239 --- /dev/null +++ b/examples/persistent_demo/Makefile @@ -0,0 +1,6 @@ +all: + afl-clang-fast -o persistent_demo persistent_demo.c + afl-clang-fast -o persistent_demo_new persistent_demo_new.c + +clean: + rm -f persistent_demo persistent_demo_new diff --git a/llvm_mode/README.md b/llvm_mode/README.md index 96b2762c..fa008cba 100644 --- a/llvm_mode/README.md +++ b/llvm_mode/README.md @@ -35,7 +35,7 @@ Once this implementation is shown to be sufficiently robust and portable, it will probably replace afl-clang. For now, it can be built separately and co-exists with the original code. -The idea and much of the implementation comes from Laszlo Szekeres. +The idea and much of the intial implementation came from Laszlo Szekeres. ## 2a) How to use this - short @@ -56,6 +56,8 @@ LLVM_CONFIG=llvm-config-7 REAL_CC=gcc REAL_CXX=g++ make It is highly recommended to use the newest clang version you can put your hands on :) +Then look at [README.persistent_mode.md](README.persistent_mode.md). + ## 2b) How to use this - long In order to leverage this mechanism, you need to have clang installed on your @@ -159,96 +161,13 @@ See [README.snapshot](README.snapshot.md) This is an early-stage mechanism, so field reports are welcome. You can send bug reports to <afl-users@googlegroups.com>. -## 6) Bonus feature #1: deferred initialization - -AFL tries to optimize performance by executing the targeted binary just once, -stopping it just before main(), and then cloning this "master" process to get -a steady supply of targets to fuzz. - -Although this approach eliminates much of the OS-, linker- and libc-level -costs of executing the program, it does not always help with binaries that -perform other time-consuming initialization steps - say, parsing a large config -file before getting to the fuzzed data. - -In such cases, it's beneficial to initialize the forkserver a bit later, once -most of the initialization work is already done, but before the binary attempts -to read the fuzzed input and parse it; in some cases, this can offer a 10x+ -performance gain. You can implement delayed initialization in LLVM mode in a -fairly simple way. - -First, find a suitable location in the code where the delayed cloning can -take place. This needs to be done with *extreme* care to avoid breaking the -binary. In particular, the program will probably malfunction if you select -a location after: - - - The creation of any vital threads or child processes - since the forkserver - can't clone them easily. - - - The initialization of timers via setitimer() or equivalent calls. - - - The creation of temporary files, network sockets, offset-sensitive file - descriptors, and similar shared-state resources - but only provided that - their state meaningfully influences the behavior of the program later on. - - - Any access to the fuzzed input, including reading the metadata about its - size. - -With the location selected, add this code in the appropriate spot: - -```c -#ifdef __AFL_HAVE_MANUAL_CONTROL - __AFL_INIT(); -#endif -``` - -You don't need the #ifdef guards, but including them ensures that the program -will keep working normally when compiled with a tool other than afl-clang-fast. - -Finally, recompile the program with afl-clang-fast (afl-gcc or afl-clang will -*not* generate a deferred-initialization binary) - and you should be all set! - -## 7) Bonus feature #2: persistent mode - -Some libraries provide APIs that are stateless, or whose state can be reset in -between processing different input files. When such a reset is performed, a -single long-lived process can be reused to try out multiple test cases, -eliminating the need for repeated fork() calls and the associated OS overhead. - -The basic structure of the program that does this would be: - -```c - while (__AFL_LOOP(1000)) { - - /* Read input data. */ - /* Call library code to be fuzzed. */ - /* Reset state. */ - - } - - /* Exit normally */ -``` - -The numerical value specified within the loop controls the maximum number -of iterations before AFL will restart the process from scratch. This minimizes -the impact of memory leaks and similar glitches; 1000 is a good starting point, -and going much higher increases the likelihood of hiccups without giving you -any real performance benefits. - -A more detailed template is shown in ../examples/persistent_demo/. -Similarly to the previous mode, the feature works only with afl-clang-fast; #ifdef -guards can be used to suppress it when using other compilers. - -Note that as with the previous mode, the feature is easy to misuse; if you -do not fully reset the critical state, you may end up with false positives or -waste a whole lot of CPU power doing nothing useful at all. Be particularly -wary of memory leaks and of the state of file descriptors. +## 6) deferred initialization, persistent mode, shared memory fuzzing -PS. Because there are task switches still involved, the mode isn't as fast as -"pure" in-process fuzzing offered, say, by LLVM's LibFuzzer; but it is a lot -faster than the normal fork() model, and compared to in-process fuzzing, -should be a lot more robust. +This is the most powerful and effective fuzzing you can do. +Please see [README.persistent_mode.md](README.persistent_mode.md) for a +full explanation. -## 8) Bonus feature #3: 'trace-pc-guard' mode +## 7) Bonus feature: 'trace-pc-guard' mode LLVM is shipping with a built-in execution tracing feature that provides AFL with the necessary tracing data without the need to @@ -260,11 +179,8 @@ If you have not an outdated compiler and want to give it a try, build targets this way: ``` - libtarget-1.0 $ AFL_LLVM_USE_TRACE_PC=1 make +$ AFL_LLVM_INSTRUMENT=PCGUARD make ``` -Note that this mode is about 20% slower than "vanilla" afl-clang-fast, -and about 5-10% slower than afl-clang. This is likely because the -instrumentation is not inlined, and instead involves a function call. -On systems that support it, compiling your target with -flto can help -a bit. +Note that this us currently the default, as it is the best mode. +If you have llvm 11 and compiled afl-clang-lto - this is the only better mode. diff --git a/llvm_mode/README.persistent_mode.md b/llvm_mode/README.persistent_mode.md new file mode 100644 index 00000000..b092de54 --- /dev/null +++ b/llvm_mode/README.persistent_mode.md @@ -0,0 +1,168 @@ +# llvm_mode persistent mode + +## 1) Introduction + +The most effective way is to fuzz in persistent mode, as the speed can easily +be x10 or x20 times faster without any disadvanges. +*All professionel fuzzing is using this mode.* + +This requires that the target can be called in a (or several) function(s), +and that the state can be resetted so that multiple calls be be performed +without memory leaking and former runs having no impact on following runs +(this can be seen by the `stability` indicator in the `afl-fuzz` UI). + +Examples can be found in [examples/persistent_mode](../examples/persistent_mode). + +## 2) TLDR; + +Example `fuzz_target.c`: +``` +#include "what_you_need_for_your_target.h" + +__AFL_FUZZ_INIT(); + +main() { + +#ifdef __AFL_HAVE_MANUAL_CONTROL + __AFL_INIT(); +#endif + + unsigned char *buf = __AFL_FUZZ_TESTCASE_BUF; // must be after __AFL_INIT + + while (__AFL_LOOP(10000)) { + + int len = __AFL_FUZZ_TESTCASE_LEN; + + if (len < 8) return 0; // check for a required/useful minimum input length + + /* Setup function call, e.g. struct target *tmp = libtarget_init() */ + /* Call function to be fuzzed, e.g.: */ + target_function(buf, len); + /* Reset state. e.g. libtarget_free(tmp) */ + + } + + return 0; + +} +``` +And then compile: +``` +afl-clang-fast -o fuzz_target fuzz_target.c -lwhat_you_need_for_your_target +``` +And that is it! +The speed increase is usually x10 to x20. + +## 3) deferred initialization + +AFL tries to optimize performance by executing the targeted binary just once, +stopping it just before main(), and then cloning this "master" process to get +a steady supply of targets to fuzz. + +Although this approach eliminates much of the OS-, linker- and libc-level +costs of executing the program, it does not always help with binaries that +perform other time-consuming initialization steps - say, parsing a large config +file before getting to the fuzzed data. + +In such cases, it's beneficial to initialize the forkserver a bit later, once +most of the initialization work is already done, but before the binary attempts +to read the fuzzed input and parse it; in some cases, this can offer a 10x+ +performance gain. You can implement delayed initialization in LLVM mode in a +fairly simple way. + +First, find a suitable location in the code where the delayed cloning can +take place. This needs to be done with *extreme* care to avoid breaking the +binary. In particular, the program will probably malfunction if you select +a location after: + + - The creation of any vital threads or child processes - since the forkserver + can't clone them easily. + + - The initialization of timers via setitimer() or equivalent calls. + + - The creation of temporary files, network sockets, offset-sensitive file + descriptors, and similar shared-state resources - but only provided that + their state meaningfully influences the behavior of the program later on. + + - Any access to the fuzzed input, including reading the metadata about its + size. + +With the location selected, add this code in the appropriate spot: + +```c +#ifdef __AFL_HAVE_MANUAL_CONTROL + __AFL_INIT(); +#endif +``` + +You don't need the #ifdef guards, but including them ensures that the program +will keep working normally when compiled with a tool other than afl-clang-fast. + +Finally, recompile the program with afl-clang-fast (afl-gcc or afl-clang will +*not* generate a deferred-initialization binary) - and you should be all set! + +## 4) persistent mode + +Some libraries provide APIs that are stateless, or whose state can be reset in +between processing different input files. When such a reset is performed, a +single long-lived process can be reused to try out multiple test cases, +eliminating the need for repeated fork() calls and the associated OS overhead. + +The basic structure of the program that does this would be: + +```c + while (__AFL_LOOP(1000)) { + + /* Read input data. */ + /* Call library code to be fuzzed. */ + /* Reset state. */ + + } + + /* Exit normally */ +``` + +The numerical value specified within the loop controls the maximum number +of iterations before AFL will restart the process from scratch. This minimizes +the impact of memory leaks and similar glitches; 1000 is a good starting point, +and going much higher increases the likelihood of hiccups without giving you +any real performance benefits. + +A more detailed template is shown in ../examples/persistent_demo/. +Similarly to the previous mode, the feature works only with afl-clang-fast; #ifdef +guards can be used to suppress it when using other compilers. + +Note that as with the previous mode, the feature is easy to misuse; if you +do not fully reset the critical state, you may end up with false positives or +waste a whole lot of CPU power doing nothing useful at all. Be particularly +wary of memory leaks and of the state of file descriptors. + +PS. Because there are task switches still involved, the mode isn't as fast as +"pure" in-process fuzzing offered, say, by LLVM's LibFuzzer; but it is a lot +faster than the normal fork() model, and compared to in-process fuzzing, +should be a lot more robust. + +## 5) shared memory fuzzing + +You can speed up the fuzzing process even more by receiving the fuzzing data +via shared memory instead of stdin or files. +This is a further speed multiplier of about 2x. + +Setting this up is very easy: + +After the includes set the following macro: + +``` +__AFL_FUZZ_INIT(); +``` +Directly at the start of main - or if you are using the deferred forkserver +with `__AFL_INIT()` then *after* `__AFL_INIT? : +``` + unsigned char *buf = __AFL_FUZZ_TESTCASE_BUF; +``` + +Then as first line after the `__AFL_LOOP` while loop: +``` + int len = __AFL_FUZZ_TESTCASE_LEN; +``` +and that is all! diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index fb072651..64231a4e 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -45,11 +45,11 @@ static u32 cc_par_cnt = 1; /* Param count, including argv0 */ static u8 llvm_fullpath[PATH_MAX]; static u8 instrument_mode, instrument_opt_mode, ngram_size, lto_mode, cpp_mode; static u8 *lto_flag = AFL_CLANG_FLTO; -static u8 *march_opt = CFLAGS_OPT; static u8 debug; static u8 cwd[4096]; static u8 cmplog_mode; u8 use_stdin = 0; /* dummy */ +// static u8 *march_opt = CFLAGS_OPT; enum { @@ -335,7 +335,7 @@ static void edit_params(u32 argc, char **argv, char **envp) { } - //cc_params[cc_par_cnt++] = "-Qunused-arguments"; + // cc_params[cc_par_cnt++] = "-Qunused-arguments"; // in case LLVM is installed not via a package manager or "make install" // e.g. compiled download or compiled from github then it's ./lib directory @@ -440,7 +440,7 @@ static void edit_params(u32 argc, char **argv, char **envp) { cc_params[cc_par_cnt++] = "-g"; cc_params[cc_par_cnt++] = "-O3"; cc_params[cc_par_cnt++] = "-funroll-loops"; - //if (strlen(march_opt) > 1 && march_opt[0] == '-') + // if (strlen(march_opt) > 1 && march_opt[0] == '-') // cc_params[cc_par_cnt++] = march_opt; } @@ -493,9 +493,14 @@ static void edit_params(u32 argc, char **argv, char **envp) { "-D__AFL_FUZZ_INIT()=" "int __afl_sharedmem_fuzzing = 1;" "extern unsigned int __afl_fuzz_len;" - "extern unsigned char *__afl_fuzz_ptr;"; - cc_params[cc_par_cnt++] = "-D__AFL_FUZZ_TESTCASE_BUF=__afl_fuzz_ptr"; - cc_params[cc_par_cnt++] = "-D__AFL_FUZZ_TESTCASE_LEN=__afl_fuzz_len"; + "extern unsigned char *__afl_fuzz_ptr;" + "unsigned char *__afl_fuzz_alt_ptr;"; + cc_params[cc_par_cnt++] = + "-D__AFL_FUZZ_TESTCASE_BUF=(__afl_fuzz_ptr ? __afl_fuzz_ptr : " + "(__afl_fuzz_alt_ptr = malloc(1 * 1024 * 1024)))"; + cc_params[cc_par_cnt++] = + "-D__AFL_FUZZ_TESTCASE_LEN=(__afl_fuzz_ptr ? __afl_fuzz_len : read(0, " + "__afl_fuzz_alt_ptr, 1 * 1024 * 1024))"; cc_params[cc_par_cnt++] = "-D__AFL_LOOP(_A)=" diff --git a/llvm_mode/afl-llvm-rt.o.c b/llvm_mode/afl-llvm-rt.o.c index b151de8e..08733db4 100644 --- a/llvm_mode/afl-llvm-rt.o.c +++ b/llvm_mode/afl-llvm-rt.o.c @@ -788,7 +788,7 @@ void __sanitizer_cov_trace_pc_guard(uint32_t *guard) { void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) { - u32 inst_ratio = 100; + u32 inst_ratio = 100; char *x; if (start == stop || *start) return; -- cgit 1.4.1 From 9dd0b7c6de72100ceaf99bba3b0705f952b36de0 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Tue, 26 May 2020 15:57:15 +0200 Subject: make examples better --- examples/aflpp_driver/GNUmakefile | 8 +------- examples/persistent_demo/persistent_demo.c | 2 +- examples/persistent_demo/persistent_demo_new.c | 23 +---------------------- llvm_mode/README.persistent_mode.md | 3 +-- 4 files changed, 4 insertions(+), 32 deletions(-) diff --git a/examples/aflpp_driver/GNUmakefile b/examples/aflpp_driver/GNUmakefile index fca3fd2c..a681d2cf 100644 --- a/examples/aflpp_driver/GNUmakefile +++ b/examples/aflpp_driver/GNUmakefile @@ -9,19 +9,13 @@ endif FLAGS=-O3 -funroll-loops -all: libAFLDriver.a libAFLDriver2.a +all: libAFLDriver.a aflpp_driver.o: aflpp_driver.cpp $(LLVM_BINDIR)clang++ $(FLAGS) -stdlib=libc++ -funroll-loops -std=c++11 -c aflpp_driver.cpp -afl-llvm-rt.o: ../../llvm_mode/afl-llvm-rt.o.c - $(LLVM_BINDIR)clang $(FLAGS) -I../../include -c -o afl-llvm-rt.o ../../llvm_mode/afl-llvm-rt.o.c - libAFLDriver.a: aflpp_driver.o ar ru libAFLDriver.a aflpp_driver.o -libAFLDriver2.a: aflpp_driver.o afl-llvm-rt.o - ar ru libAFLDriver2.a aflpp_driver.o afl-llvm-rt.o - clean: rm -f *.o libAFLDriver*.a *~ core diff --git a/examples/persistent_demo/persistent_demo.c b/examples/persistent_demo/persistent_demo.c index 41cd9e38..2da49bb0 100644 --- a/examples/persistent_demo/persistent_demo.c +++ b/examples/persistent_demo/persistent_demo.c @@ -63,7 +63,7 @@ int main(int argc, char **argv) { We just have some trivial inline code that faults on 'foo!'. */ /* do we have enough data? */ - if (len < 8) return 0; + if (len < 8) continue; if (buf[0] == 'f') { diff --git a/examples/persistent_demo/persistent_demo_new.c b/examples/persistent_demo/persistent_demo_new.c index fffd40b6..36411e13 100644 --- a/examples/persistent_demo/persistent_demo_new.c +++ b/examples/persistent_demo/persistent_demo_new.c @@ -30,27 +30,6 @@ __AFL_FUZZ_INIT(); -unsigned int crc32_for_byte(unsigned int r) { - - for (int j = 0; j < 8; ++j) - r = (r & 1 ? 0 : (unsigned int)0xEDB88320L) ^ r >> 1; - return r ^ (unsigned int)0xFF000000L; - -} - -unsigned int crc32(unsigned char *data, unsigned int n_bytes) { - - static unsigned char table[0x100]; - unsigned int crc = 0; - if (!*table) - for (unsigned int i = 0; i < 0x100; ++i) - table[i] = crc32_for_byte(i); - for (unsigned int i = 0; i < n_bytes; ++i) - crc = table[(unsigned char)crc ^ (data)[i]] ^ crc >> 8; - return crc; - -} - /* Main entry point. */ int main(int argc, char **argv) { @@ -70,7 +49,7 @@ int main(int argc, char **argv) { len = __AFL_FUZZ_TESTCASE_LEN; /* do we have enough data? */ - if (len < 8) return 0; + if (len < 8) continue; if (buf[0] == 'f') { diff --git a/llvm_mode/README.persistent_mode.md b/llvm_mode/README.persistent_mode.md index b092de54..7aae8faa 100644 --- a/llvm_mode/README.persistent_mode.md +++ b/llvm_mode/README.persistent_mode.md @@ -32,8 +32,7 @@ main() { while (__AFL_LOOP(10000)) { int len = __AFL_FUZZ_TESTCASE_LEN; - - if (len < 8) return 0; // check for a required/useful minimum input length + if (len < 8) continue; // check for a required/useful minimum input length /* Setup function call, e.g. struct target *tmp = libtarget_init() */ /* Call function to be fuzzed, e.g.: */ -- cgit 1.4.1 From dab498c3b726cf4503abfbd61b62f65f92c9a4e9 Mon Sep 17 00:00:00 2001 From: arnow117 <arnow117@163.com> Date: Wed, 27 May 2020 16:01:44 +0800 Subject: fix MOPT implementation flaws in core fuzzing --- src/afl-fuzz-one.c | 32 ++++++++++++++++++++++++++++---- 1 file changed, 28 insertions(+), 4 deletions(-) diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c index ddd15c84..5b1a2cba 100644 --- a/src/afl-fuzz-one.c +++ b/src/afl-fuzz-one.c @@ -4250,14 +4250,29 @@ pacemaker_fuzzing: u64 temp_temp_puppet = afl->queued_paths + afl->unique_crashes - temp_total_found; afl->total_puppet_find = afl->total_puppet_find + temp_temp_puppet; - for (i = 0; i < operator_num; ++i) { - if (MOpt_globals.cycles_v2[i] > MOpt_globals.cycles_v3[i]) { + if (MOpt_globals.is_pilot_mode){ - MOpt_globals.finds_v2[i] += temp_temp_puppet; + for (i = 0; i < operator_num; ++i) { + + if (MOpt_globals.cycles_v2[i] > MOpt_globals.cycles_v3[i]) { + + MOpt_globals.finds_v2[i] += temp_temp_puppet; + + } } + } else { + + for (i = 0; i < operator_num; i++) { + + if (afl->core_operator_cycles_puppet_v2[i] > afl->core_operator_cycles_puppet_v3[i]) + + afl->core_operator_finds_puppet_v2[i] += temp_temp_puppet; + + } + } } /* if */ @@ -4437,7 +4452,6 @@ pacemaker_fuzzing: afl->total_pacemaker_time += *MOpt_globals.pTime; *MOpt_globals.pTime = 0; - afl->temp_puppet_find = afl->total_puppet_find; new_hit_cnt = afl->queued_paths + afl->unique_crashes; if (MOpt_globals.is_pilot_mode) { @@ -4448,6 +4462,7 @@ pacemaker_fuzzing: } + afl->temp_puppet_find = afl->total_puppet_find; u64 temp_stage_finds_puppet = 0; for (i = 0; i < operator_num; ++i) { @@ -4530,6 +4545,15 @@ pacemaker_fuzzing: } else { + for (i = 0; i < operator_num; i++) + { + + afl->core_operator_finds_puppet[i] = afl->core_operator_finds_puppet_v2[i]; + afl->core_operator_cycles_puppet[i] = afl->core_operator_cycles_puppet_v2[i]; + temp_stage_finds_puppet += afl->core_operator_finds_puppet[i]; + + } + afl->key_module = 2; afl->old_hit_count = new_hit_cnt; -- cgit 1.4.1 From b81df11d8a0dad4381e644b04afa1a38413ff833 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Wed, 27 May 2020 11:07:54 +0200 Subject: fix 64bit support for powerpc, risc, etc. --- docs/Changelog.md | 5 +++-- include/types.h | 5 +---- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 6c0ad104..18acfba4 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -10,8 +10,6 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. ### Version ++2.65d (dev) - - persistent mode shared memory testcase handover (instead of via - files/stdin) - x2 performance increase! - afl-fuzz: - -S slaves now only sync from the master to increase performance, the -M master still syncs from everyone. Added checks that ensure @@ -32,6 +30,9 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - fixed crash in compare-transform-pass when strcasecmp/strncasecmp was tried to be instrumented with LTO - fixed crash in cmplog with LTO + - persistent mode shared memory testcase handover (instead of via + files/stdin) - 10-100% performance increase + - General support for 64 bit PowerPC, RiscV, Sparc etc. - slightly better performance compilation options for afl++ and targets - fixed afl-gcc/afl-as that could break on fast systems reusing pids in the same second diff --git a/include/types.h b/include/types.h index 95ca2689..d1e44617 100644 --- a/include/types.h +++ b/include/types.h @@ -64,13 +64,10 @@ typedef uint32_t u32; 'unsigned long long' in <bits/types.h>, so everything checks out. But on 64-bit systems, it is #ifdef'ed in the same file as 'unsigned long'. - Now, it only happens in circumstances where the type happens to have the - expected bit width, *but* the compiler does not know that... and complains - about 'unsigned long' being unsafe to pass to %llu. */ -#if defined(__x86_64__) || defined(__aarch64__) +#ifdef __LP64__ typedef unsigned long long u64; #else typedef uint64_t u64; -- cgit 1.4.1 From 434ccf3df4760019cb87ceb11087d3440dc5a4ab Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Wed, 27 May 2020 11:24:09 +0200 Subject: allow for copy paste from documentation --- README.md | 36 ++++++++++++++++++------------------ docs/parallel_fuzzing.md | 18 +++++++++--------- examples/afl_network_proxy/README.md | 4 ++-- examples/afl_untracer/README.md | 4 ++-- llvm_mode/README.lto.md | 30 +++++++++++++++--------------- llvm_mode/README.md | 2 +- qemu_mode/README.md | 4 ++-- unicorn_mode/README.md | 6 +++--- 8 files changed, 52 insertions(+), 52 deletions(-) diff --git a/README.md b/README.md index 5af2b0fc..1c730ec1 100644 --- a/README.md +++ b/README.md @@ -137,9 +137,9 @@ afl++ has many build options. The easiest is to build and install everything: ```shell -$ sudo apt install build-essential libtool-bin python3-dev automake flex bison libglib2.0-dev libpixman-1-dev clang python3-setuptools llvm -$ make distrib -$ sudo make install +sudo apt install build-essential libtool-bin python3-dev automake flex bison libglib2.0-dev libpixman-1-dev clang python3-setuptools llvm +make distrib +sudo make install ``` Note that "make distrib" also builds llvm_mode, qemu_mode, unicorn_mode and @@ -148,7 +148,7 @@ using at least llvm_mode is highly recommended for much better results - hence in this case ```shell -$ make source-only +make source-only ``` is what you should choose. @@ -171,7 +171,7 @@ These build targets exist: afl++ binaries by passing the STATIC=1 argument to make: ```shell -$ make all STATIC=1 +make all STATIC=1 ``` These build options exist: @@ -191,8 +191,8 @@ Hence at least gcc-9 and especially llvm-9 should be the compilers of choice. If your distribution does not have them, you can use the Dockerfile: ```shell -$ cd AFLplusplus -$ sudo docker build -t aflplusplus . +cd AFLplusplus +sudo docker build -t aflplusplus . ``` @@ -281,8 +281,8 @@ The correct way to recompile the target program may vary depending on the specifics of the build process, but a nearly-universal approach would be: ```shell -$ CC=/path/to/afl/afl-gcc ./configure -$ make clean all +CC=/path/to/afl/afl-gcc ./configure +make clean all ``` For C++ programs, you'd would also want to set `CXX=/path/to/afl/afl-g++`. @@ -306,7 +306,7 @@ runtime (usually by setting `LD_LIBRARY_PATH`). The simplest option is a static build, usually possible via: ```shell -$ CC=/path/to/afl/afl-gcc ./configure --disable-shared +CC=/path/to/afl/afl-gcc ./configure --disable-shared ``` Setting `AFL_HARDEN=1` when calling 'make' will cause the CC wrapper to @@ -328,8 +328,8 @@ QEMU is a project separate from AFL, but you can conveniently build the feature by doing: ```shell -$ cd qemu_mode -$ ./build_qemu_support.sh +cd qemu_mode +./build_qemu_support.sh ``` For additional instructions and caveats, see [qemu_mode/README.md](qemu_mode/README.md). @@ -423,7 +423,7 @@ store its findings, plus a path to the binary to test. For target binaries that accept input directly from stdin, the usual syntax is: ```shell -$ ./afl-fuzz -i testcase_dir -o findings_dir /path/to/program [...params...] +./afl-fuzz -i testcase_dir -o findings_dir /path/to/program [...params...] ``` For programs that take input from a file, use '@@' to mark the location in @@ -431,7 +431,7 @@ the target's command line where the input file name should be placed. The fuzzer will substitute this for you: ```shell -$ ./afl-fuzz -i testcase_dir -o findings_dir /path/to/program @@ +./afl-fuzz -i testcase_dir -o findings_dir /path/to/program @@ ``` You can also use the -f option to have the mutated data written to a specific @@ -494,8 +494,8 @@ When you can't reproduce a crash found by afl-fuzz, the most likely cause is that you are not setting the same memory limit as used by the tool. Try: ```shell -$ LIMIT_MB=50 -$ ( ulimit -Sv $[LIMIT_MB << 10]; /path/to/tested_binary ... ) +LIMIT_MB=50 +( ulimit -Sv $[LIMIT_MB << 10]; /path/to/tested_binary ... ) ``` Change LIMIT_MB to match the -m parameter passed to afl-fuzz. On OpenBSD, @@ -504,7 +504,7 @@ also change -Sv to -Sd. Any existing output directory can be also used to resume aborted jobs; try: ```shell -$ ./afl-fuzz -i- -o existing_output_dir [...etc...] +./afl-fuzz -i- -o existing_output_dir [...etc...] ``` If you have gnuplot installed, you can also generate some pretty graphs for any @@ -586,7 +586,7 @@ Oh, one more thing: for test case minimization, give afl-tmin a try. The tool can be operated in a very simple way: ```shell -$ ./afl-tmin -i test_case -o minimized_result -- /path/to/program [...] +./afl-tmin -i test_case -o minimized_result -- /path/to/program [...] ``` The tool works with crashing and non-crashing test cases alike. In the crash diff --git a/docs/parallel_fuzzing.md b/docs/parallel_fuzzing.md index 12aefb46..c6e54218 100644 --- a/docs/parallel_fuzzing.md +++ b/docs/parallel_fuzzing.md @@ -40,14 +40,14 @@ for every instance - say, "fuzzer01", "fuzzer02", etc. Run the first one ("master", -M) like this: ``` -$ ./afl-fuzz -i testcase_dir -o sync_dir -M fuzzer01 [...other stuff...] +./afl-fuzz -i testcase_dir -o sync_dir -M fuzzer01 [...other stuff...] ``` ...and then, start up secondary (-S) instances like this: ``` -$ ./afl-fuzz -i testcase_dir -o sync_dir -S fuzzer02 [...other stuff...] -$ ./afl-fuzz -i testcase_dir -o sync_dir -S fuzzer03 [...other stuff...] +./afl-fuzz -i testcase_dir -o sync_dir -S fuzzer02 [...other stuff...] +./afl-fuzz -i testcase_dir -o sync_dir -S fuzzer03 [...other stuff...] ``` Each fuzzer will keep its state in a separate subdirectory, like so: @@ -71,9 +71,9 @@ experimental support for parallelizing the deterministic checks. To leverage that, you need to create -M instances like so: ``` -$ ./afl-fuzz -i testcase_dir -o sync_dir -M masterA:1/3 [...] -$ ./afl-fuzz -i testcase_dir -o sync_dir -M masterB:2/3 [...] -$ ./afl-fuzz -i testcase_dir -o sync_dir -M masterC:3/3 [...] +./afl-fuzz -i testcase_dir -o sync_dir -M masterA:1/3 [...] +./afl-fuzz -i testcase_dir -o sync_dir -M masterB:2/3 [...] +./afl-fuzz -i testcase_dir -o sync_dir -M masterC:3/3 [...] ``` ...where the first value after ':' is the sequential ID of a particular master @@ -91,9 +91,9 @@ must use a separate temporary file; otherwise, things will go south. One safe example may be: ``` -$ ./afl-fuzz [...] -S fuzzer10 -f file10.txt ./fuzzed/binary @@ -$ ./afl-fuzz [...] -S fuzzer11 -f file11.txt ./fuzzed/binary @@ -$ ./afl-fuzz [...] -S fuzzer12 -f file12.txt ./fuzzed/binary @@ +./afl-fuzz [...] -S fuzzer10 -f file10.txt ./fuzzed/binary @@ +./afl-fuzz [...] -S fuzzer11 -f file11.txt ./fuzzed/binary @@ +./afl-fuzz [...] -S fuzzer12 -f file12.txt ./fuzzed/binary @@ ``` This is not a concern if you use @@ without -f and let afl-fuzz come up with the diff --git a/examples/afl_network_proxy/README.md b/examples/afl_network_proxy/README.md index 42c0b71b..a5ac3578 100644 --- a/examples/afl_network_proxy/README.md +++ b/examples/afl_network_proxy/README.md @@ -29,7 +29,7 @@ Run `afl-network-server` with your target with the -m and -t values you need. Important is the -i parameter which is the TCP port to listen on. e.g.: ``` -$ afl-network-server -i 1111 -m 25M -t 1000 -- /bin/target -f @@ +afl-network-server -i 1111 -m 25M -t 1000 -- /bin/target -f @@ ``` ### on the (afl-fuzz) master @@ -38,7 +38,7 @@ Just run afl-fuzz with your normal options, however the target should be `afl-network-client` with the IP and PORT of the `afl-network-server` and increase the -t value: ``` -$ afl-fuzz -i in -o out -t 2000+ -- afl-network-client TARGET-IP 1111 +afl-fuzz -i in -o out -t 2000+ -- afl-network-client TARGET-IP 1111 ``` Note the '+' on the -t parameter value. The afl-network-server will take care of proper timeouts hence afl-fuzz should not. The '+' increases the diff --git a/examples/afl_untracer/README.md b/examples/afl_untracer/README.md index 05fd8776..e59792cb 100644 --- a/examples/afl_untracer/README.md +++ b/examples/afl_untracer/README.md @@ -29,8 +29,8 @@ The patches.txt file has to be pointed to by `AFL_UNTRACER_FILE`. To easily run the scripts without needing to run the GUI with Ghidra: ``` -$ /opt/ghidra/support/analyzeHeadless /tmp/ tmp$$ -import libtestinstr.so -postscript ./ghidra_get_patchpoints.java -$ rm -rf /tmp/tmp$$ +/opt/ghidra/support/analyzeHeadless /tmp/ tmp$$ -import libtestinstr.so -postscript ./ghidra_get_patchpoints.java +rm -rf /tmp/tmp$$ ``` ### Fuzzing diff --git a/llvm_mode/README.lto.md b/llvm_mode/README.lto.md index 99bcc50d..48c587eb 100644 --- a/llvm_mode/README.lto.md +++ b/llvm_mode/README.lto.md @@ -84,21 +84,21 @@ apt-get install -y clang-11 clang-tools-11 libc++1-11 libc++-11-dev \ Building llvm from github takes quite some long time and is not painless: ``` -$ sudo apt install binutils-dev # this is *essential*! -$ git clone https://github.com/llvm/llvm-project -$ cd llvm-project -$ mkdir build -$ cd build -$ cmake -DLLVM_ENABLE_PROJECTS='clang;clang-tools-extra;compiler-rt;libclc;libcxx;libcxxabi;libunwind;lld' -DCMAKE_BUILD_TYPE=Release -DLLVM_BINUTILS_INCDIR=/usr/include/ ../llvm/ -$ make -j $(nproc) -$ export PATH=`pwd`/bin:$PATH -$ export LLVM_CONFIG=`pwd`/bin/llvm-config -$ cd /path/to/AFLplusplus/ -$ make -$ cd llvm_mode -$ make -$ cd .. -$ make install +sudo apt install binutils-dev # this is *essential*! +git clone https://github.com/llvm/llvm-project +cd llvm-project +mkdir build +cd build +cmake -DLLVM_ENABLE_PROJECTS='clang;clang-tools-extra;compiler-rt;libclc;libcxx;libcxxabi;libunwind;lld' -DCMAKE_BUILD_TYPE=Release -DLLVM_BINUTILS_INCDIR=/usr/include/ ../llvm/ +make -j $(nproc) +export PATH=`pwd`/bin:$PATH +export LLVM_CONFIG=`pwd`/bin/llvm-config +cd /path/to/AFLplusplus/ +make +cd llvm_mode +make +cd .. +make install ``` ## How to use afl-clang-lto diff --git a/llvm_mode/README.md b/llvm_mode/README.md index fa008cba..c24aef49 100644 --- a/llvm_mode/README.md +++ b/llvm_mode/README.md @@ -179,7 +179,7 @@ If you have not an outdated compiler and want to give it a try, build targets this way: ``` -$ AFL_LLVM_INSTRUMENT=PCGUARD make +AFL_LLVM_INSTRUMENT=PCGUARD make ``` Note that this us currently the default, as it is the best mode. diff --git a/qemu_mode/README.md b/qemu_mode/README.md index 50d451b6..3cf678e4 100644 --- a/qemu_mode/README.md +++ b/qemu_mode/README.md @@ -147,8 +147,8 @@ non-instrumented binary with the same optimization flags that are normally injected by afl-gcc, and make sure that the bits to be tested are statically linked into the binary. A common way to do this would be: -$ CFLAGS="-O3 -funroll-loops" ./configure --disable-shared -$ make clean all +CFLAGS="-O3 -funroll-loops" ./configure --disable-shared +make clean all Comparative measurements of execution speed or instrumentation coverage will be fairly meaningless if the optimization levels or instrumentation scopes don't diff --git a/unicorn_mode/README.md b/unicorn_mode/README.md index 86683839..f6bd4d12 100644 --- a/unicorn_mode/README.md +++ b/unicorn_mode/README.md @@ -29,8 +29,8 @@ Once that completes successfully you need to build and add in the Unicorn Mode features: ``` -$ cd unicorn_mode -$ ./build_unicorn_support.sh +cd unicorn_mode +./build_unicorn_support.sh ``` NOTE: This script checks out a Unicorn Engine fork as submodule that has been tested @@ -71,7 +71,7 @@ Once you have all those things ready to go you just need to run afl-fuzz in 'unicorn-mode' by passing in the '-U' flag: ``` -$ afl-fuzz -U -m none -i /path/to/inputs -o /path/to/results -- ./test_harness @@ +afl-fuzz -U -m none -i /path/to/inputs -o /path/to/results -- ./test_harness @@ ``` The normal afl-fuzz command line format applies to everything here. Refer to -- cgit 1.4.1 From aace0d119228aeb847e97f9dae50b8e0738eed90 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Wed, 27 May 2020 11:28:29 +0200 Subject: code format --- docs/Changelog.md | 1 + docs/INSTALL.md | 4 ++-- src/afl-fuzz-one.c | 26 ++++++++++++++------------ 3 files changed, 17 insertions(+), 14 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 18acfba4..d95f7367 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -16,6 +16,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. exactly one master is present and warn otherwise - If no master is present at a sync one slave automatically becomes a temporary master until a real master shows up + - fix/update to MOpt (thanks to arnow117) - llvm_mode: - the default instrumentation is now PCGUARD, as it is faster and provides better coverage. The original afl instrumentation can be set via diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 0f9673ad..766f24d7 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -17,7 +17,7 @@ You can start using the fuzzer without installation, but it is also possible to install it with: ```bash -make install +sudo make install ``` There are no special dependencies to speak of; you will need GNU make and a @@ -46,7 +46,7 @@ please install it first. As on Linux, you can use the fuzzer itself without installation, or install it with: ``` -gmake install +sudo gmake install ``` Keep in mind that if you are using csh as your shell, the syntax of some of the diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c index 5b1a2cba..56f16b4c 100644 --- a/src/afl-fuzz-one.c +++ b/src/afl-fuzz-one.c @@ -4251,7 +4251,7 @@ pacemaker_fuzzing: afl->queued_paths + afl->unique_crashes - temp_total_found; afl->total_puppet_find = afl->total_puppet_find + temp_temp_puppet; - if (MOpt_globals.is_pilot_mode){ + if (MOpt_globals.is_pilot_mode) { for (i = 0; i < operator_num; ++i) { @@ -4265,13 +4265,14 @@ pacemaker_fuzzing: } else { - for (i = 0; i < operator_num; i++) { + for (i = 0; i < operator_num; i++) { - if (afl->core_operator_cycles_puppet_v2[i] > afl->core_operator_cycles_puppet_v3[i]) + if (afl->core_operator_cycles_puppet_v2[i] > + afl->core_operator_cycles_puppet_v3[i]) - afl->core_operator_finds_puppet_v2[i] += temp_temp_puppet; + afl->core_operator_finds_puppet_v2[i] += temp_temp_puppet; - } + } } @@ -4545,14 +4546,15 @@ pacemaker_fuzzing: } else { - for (i = 0; i < operator_num; i++) - { + for (i = 0; i < operator_num; i++) { - afl->core_operator_finds_puppet[i] = afl->core_operator_finds_puppet_v2[i]; - afl->core_operator_cycles_puppet[i] = afl->core_operator_cycles_puppet_v2[i]; - temp_stage_finds_puppet += afl->core_operator_finds_puppet[i]; - - } + afl->core_operator_finds_puppet[i] = + afl->core_operator_finds_puppet_v2[i]; + afl->core_operator_cycles_puppet[i] = + afl->core_operator_cycles_puppet_v2[i]; + temp_stage_finds_puppet += afl->core_operator_finds_puppet[i]; + + } afl->key_module = 2; -- cgit 1.4.1 From af670ca138e7d34c42a656a9cb145f0bef91b3fe Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Wed, 27 May 2020 17:17:33 +0200 Subject: enable snapshot lkm for llvm_mode persistent mode --- docs/Changelog.md | 1 + llvm_mode/afl-clang-fast.c | 2 ++ llvm_mode/afl-llvm-rt.o.c | 2 +- 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index d95f7367..e7ba208c 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -31,6 +31,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. - fixed crash in compare-transform-pass when strcasecmp/strncasecmp was tried to be instrumented with LTO - fixed crash in cmplog with LTO + - enable snapshot lkm also for persistent mode - persistent mode shared memory testcase handover (instead of via files/stdin) - 10-100% performance increase - General support for 64 bit PowerPC, RiscV, Sparc etc. diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index 64231a4e..0b081ae6 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -206,6 +206,8 @@ static void edit_params(u32 argc, char **argv, char **envp) { } + cc_params[cc_par_cnt++] = "-Wno-unused-command-line-argument"; + if (lto_mode && cpp_mode) cc_params[cc_par_cnt++] = "-lc++"; // needed by fuzzbench, early diff --git a/llvm_mode/afl-llvm-rt.o.c b/llvm_mode/afl-llvm-rt.o.c index 08733db4..3a0584e4 100644 --- a/llvm_mode/afl-llvm-rt.o.c +++ b/llvm_mode/afl-llvm-rt.o.c @@ -519,7 +519,7 @@ static void __afl_start_snapshots(void) { static void __afl_start_forkserver(void) { #ifdef __linux__ - if (!is_persistent && !__afl_cmp_map && !getenv("AFL_NO_SNAPSHOT") && + if (/*!is_persistent &&*/ !__afl_cmp_map && !getenv("AFL_NO_SNAPSHOT") && afl_snapshot_init() >= 0) { __afl_start_snapshots(); -- cgit 1.4.1 From ef8d2528431c45ab3424969bd57b976979665f05 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Thu, 28 May 2020 01:29:57 +0200 Subject: fix Dockerfile --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index b59e91fb..5835d205 100644 --- a/Dockerfile +++ b/Dockerfile @@ -52,7 +52,7 @@ ARG LLVM_CONFIG=llvm-config-11 RUN git clone https://github.com/AFLplusplus/AFLplusplus -RUN cd AFLplusplus && export REAL_CXX=g++ && make distrib && \ - make install && cd .. && make clean +RUN cd AFLplusplus && export REAL_CXX=g++-10 && make distrib && \ + make install && make clean ENV AFL_SKIP_CPUFREQ=1 -- cgit 1.4.1 From 8a2656681f27bd5356368736d5b0d836391ce2aa Mon Sep 17 00:00:00 2001 From: hexcoder- <heiko@hexco.de> Date: Thu, 28 May 2020 08:27:21 +0200 Subject: GNUmakefile: make binary-only: make qemu build optional, so unicornafl can be build --- GNUmakefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/GNUmakefile b/GNUmakefile index 14ecfaad..8f559391 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -503,7 +503,7 @@ distrib: all radamsa $(MAKE) -C examples/afl_network_proxy $(MAKE) -C examples/socket_fuzzing $(MAKE) -C examples/argv_fuzzing - cd qemu_mode && sh ./build_qemu_support.sh + -cd qemu_mode && sh ./build_qemu_support.sh cd unicorn_mode && sh ./build_unicorn_support.sh binary-only: all radamsa @@ -512,7 +512,7 @@ binary-only: all radamsa $(MAKE) -C examples/afl_network_proxy $(MAKE) -C examples/socket_fuzzing $(MAKE) -C examples/argv_fuzzing - cd qemu_mode && sh ./build_qemu_support.sh + -cd qemu_mode && sh ./build_qemu_support.sh cd unicorn_mode && sh ./build_unicorn_support.sh source-only: all radamsa -- cgit 1.4.1 From 92be4ea871027416264570d21c1e0a88e18768f4 Mon Sep 17 00:00:00 2001 From: ivachyou <ivachyou@gmail.com> Date: Thu, 28 May 2020 16:42:38 +0700 Subject: change qemu-mode AFL_REGS_NUM to 16 for TARGET_ARM --- qemu_mode/patches/afl-qemu-common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/qemu_mode/patches/afl-qemu-common.h b/qemu_mode/patches/afl-qemu-common.h index dbdb41bc..057e1b62 100644 --- a/qemu_mode/patches/afl-qemu-common.h +++ b/qemu_mode/patches/afl-qemu-common.h @@ -42,7 +42,7 @@ #ifdef CPU_NB_REGS #define AFL_REGS_NUM CPU_NB_REGS #elif TARGET_ARM - #define AFL_REGS_NUM 32 + #define AFL_REGS_NUM 16 #elif TARGET_AARCH64 #define AFL_REGS_NUM 32 #else -- cgit 1.4.1 From b87d97aa2b664f1a5ea90612ba7543b38bc6d24f Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Thu, 28 May 2020 14:34:50 +0200 Subject: make dockerfile better --- Dockerfile | 16 ++++++++++------ README.md | 10 +++++++++- 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5835d205..905e8265 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,8 +11,8 @@ LABEL "about"="AFLplusplus docker image" ARG DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get -y install \ - --no-install-suggests --no-install-recommends \ +RUN apt-get update && apt-get upgrade -y && \ + apt-get -y install --no-install-suggests --no-install-recommends \ automake \ bison flex \ build-essential \ @@ -21,7 +21,7 @@ RUN apt-get update && apt-get -y install \ libtool libtool-bin \ libglib2.0-dev \ wget vim jupp nano \ - apt-utils apt-transport-https ca-certificates gnupg \ + apt-utils apt-transport-https ca-certificates gnupg dialog \ libpixman-1-dev RUN echo deb http://apt.llvm.org/focal/ llvm-toolchain-focal main >> /etc/apt/sources.list && \ @@ -33,7 +33,7 @@ RUN echo deb http://ppa.launchpad.net/ubuntu-toolchain-r/test/ubuntu focal main RUN apt-get update && apt-get upgrade -y RUN apt-get install -y gcc-10 g++-10 gcc-10-plugin-dev gcc-10-multilib \ - libc++-10-dev gdb + libc++-10-dev gdb lcov RUN apt-get install -y clang-11 clang-tools-11 libc++1-11 libc++-11-dev \ libc++abi1-11 libc++abi-11-dev libclang1-11 libclang-11-dev \ @@ -44,15 +44,19 @@ RUN apt-get install -y clang-11 clang-tools-11 libc++1-11 libc++-11-dev \ RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 0 RUN update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-10 0 -RUN rm -rf /var/lib/apt/lists/* +RUN rm -rf /var/cache/apt/archives/* ARG CC=gcc-10 ARG CXX=g++-10 ARG LLVM_CONFIG=llvm-config-11 RUN git clone https://github.com/AFLplusplus/AFLplusplus - RUN cd AFLplusplus && export REAL_CXX=g++-10 && make distrib && \ make install && make clean +RUN git clone https://github.com/vanhauser-thc/afl-cov afl-cov +RUN cd afl-cov && make install + +RUN echo 'alias joe="jupp --wordwrap"' >> ~/.bashrc + ENV AFL_SKIP_CPUFREQ=1 diff --git a/README.md b/README.md index 1c730ec1..a906a2c0 100644 --- a/README.md +++ b/README.md @@ -133,7 +133,15 @@ For everyone who wants to contribute (and send pull requests) please read ## Building and installing afl++ -afl++ has many build options. +An easy way to install afl++ with everything compiled is available via docker: +```shell +docker pull aflplusplus/aflplusplus +docker run -ti -v /location/of/your/target:/src aflplusplus/aflplusplus +``` +This container is automatically generated when a push to master happens. +You will find your target source code in /src in the container. + +If you want to build afl++ yourself you have many options. The easiest is to build and install everything: ```shell -- cgit 1.4.1 From eb7d1e22e5b644341e62f21f1ab711dee20c1977 Mon Sep 17 00:00:00 2001 From: van Hauser <vh@thc.org> Date: Thu, 28 May 2020 22:56:15 +0200 Subject: simplify u64 --- include/types.h | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/include/types.h b/include/types.h index d1e44617..77b7ae74 100644 --- a/include/types.h +++ b/include/types.h @@ -54,24 +54,7 @@ typedef uint32_t u32; #define FS_OPT_SET_MAPSIZE(x) \ (x <= 1 || x > FS_OPT_MAX_MAPSIZE ? 0 : ((x - 1) << 1)) -/* - - Ugh. There is an unintended compiler / glibc #include glitch caused by - combining the u64 type an %llu in format strings, necessitating a workaround. - - In essence, the compiler is always looking for 'unsigned long long' for %llu. - On 32-bit systems, the u64 type (aliased to uint64_t) is expanded to - 'unsigned long long' in <bits/types.h>, so everything checks out. - - But on 64-bit systems, it is #ifdef'ed in the same file as 'unsigned long'. - - */ - -#ifdef __LP64__ typedef unsigned long long u64; -#else -typedef uint64_t u64; -#endif /* ^__x86_64__ */ typedef int8_t s8; typedef int16_t s16; -- cgit 1.4.1 From 7cf01b10b70c3ab768b9275910741dc9da6ab35b Mon Sep 17 00:00:00 2001 From: Artem Ivachev <ivachyou@gmail.com> Date: Fri, 29 May 2020 04:28:32 +0700 Subject: Delete action.yml --- action.yml | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 action.yml diff --git a/action.yml b/action.yml deleted file mode 100644 index 64610282..00000000 --- a/action.yml +++ /dev/null @@ -1,13 +0,0 @@ -- name: Login to docker hub - uses: actions-hub/docker/login@master - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - -- name: Build :latest - run: docker build -t aflplusplus:latest . - -- name: Push to docker hub :latest - uses: actions-hub/docker@master - with: - args: push aflplusplus:latest -- cgit 1.4.1 From 92b7974f4407b105c597c65e3da5010a4e4c4782 Mon Sep 17 00:00:00 2001 From: hexcoder- <heiko@hexco.de> Date: Fri, 29 May 2020 12:07:09 +0200 Subject: .gitignore: add *.pyc --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index ab890bf3..505a4ecb 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,7 @@ .test2 *.o *.so +*.pyc afl-analyze afl-as afl-clang -- cgit 1.4.1 From 9c286da29bb76e4d9353b9a2a44b8f001ffe4890 Mon Sep 17 00:00:00 2001 From: hexcoder- <heiko@hexco.de> Date: Fri, 29 May 2020 12:10:45 +0200 Subject: gcc_plugin: better error message when compiler and plugin versions do not match --- gcc_plugin/afl-gcc-pass.so.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gcc_plugin/afl-gcc-pass.so.cc b/gcc_plugin/afl-gcc-pass.so.cc index e6a4a766..d9954762 100644 --- a/gcc_plugin/afl-gcc-pass.so.cc +++ b/gcc_plugin/afl-gcc-pass.so.cc @@ -49,7 +49,7 @@ #define BUILD_INLINE_INST -#include "../config.h" +#include "../include/config.h" #include "../include/debug.h" /* clear helper macros AFL types pull in, which intervene with gcc-plugin @@ -502,7 +502,7 @@ int plugin_is_GPL_compatible = 1; static struct plugin_info afl_plugin_info = { - .version = "20191015", + .version = "20200519", .help = "AFL++ gcc plugin\n", }; @@ -528,7 +528,7 @@ int plugin_init(struct plugin_name_args * plugin_info, if (!plugin_default_version_check(version, &gcc_version)) { - FATAL(G_("Incompatible gcc/plugin versions!")); + FATAL(G_("Incompatible gcc/plugin versions! Expected GCC %d.%d"), GCCPLUGIN_VERSION_MAJOR, GCCPLUGIN_VERSION_MINOR); } -- cgit 1.4.1 From c3b864d8d4dfaf148158a689df0c5ddf4bcc1f32 Mon Sep 17 00:00:00 2001 From: hexcoder- <heiko@hexco.de> Date: Fri, 29 May 2020 12:55:46 +0200 Subject: add Perl dictionaries from RootUp --- dictionaries/perl.dict | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 dictionaries/perl.dict diff --git a/dictionaries/perl.dict b/dictionaries/perl.dict new file mode 100644 index 00000000..580a2248 --- /dev/null +++ b/dictionaries/perl.dict @@ -0,0 +1,16 @@ + +# +# AFL dictionary for fuzzing Perl +# -------------------------------- +# +# Created by @RandomDhiraj +# + +"<:crlf" +"fwrite()" +"fread()" +":raw:utf8" +":raw:eol(LF)" +"Perl_invert()" +":raw:eol(CRLF)" +"Perl_PerlIO_eof()" -- cgit 1.4.1