From 194188fe56f06dfc49aef9066e96bf90bc4fbe71 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Tue, 4 Aug 2020 21:33:29 +0200 Subject: split up testcases --- test/test-basic.sh | 125 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 125 insertions(+) create mode 100644 test/test-basic.sh (limited to 'test/test-basic.sh') diff --git a/test/test-basic.sh b/test/test-basic.sh new file mode 100644 index 00000000..3f25288b --- /dev/null +++ b/test/test-basic.sh @@ -0,0 +1,125 @@ +#!/bin/sh + +source ./test-pre.sh + +$ECHO "$BLUE[*] Testing: ${AFL_GCC}, afl-showmap, afl-fuzz, afl-cmin and afl-tmin" +test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc" -o "$SYS" = "i386" && { + test -e ../${AFL_GCC} -a -e ../afl-showmap -a -e ../afl-fuzz && { + ../${AFL_GCC} -o test-instr.plain ../test-instr.c > /dev/null 2>&1 + AFL_HARDEN=1 ../${AFL_GCC} -o test-compcov.harden test-compcov.c > /dev/null 2>&1 + test -e test-instr.plain && { + $ECHO "$GREEN[+] ${AFL_GCC} compilation succeeded" + echo 0 | ../afl-showmap -m ${MEM_LIMIT} -o test-instr.plain.0 -r -- ./test-instr.plain > /dev/null 2>&1 + ../afl-showmap -m ${MEM_LIMIT} -o test-instr.plain.1 -r -- ./test-instr.plain < /dev/null > /dev/null 2>&1 + test -e test-instr.plain.0 -a -e test-instr.plain.1 && { + diff test-instr.plain.0 test-instr.plain.1 > /dev/null 2>&1 && { + $ECHO "$RED[!] ${AFL_GCC} instrumentation should be different on different input but is not" + CODE=1 + } || { + $ECHO "$GREEN[+] ${AFL_GCC} instrumentation present and working correctly" + } + } || { + $ECHO "$RED[!] ${AFL_GCC} instrumentation failed" + CODE=1 + } + rm -f test-instr.plain.0 test-instr.plain.1 + TUPLES=`echo 0|../afl-showmap -m ${MEM_LIMIT} -o /dev/null -- ./test-instr.plain 2>&1 | grep Captur | awk '{print$3}'` + test "$TUPLES" -gt 3 -a "$TUPLES" -lt 11 && { + $ECHO "$GREEN[+] ${AFL_GCC} run reported $TUPLES instrumented locations which is fine" + } || { + $ECHO "$RED[!] ${AFL_GCC} instrumentation produces weird numbers: $TUPLES" + CODE=1 + } + } || { + $ECHO "$RED[!] ${AFL_GCC} failed" + echo CUT------------------------------------------------------------------CUT + uname -a + ../${AFL_GCC} -o test-instr.plain ../test-instr.c + echo CUT------------------------------------------------------------------CUT + CODE=1 + } + test -e test-compcov.harden && { + grep -Eq$GREPAOPTION 'stack_chk_fail|fstack-protector-all|fortified' test-compcov.harden > /dev/null 2>&1 && { + $ECHO "$GREEN[+] ${AFL_GCC} hardened mode succeeded and is working" + } || { + $ECHO "$RED[!] ${AFL_GCC} hardened mode is not hardened" + CODE=1 + } + rm -f test-compcov.harden + } || { + $ECHO "$RED[!] ${AFL_GCC} hardened mode compilation failed" + CODE=1 + } + # now we want to be sure that afl-fuzz is working + # make sure core_pattern is set to core on linux + (test "$(uname -s)" = "Linux" && test "$(sysctl kernel.core_pattern)" != "kernel.core_pattern = core" && { + $ECHO "$YELLOW[-] we should not run afl-fuzz with enabled core dumps. Run 'sudo sh afl-system-config'.$RESET" + true + }) || + # make sure crash reporter is disabled on Mac OS X + (test "$(uname -s)" = "Darwin" && test $(launchctl list 2>/dev/null | grep -q '\.ReportCrash$') && { + $ECHO "$RED[!] we cannot run afl-fuzz with enabled crash reporter. Run 'sudo sh afl-system-config'.$RESET" + true + }) || { + mkdir -p in + echo 0 > in/in + $ECHO "$GREY[*] running afl-fuzz for ${AFL_GCC}, this will take approx 10 seconds" + { + ../afl-fuzz -V10 -m ${MEM_LIMIT} -i in -o out -- ./test-instr.plain >>errors 2>&1 + } >>errors 2>&1 + test -n "$( ls out/queue/id:000002* 2>/dev/null )" && { + $ECHO "$GREEN[+] afl-fuzz is working correctly with ${AFL_GCC}" + } || { + echo CUT------------------------------------------------------------------CUT + cat errors + echo CUT------------------------------------------------------------------CUT + $ECHO "$RED[!] afl-fuzz is not working correctly with ${AFL_GCC}" + CODE=1 + } + echo 000000000000000000000000 > in/in2 + echo 111 > in/in3 + mkdir -p in2 + ../afl-cmin -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null 2>&1 # why is afl-forkserver writing to stderr? + CNT=`ls in2/* 2>/dev/null | wc -l` + case "$CNT" in + *2) $ECHO "$GREEN[+] afl-cmin correctly minimized the number of testcases" ;; + *) $ECHO "$RED[!] afl-cmin did not correctly minimize the number of testcases ($CNT)" + CODE=1 + ;; + esac + rm -f in2/in* + export AFL_QUIET=1 + if command -v bash >/dev/null ; then { + ../afl-cmin.bash -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null + CNT=`ls in2/* 2>/dev/null | wc -l` + case "$CNT" in + *2) $ECHO "$GREEN[+] afl-cmin.bash correctly minimized the number of testcases" ;; + *) $ECHO "$RED[!] afl-cmin.bash did not correctly minimize the number of testcases ($CNT)" + CODE=1 + ;; + esac + } else { + $ECHO "$YELLOW[-] no bash available, cannot test afl-cmin.bash" + INCOMPLETE=1 + } + fi + ../afl-tmin -m ${MEM_LIMIT} -i in/in2 -o in2/in2 -- ./test-instr.plain > /dev/null 2>&1 + SIZE=`ls -l in2/in2 2>/dev/null | awk '{print$5}'` + test "$SIZE" = 1 && $ECHO "$GREEN[+] afl-tmin correctly minimized the testcase" + test "$SIZE" = 1 || { + $ECHO "$RED[!] afl-tmin did incorrectly minimize the testcase to $SIZE" + CODE=1 + } + rm -rf in out errors in2 + unset AFL_QUIET + } + rm -f test-instr.plain + } || { + $ECHO "$YELLOW[-] afl is not compiled, cannot test" + INCOMPLETE=1 + } +} || { + $ECHO "$YELLOW[-] not an intel platform, cannot test afl-gcc" +} + +source ./test-post.sh -- cgit 1.4.1 From 8850e1a5bf8436ccb77e43a91cbcdb4316692036 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Tue, 4 Aug 2020 21:47:21 +0200 Subject: chmod for testcase --- test/test-basic.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 test/test-basic.sh (limited to 'test/test-basic.sh') diff --git a/test/test-basic.sh b/test/test-basic.sh old mode 100644 new mode 100755 -- cgit 1.4.1 From 79f873a5979a118938c46a74aded85eeaba7db1b Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Tue, 4 Aug 2020 21:57:56 +0200 Subject: posix compatible sourcing --- test/test-all.sh | 22 +++++++++++----------- test/test-basic.sh | 4 ++-- test/test-compcov.sh | 4 ++-- test/test-custom-mutators.sh | 4 ++-- test/test-gcc-plugin.sh | 4 ++-- test/test-llvm-lto.sh | 4 ++-- test/test-llvm.sh | 4 ++-- test/test-qemu-mode.sh | 4 ++-- test/test-unicorn-mode.sh | 4 ++-- test/test-unittests.sh | 4 ++-- 10 files changed, 29 insertions(+), 29 deletions(-) (limited to 'test/test-basic.sh') diff --git a/test/test-all.sh b/test/test-all.sh index 53251979..7175493b 100755 --- a/test/test-all.sh +++ b/test/test-all.sh @@ -1,23 +1,23 @@ #!/bin/sh -source ./test-pre.sh +. ./test-pre.sh -source ./test-basic.sh +. ./test-basic.sh -source ./test-llvm.sh +. ./test-llvm.sh -source ./test-llvm-lto.sh +. ./test-llvm-lto.sh -source ./test-gcc-plugin.sh +. ./test-gcc-plugin.sh -source ./test-compcov.sh +. ./test-compcov.sh -source ./test-qemu-mode.sh +. ./test-qemu-mode.sh -source ./test-unicorn-mode.sh +. ./test-unicorn-mode.sh -source ./test-custom-mutators.sh +. ./test-custom-mutators.sh -source ./test-unittests.sh +. ./test-unittests.sh -source ./test-post.sh +. ./test-post.sh diff --git a/test/test-basic.sh b/test/test-basic.sh index 3f25288b..59269ffe 100755 --- a/test/test-basic.sh +++ b/test/test-basic.sh @@ -1,6 +1,6 @@ #!/bin/sh -source ./test-pre.sh +. ./test-pre.sh $ECHO "$BLUE[*] Testing: ${AFL_GCC}, afl-showmap, afl-fuzz, afl-cmin and afl-tmin" test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc" -o "$SYS" = "i386" && { @@ -122,4 +122,4 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc $ECHO "$YELLOW[-] not an intel platform, cannot test afl-gcc" } -source ./test-post.sh +. ./test-post.sh diff --git a/test/test-compcov.sh b/test/test-compcov.sh index 5becc862..905a4cbc 100755 --- a/test/test-compcov.sh +++ b/test/test-compcov.sh @@ -1,6 +1,6 @@ #!/bin/sh -source ./test-pre.sh +. ./test-pre.sh test -z "$AFL_CC" && unset AFL_CC @@ -48,4 +48,4 @@ test -z "$AFL_CC" && { fi } -source ./test-post.sh +. ./test-post.sh diff --git a/test/test-custom-mutators.sh b/test/test-custom-mutators.sh index f6de4d9e..b0a05e15 100755 --- a/test/test-custom-mutators.sh +++ b/test/test-custom-mutators.sh @@ -1,6 +1,6 @@ #!/bin/sh -source ./test-pre.sh +. ./test-pre.sh $ECHO "$BLUE[*] Testing: custom mutator" test "1" = "`../afl-fuzz | grep -i 'without python' >/dev/null; echo $?`" && { @@ -122,4 +122,4 @@ test "1" = "`../afl-fuzz | grep -i 'without python' >/dev/null; echo $?`" && { INCOMPLETE=1 } -source ./test-post.sh +. ./test-post.sh diff --git a/test/test-gcc-plugin.sh b/test/test-gcc-plugin.sh index adf42f7e..2ed10a72 100755 --- a/test/test-gcc-plugin.sh +++ b/test/test-gcc-plugin.sh @@ -1,6 +1,6 @@ #!/bin/sh -source ./test-pre.sh +. ./test-pre.sh $ECHO "$BLUE[*] Testing: gcc_plugin" test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && { @@ -113,4 +113,4 @@ test -e ../afl-gcc-fast -a -e ../afl-gcc-rt.o && { INCOMPLETE=1 } -source ./test-post.sh +. ./test-post.sh diff --git a/test/test-llvm-lto.sh b/test/test-llvm-lto.sh index 0e7e8ba2..6b327633 100755 --- a/test/test-llvm-lto.sh +++ b/test/test-llvm-lto.sh @@ -1,6 +1,6 @@ #!/bin/sh -source ./test-pre.sh +. ./test-pre.sh $ECHO "$BLUE[*] Testing: LTO llvm_mode" test -e ../afl-clang-lto -a -e ../afl-llvm-lto-instrumentation.so && { @@ -75,4 +75,4 @@ test -e ../afl-clang-lto -a -e ../afl-llvm-lto-instrumentation.so && { INCOMPLETE=1 } -source ./test-post.sh +. ./test-post.sh diff --git a/test/test-llvm.sh b/test/test-llvm.sh index fd2bfd6c..24fc6a34 100755 --- a/test/test-llvm.sh +++ b/test/test-llvm.sh @@ -1,6 +1,6 @@ #!/bin/sh -source ./test-pre.sh +. ./test-pre.sh $ECHO "$BLUE[*] Testing: llvm_mode, afl-showmap, afl-fuzz, afl-cmin and afl-tmin" test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { @@ -227,4 +227,4 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { INCOMPLETE=1 } -source ./test-post.sh \ No newline at end of file +. ./test-post.sh \ No newline at end of file diff --git a/test/test-qemu-mode.sh b/test/test-qemu-mode.sh index 0aa8b86a..85a0b8b5 100755 --- a/test/test-qemu-mode.sh +++ b/test/test-qemu-mode.sh @@ -1,6 +1,6 @@ #!/bin/sh -source ./test-pre.sh +. ./test-pre.sh $ECHO "$BLUE[*] Testing: qemu_mode" test -e ../afl-qemu-trace && { @@ -214,4 +214,4 @@ test -e ../afl-qemu-trace && { INCOMPLETE=1 } -source ./test-post.sh +. ./test-post.sh diff --git a/test/test-unicorn-mode.sh b/test/test-unicorn-mode.sh index efc16647..eb2ad294 100755 --- a/test/test-unicorn-mode.sh +++ b/test/test-unicorn-mode.sh @@ -1,6 +1,6 @@ #!/bin/sh -source ./test-pre.sh +. ./test-pre.sh $ECHO "$BLUE[*] Testing: unicorn_mode" test -d ../unicorn_mode/unicornafl -a -e ../unicorn_mode/unicornafl/samples/shellcode && { @@ -109,4 +109,4 @@ test -d ../unicorn_mode/unicornafl -a -e ../unicorn_mode/unicornafl/samples/shel INCOMPLETE=1 } -source ./test-post.sh +. ./test-post.sh diff --git a/test/test-unittests.sh b/test/test-unittests.sh index 55afc8b6..f540b5f8 100755 --- a/test/test-unittests.sh +++ b/test/test-unittests.sh @@ -1,9 +1,9 @@ #!/bin/sh -source ./test-pre.sh +. ./test-pre.sh $ECHO "$BLUE[*] Execution cmocka Unit-Tests $GREY" unset AFL_CC make -C .. unit || CODE=1 INCOMPLETE=1 : -source ./test-post.sh +. ./test-post.sh -- cgit 1.4.1 From 32558bc8072caa14ee670c6be40af4d183e8ffcc Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Fri, 7 Aug 2020 19:41:39 +0200 Subject: minor test fixes for Raspberry Pi Linux 64-bit --- test/test-basic.sh | 1 + test/test-llvm.sh | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'test/test-basic.sh') diff --git a/test/test-basic.sh b/test/test-basic.sh index 59269ffe..5ce5630b 100755 --- a/test/test-basic.sh +++ b/test/test-basic.sh @@ -120,6 +120,7 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc } } || { $ECHO "$YELLOW[-] not an intel platform, cannot test afl-gcc" + INCOMPLETE=1 } . ./test-post.sh diff --git a/test/test-llvm.sh b/test/test-llvm.sh index 96a7f92a..85cc16f6 100755 --- a/test/test-llvm.sh +++ b/test/test-llvm.sh @@ -193,9 +193,9 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { { mkdir -p in echo 0000000000000000000000000 > in/in - ../afl-fuzz -m none -V10 -i in -o out -c./test-cmplog -- ./test-cmplog >>errors 2>&1 + AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -m none -V60 -i in -o out -c./test-cmplog -- ./test-cmplog >>errors 2>&1 } >>errors 2>&1 - test -n "$( ls out/crashes/id:000000* 2>/dev/null )" && { + test -n "$( ls out/crashes/id:000000* out/hangs/id:000000* 2>/dev/null )" & { $ECHO "$GREEN[+] afl-fuzz is working correctly with llvm_mode cmplog" } || { echo CUT------------------------------------------------------------------CUT -- cgit 1.4.1 From c2706467229f31c8177f150be5a96f937cf138d7 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Mon, 10 Aug 2020 09:37:32 +0200 Subject: fix wrong incomplete --- test/test-basic.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test/test-basic.sh') diff --git a/test/test-basic.sh b/test/test-basic.sh index 5ce5630b..9e4b03c3 100755 --- a/test/test-basic.sh +++ b/test/test-basic.sh @@ -120,7 +120,7 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc } } || { $ECHO "$YELLOW[-] not an intel platform, cannot test afl-gcc" - INCOMPLETE=1 + #this is not incomplete as this feature doesnt exist, so all good } . ./test-post.sh -- cgit 1.4.1