From 3e84d6a2ae7df5f6b9073a91ccc6acef50b45aab Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 27 Apr 2023 11:49:00 +0200 Subject: afl++ -> AFL++ --- test/test-dlopen.c | 2 +- test/test-gcc-plugin.sh | 2 +- test/test-performance.sh | 4 ++-- test/test-pre.sh | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) (limited to 'test') diff --git a/test/test-dlopen.c b/test/test-dlopen.c index b81bab13..39442f93 100644 --- a/test/test-dlopen.c +++ b/test/test-dlopen.c @@ -28,7 +28,7 @@ int main(int argc, char **argv) { } - // must use deferred forkserver as otherwise afl++ instrumentation aborts + // must use deferred forkserver as otherwise AFL++ instrumentation aborts // because all dlopen() of instrumented libs must be before the forkserver __AFL_INIT(); diff --git a/test/test-gcc-plugin.sh b/test/test-gcc-plugin.sh index 54e6987f..3690a80a 100755 --- a/test/test-gcc-plugin.sh +++ b/test/test-gcc-plugin.sh @@ -23,7 +23,7 @@ test -e ../afl-gcc-fast -a -e ../afl-compiler-rt.o && { $ECHO "$GREEN[+] gcc_plugin run reported $TUPLES instrumented locations which is fine" } || { $ECHO "$RED[!] gcc_plugin instrumentation produces a weird numbers: $TUPLES" - $ECHO "$YELLOW[-] this is a known issue in gcc, not afl++. It is not flagged as an error because travis builds would all fail otherwise :-(" + $ECHO "$YELLOW[-] this is a known issue in gcc, not AFL++. It is not flagged as an error because travis builds would all fail otherwise :-(" #CODE=1 } test "$TUPLES" -lt 2 && SKIP=1 diff --git a/test/test-performance.sh b/test/test-performance.sh index d61e2f2a..50957141 100755 --- a/test/test-performance.sh +++ b/test/test-performance.sh @@ -7,7 +7,7 @@ FILE=$AFL_PERFORMANCE_FILE test -z "$FILE" && FILE=.afl_performance test -e $FILE || { - echo Warning: This script measure the performance of afl++ and saves the result for future comparisons into $FILE + echo Warning: This script measure the performance of AFL++ and saves the result for future comparisons into $FILE echo Press ENTER to continue or CONTROL-C to abort read IN } @@ -74,7 +74,7 @@ afl-system-config > /dev/null 2>&1 echo Performance settings applied. echo -$ECHO "${RESET}${GREY}[*] starting afl++ performance test framework ..." +$ECHO "${RESET}${GREY}[*] starting AFL++ performance test framework ..." $ECHO "$BLUE[*] Testing: ${AFL_GCC}" GCC=x diff --git a/test/test-pre.sh b/test/test-pre.sh index b8b286e5..1ca9dfb5 100755 --- a/test/test-pre.sh +++ b/test/test-pre.sh @@ -133,7 +133,7 @@ MEM_LIMIT=none export PATH="${PATH}:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin" -$ECHO "${RESET}${GREY}[*] starting afl++ test framework ..." +$ECHO "${RESET}${GREY}[*] starting AFL++ test framework ..." test -z "$SYS" && $ECHO "$YELLOW[-] uname -m did not succeed" -- cgit v1.2.3 From 6cad585bdc5c335cc2894c97e9aaf6d5fff88e1f Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 27 Apr 2023 18:57:28 +0200 Subject: nits --- test/test-llvm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test') diff --git a/test/test-llvm.sh b/test/test-llvm.sh index 0e66cc97..714bda93 100755 --- a/test/test-llvm.sh +++ b/test/test-llvm.sh @@ -263,7 +263,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { { mkdir -p in echo 00000000000000000000000000000000 > in/in - AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -m none -V15 -i in -o out -c./test-cmplog -- ./test-c >>errors 2>&1 + AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -m none -V30 -i in -o out -c./test-cmplog -- ./test-c >>errors 2>&1 } >>errors 2>&1 test -n "$( ls out/default/crashes/id:000000* out/default/hangs/id:000000* 2>/dev/null )" && { $ECHO "$GREEN[+] afl-fuzz is working correctly with llvm_mode cmplog" -- cgit v1.2.3 From ee2cab73ac6c72095f781da979094f877291a1d6 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 6 Jun 2023 16:42:42 +0200 Subject: reduce false positive ci failures --- test/test-cmplog.c | 6 ++---- test/test-llvm.sh | 2 +- 2 files changed, 3 insertions(+), 5 deletions(-) (limited to 'test') diff --git a/test/test-cmplog.c b/test/test-cmplog.c index bd1b73e3..2ab579b0 100644 --- a/test/test-cmplog.c +++ b/test/test-cmplog.c @@ -8,16 +8,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t i) { - if (i < 30) return -1; + if (i < 15) return -1; if (buf[0] != 'A') return 0; if (buf[1] != 'B') return 0; if (buf[2] != 'C') return 0; if (buf[3] != 'D') return 0; int *icmp = (int *)(buf + 4); if (*icmp != 0x69694141) return 0; - if (memcmp(buf + 8, "1234", 4) || memcmp(buf + 12, "EFGH", 4)) return 0; - if (strncmp(buf + 16, "IJKL", 4) == 0 && strcmp(buf + 20, "DEADBEEF") == 0) - abort(); + if (memcmp(buf + 8, "1234EF", 6) == 0) abort(); return 0; } diff --git a/test/test-llvm.sh b/test/test-llvm.sh index 714bda93..19fb7c1a 100755 --- a/test/test-llvm.sh +++ b/test/test-llvm.sh @@ -263,7 +263,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { { mkdir -p in echo 00000000000000000000000000000000 > in/in - AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -m none -V30 -i in -o out -c./test-cmplog -- ./test-c >>errors 2>&1 + AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -l 3 -m none -V30 -i in -o out -c ./test-cmplog -- ./test-c >>errors 2>&1 } >>errors 2>&1 test -n "$( ls out/default/crashes/id:000000* out/default/hangs/id:000000* 2>/dev/null )" && { $ECHO "$GREEN[+] afl-fuzz is working correctly with llvm_mode cmplog" -- cgit v1.2.3 From 62bacf4fc82194f1f5592d3d487443cef3c2850c Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 6 Jun 2023 16:45:20 +0200 Subject: better cmplog ci --- test/test-frida-mode.sh | 2 +- test/test-qemu-mode.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'test') diff --git a/test/test-frida-mode.sh b/test/test-frida-mode.sh index 3ae84656..8c528da5 100755 --- a/test/test-frida-mode.sh +++ b/test/test-frida-mode.sh @@ -39,7 +39,7 @@ test -e ../afl-frida-trace.so && { test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc" -o "$SYS" = "aarch64" -o ! "${SYS%%arm*}" && { $ECHO "$GREY[*] running afl-fuzz for frida_mode cmplog, this will take approx 10 seconds" { - ../afl-fuzz -m none -V07 -O -c 0 -i in -o out -- ./test-compcov >>errors 2>&1 + ../afl-fuzz -m none -V07 -O -c 0 -l 3 -i in -o out -- ./test-compcov >>errors 2>&1 } >>errors 2>&1 test -n "$( ls out/default/queue/id:000003* 2>/dev/null )" && { $ECHO "$GREEN[+] afl-fuzz is working correctly with frida_mode cmplog" diff --git a/test/test-qemu-mode.sh b/test/test-qemu-mode.sh index 9e268963..8eb7cb67 100755 --- a/test/test-qemu-mode.sh +++ b/test/test-qemu-mode.sh @@ -88,7 +88,7 @@ test -e ../afl-qemu-trace && { test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc" -o "$SYS" = "aarch64" -o ! "${SYS%%arm*}" && { $ECHO "$GREY[*] running afl-fuzz for qemu_mode cmplog, this will take approx 10 seconds" { - ../afl-fuzz -m none -V07 -Q -c 0 -i in -o out -- ./test-compcov >>errors 2>&1 + ../afl-fuzz -m none -V07 -Q -c 0 -l 3 -i in -o out -- ./test-compcov >>errors 2>&1 } >>errors 2>&1 test -n "$( ls out/default/queue/id:000001* 2>/dev/null )" && { $ECHO "$GREEN[+] afl-fuzz is working correctly with qemu_mode cmplog" -- cgit v1.2.3 From f0ccca123ad8f9813ad141ebd243e8c7b96824a1 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 6 Jun 2023 17:32:32 +0200 Subject: fix ci --- test/test-llvm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test') diff --git a/test/test-llvm.sh b/test/test-llvm.sh index 19fb7c1a..95e43b1c 100755 --- a/test/test-llvm.sh +++ b/test/test-llvm.sh @@ -257,7 +257,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { } rm -f test-compcov test.out instrumentlist.txt AFL_LLVM_CMPLOG=1 ../afl-clang-fast -o test-cmplog test-cmplog.c > /dev/null 2>&1 - ../afl-clang-fast -o test-c test-cmplog.c > /dev/null 2>&1 + ../afl-clang-fast -O0 -o test-c test-cmplog.c > /dev/null 2>&1 test -e test-cmplog && { $ECHO "$GREY[*] running afl-fuzz for llvm_mode cmplog, this will take approx 10 seconds" { -- cgit v1.2.3 From 6e5ca0c78c4b982c6d238f66276a9fc4d43b9663 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 6 Jul 2023 14:28:37 +0200 Subject: higher tuples for afl-clang and afl-gcc in tests --- test/test-basic.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'test') diff --git a/test/test-basic.sh b/test/test-basic.sh index 5bb2ca28..61ad4b7c 100755 --- a/test/test-basic.sh +++ b/test/test-basic.sh @@ -28,7 +28,7 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc rm -f test-instr.plain.0 test-instr.plain.1 SKIP= TUPLES=`echo 1|AFL_QUIET=1 ../afl-showmap -m ${MEM_LIMIT} -o /dev/null -- ./test-instr.plain 2>&1 | grep Captur | awk '{print$3}'` - test "$TUPLES" -gt 1 -a "$TUPLES" -lt 12 && { + test "$TUPLES" -gt 1 -a "$TUPLES" -lt 22 && { $ECHO "$GREEN[+] ${AFL_GCC} run reported $TUPLES instrumented locations which is fine" } || { $ECHO "$RED[!] ${AFL_GCC} instrumentation produces weird numbers: $TUPLES" @@ -152,7 +152,7 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc } rm -f test-instr.plain.0 test-instr.plain.1 TUPLES=`echo 1|AFL_QUIET=1 ../afl-showmap -m ${MEM_LIMIT} -o /dev/null -- ./test-instr.plain 2>&1 | grep Captur | awk '{print$3}'` - test "$TUPLES" -gt 1 -a "$TUPLES" -lt 12 && { + test "$TUPLES" -gt 1 -a "$TUPLES" -lt 22 && { $ECHO "$GREEN[+] ${AFL_CLANG} run reported $TUPLES instrumented locations which is fine" } || { $ECHO "$RED[!] ${AFL_CLANG} instrumentation produces weird numbers: $TUPLES" -- cgit v1.2.3 From a46d27fad51a8fdd905bb8771bd73eeb2c054895 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 10 Jul 2023 18:29:21 +0200 Subject: nits --- test/test-libextensions.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test') diff --git a/test/test-libextensions.sh b/test/test-libextensions.sh index 40a898c8..f7f86de5 100755 --- a/test/test-libextensions.sh +++ b/test/test-libextensions.sh @@ -5,7 +5,7 @@ test -z "$AFL_CC" && unset AFL_CC $ECHO "$BLUE[*] Testing: shared library extensions" -cc $CFLAGS -o test-compcov test-compcov.c > /dev/null 2>&1 +cc $CFLAGS -O0 -o test-compcov test-compcov.c > /dev/null 2>&1 test -e ../libtokencap.so && { AFL_TOKEN_FILE=token.out LD_PRELOAD=../libtokencap.so DYLD_INSERT_LIBRARIES=../libtokencap.so DYLD_FORCE_FLAT_NAMESPACE=1 ./test-compcov foobar > /dev/null 2>&1 grep -q BUGMENOT token.out > /dev/null 2>&1 && { -- cgit v1.2.3 From bd1648e707b85b79d816fd8737909789d7d2a09c Mon Sep 17 00:00:00 2001 From: mark0 <757410129@qq.com> Date: Fri, 28 Jul 2023 17:32:59 +0800 Subject: fix the file descriptor without determining null --- test/unittests/unit_rand.c | 1 + 1 file changed, 1 insertion(+) (limited to 'test') diff --git a/test/unittests/unit_rand.c b/test/unittests/unit_rand.c index 1ad02a80..f89b2ab5 100644 --- a/test/unittests/unit_rand.c +++ b/test/unittests/unit_rand.c @@ -67,6 +67,7 @@ static void test_rand_below(void **state) { rand_set_seed(&afl, 1337); afl.fsrv.dev_urandom_fd = open("/dev/urandom", O_RDONLY); + if (afl.fsrv.dev_urandom_fd < 0) { PFATAL("Unable to open /dev/urandom"); } assert(!(rand_below(&afl, 9000) > 9000)); assert_int_equal(rand_below(&afl, 1), 0); -- cgit v1.2.3 From a518c4d75c15e2e0cb8633361a0162eb70c7965b Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Fri, 19 Jan 2024 11:53:44 +0100 Subject: macos --- test/test-basic.sh | 69 ++++++++++++++++++++++++++++++------------------------ test/test-llvm.sh | 28 +++++++++++++--------- 2 files changed, 56 insertions(+), 41 deletions(-) (limited to 'test') diff --git a/test/test-basic.sh b/test/test-basic.sh index 61ad4b7c..7005d3ce 100755 --- a/test/test-basic.sh +++ b/test/test-basic.sh @@ -2,6 +2,7 @@ . ./test-pre.sh +OS=$(uname -s) AFL_GCC=afl-gcc $ECHO "$BLUE[*] Testing: ${AFL_GCC}, afl-showmap, afl-fuzz, afl-cmin and afl-tmin" @@ -61,7 +62,7 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc } # now we want to be sure that afl-fuzz is working # make sure crash reporter is disabled on Mac OS X - (test "$(uname -s)" = "Darwin" && test $(launchctl list 2>/dev/null | grep -q '\.ReportCrash$') && { + (test "$OS" = "Darwin" && test $(launchctl list 2>/dev/null | grep -q '\.ReportCrash$') && { $ECHO "$RED[!] we cannot run afl-fuzz with enabled crash reporter. Run 'sudo sh afl-system-config'.$RESET" true }) || { @@ -84,16 +85,20 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc } echo 000000000000000000000000 > in/in2 echo 111 > in/in3 - mkdir -p in2 - ../afl-cmin -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null 2>&1 # why is afl-forkserver writing to stderr? - CNT=`ls in2/* 2>/dev/null | wc -l` - case "$CNT" in - *2) $ECHO "$GREEN[+] afl-cmin correctly minimized the number of testcases" ;; - *) $ECHO "$RED[!] afl-cmin did not correctly minimize the number of testcases ($CNT)" - CODE=1 - ;; - esac - rm -f in2/in* + test "$OS" = "Darwin" && { + $ECHO "$GREY[*] afl-cmin not available on macOS, cannot test afl-cmin" + } || { + mkdir -p in2 + ../afl-cmin -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null 2>&1 # why is afl-forkserver writing to stderr? + CNT=`ls in2/* 2>/dev/null | wc -l` + case "$CNT" in + *2) $ECHO "$GREEN[+] afl-cmin correctly minimized the number of testcases" ;; + *) $ECHO "$RED[!] afl-cmin did not correctly minimize the number of testcases ($CNT)" + CODE=1 + ;; + esac + rm -f in2/in* + } export AFL_QUIET=1 if command -v bash >/dev/null ; then { ../afl-cmin.bash -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null @@ -182,7 +187,7 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc } # now we want to be sure that afl-fuzz is working # make sure crash reporter is disabled on Mac OS X - (test "$(uname -s)" = "Darwin" && test $(launchctl list 2>/dev/null | grep -q '\.ReportCrash$') && { + (test "$OS" = "Darwin" && test $(launchctl list 2>/dev/null | grep -q '\.ReportCrash$') && { $ECHO "$RED[!] we cannot run afl-fuzz with enabled crash reporter. Run 'sudo sh afl-system-config'.$RESET" true }) || { @@ -204,25 +209,29 @@ test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc } } echo 000000000000000000000000 > in/in2 - echo AAA > in/in3 - mkdir -p in2 - ../afl-cmin -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null 2>&1 # why is afl-forkserver writing to stderr? - CNT=`ls in2/* 2>/dev/null | wc -l` - case "$CNT" in - *2) $ECHO "$GREEN[+] afl-cmin correctly minimized the number of testcases" ;; - \ *1|1) { # allow leading whitecase for portability - test -s in2/* && $ECHO "$YELLOW[?] afl-cmin did minimize to one testcase. This can be a bug or due compiler optimization." - test -s in2/* || { - $ECHO "$RED[!] afl-cmin did not correctly minimize the number of testcases ($CNT)" - CODE=1 + echo AAA > in/in2 + test "$OS" = "Darwin" && { + $ECHO "$GREY[*] afl-cmin not available on macOS, cannot test afl-cmin" + } || { + mkdir -p in2 + ../afl-cmin -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null 2>&1 # why is afl-forkserver writing to stderr? + CNT=`ls in2/* 2>/dev/null | wc -l` + case "$CNT" in + *2) $ECHO "$GREEN[+] afl-cmin correctly minimized the number of testcases" ;; + \ *1|1) { # allow leading whitecase for portability + test -s in2/* && $ECHO "$YELLOW[?] afl-cmin did minimize to one testcase. This can be a bug or due compiler optimization." + test -s in2/* || { + $ECHO "$RED[!] afl-cmin did not correctly minimize the number of testcases ($CNT)" + CODE=1 + } } - } - ;; - *) $ECHO "$RED[!] afl-cmin did not correctly minimize the number of testcases ($CNT)" - CODE=1 - ;; - esac - rm -f in2/in* + ;; + *) $ECHO "$RED[!] afl-cmin did not correctly minimize the number of testcases ($CNT)" + CODE=1 + ;; + esac + rm -f in2/in* + } export AFL_QUIET=1 if command -v bash >/dev/null ; then { ../afl-cmin.bash -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null diff --git a/test/test-llvm.sh b/test/test-llvm.sh index 95e43b1c..53bbd7b4 100755 --- a/test/test-llvm.sh +++ b/test/test-llvm.sh @@ -2,6 +2,8 @@ . ./test-pre.sh +OS=$(uname -s) + $ECHO "$BLUE[*] Testing: llvm_mode, afl-showmap, afl-fuzz, afl-cmin and afl-tmin" test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { ../afl-clang-fast -o test-instr.plain ../test-instr.c > /dev/null 2>&1 @@ -123,7 +125,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { } # now we want to be sure that afl-fuzz is working # make sure crash reporter is disabled on Mac OS X - (test "$(uname -s)" = "Darwin" && test $(launchctl list 2>/dev/null | grep -q '\.ReportCrash$') && { + (test "$OS" = "Darwin" && test $(launchctl list 2>/dev/null | grep -q '\.ReportCrash$') && { $ECHO "$RED[!] we cannot run afl-fuzz with enabled crash reporter. Run 'sudo sh afl-system-config'.$RESET" CODE=1 true @@ -146,18 +148,22 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { } } test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc" || { + mkdir -p in2 echo 000000000000000000000000 > in/in2 echo 111 > in/in3 - mkdir -p in2 - ../afl-cmin -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null 2>&1 # why is afl-forkserver writing to stderr? - CNT=`ls in2/* 2>/dev/null | wc -l` - case "$CNT" in - *2) $ECHO "$GREEN[+] afl-cmin correctly minimized the number of testcases" ;; - *) $ECHO "$RED[!] afl-cmin did not correctly minimize the number of testcases ($CNT)" - CODE=1 - ;; - esac - rm -f in2/in* + test "$OS" = "Darwin" && { + $ECHO "$GREY[*] afl-cmin not available on macOS, cannot test afl-cmin" + } || { + ../afl-cmin -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null 2>&1 # why is afl-forkserver writing to stderr? + CNT=`ls in2/* 2>/dev/null | wc -l` + case "$CNT" in + *2) $ECHO "$GREEN[+] afl-cmin correctly minimized the number of testcases" ;; + *) $ECHO "$RED[!] afl-cmin did not correctly minimize the number of testcases ($CNT)" + CODE=1 + ;; + esac + rm -f in2/in* + } export AFL_QUIET=1 if type bash >/dev/null ; then { ../afl-cmin.bash -m ${MEM_LIMIT} -i in -o in2 -- ./test-instr.plain >/dev/null -- cgit v1.2.3 From de561b730a810dce4589745442474e8ee8024275 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Fri, 19 Jan 2024 12:20:33 +0100 Subject: add compiler test script --- test/test-compilers.sh | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100755 test/test-compilers.sh (limited to 'test') diff --git a/test/test-compilers.sh b/test/test-compilers.sh new file mode 100755 index 00000000..628af423 --- /dev/null +++ b/test/test-compilers.sh @@ -0,0 +1,7 @@ +#!/bin/sh +echo Testing compilers ... +for cc in afl-cc afl-gcc afl-clang afl-clang-fast afl-clang-lto afl-gcc-fast; do + test -e ../$cc && { ../$cc -o t ../test-instr.c >/dev/null 2<&1 || echo Failing: $cc ; } || echo Missing: $cc +done +rm -f t +echo Done! -- cgit v1.2.3 From 227c1a7002dcb1042e4a02ec1f060bf408913b8c Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 23 Jan 2024 19:55:35 +0100 Subject: improve compiler test script --- test/test-compilers.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test') diff --git a/test/test-compilers.sh b/test/test-compilers.sh index 628af423..b47cf38d 100755 --- a/test/test-compilers.sh +++ b/test/test-compilers.sh @@ -1,7 +1,7 @@ #!/bin/sh echo Testing compilers ... for cc in afl-cc afl-gcc afl-clang afl-clang-fast afl-clang-lto afl-gcc-fast; do - test -e ../$cc && { ../$cc -o t ../test-instr.c >/dev/null 2<&1 || echo Failing: $cc ; } || echo Missing: $cc + test -e ../$cc && { { ../$cc -o t ../test-instr.c >/dev/null 2<&1 && echo Success: $cc ; } || echo Failing: $cc ; } || echo Missing: $cc done rm -f t echo Done! -- cgit v1.2.3 From 9604fe922ede9282a06a89b8d18d4de267aebd54 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 30 Jan 2024 15:06:34 +0100 Subject: nyx test for CI --- test/test-all.sh | 2 ++ test/test-nyx-mode.sh | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++ test/test-pre.sh | 2 +- 3 files changed, 72 insertions(+), 1 deletion(-) create mode 100755 test/test-nyx-mode.sh (limited to 'test') diff --git a/test/test-all.sh b/test/test-all.sh index 3cb692ca..65cfb812 100755 --- a/test/test-all.sh +++ b/test/test-all.sh @@ -16,6 +16,8 @@ . ./test-frida-mode.sh +. ./test-nyx-mode.sh + . ./test-unicorn-mode.sh . ./test-custom-mutators.sh diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh new file mode 100755 index 00000000..913a6d07 --- /dev/null +++ b/test/test-nyx-mode.sh @@ -0,0 +1,69 @@ +#!/bin/sh + +. ./test-pre.sh + +$ECHO "$BLUE[*] Testing: nyx_mode" + +test -e ../libnyx.so && { + ../afl-cc -o test-instr ../test-instr.c >/dev/null 2>&1 + test -e test-instr && { + { + rm -rf nyx-test in out + $ECHO "$GREY[*] running nyx_packer" + python3 ../nyx_mode/packer/packer/nyx_packer.py \ + ./test-instr \ + nyx-test \ + afl \ + instrumentation \ + --fast_reload_mode \ + --purge > /dev/null 2>&1 + + test -e nyx-test/test-instr && { + + $ECHO "$GREY[*] running nyx_config_gen" + python3 ../nyx_mode/packer/packer/nyx_config_gen.py nyx-test Kernel > /dev/null 2>&1 + + test -e nyx-test/config.ron && { + sudo modprobe -r kvm-intel + sudo modprobe -r kvm + sudo modprobe kvm enable_vmware_backdoor=y + sudo modprobe kvm-intel + #cat /sys/module/kvm/parameters/enable_vmware_backdoor + + mkdir -p in + echo 00000 > in/in + $ECHO "$GREY[*] running afl-fuzz for nyx_mode, this will take approx 10 seconds" + { + AFL_DEBUG=1 ../afl-fuzz -i in -o out -V05 -X -- ./nyx-test >>errors 2>&1 + } >>errors 2>&1 + test -n "$( ls out/default/queue/id:000002* 2>/dev/null )" && { + $ECHO "$GREEN[+] afl-fuzz is working correctly with nyx_mode" + RUNTIME=`grep execs_done out/default/fuzzer_stats | awk '{print$3}'` + rm -rf errors nyx-test test-instr in out + } || { + echo CUT------------------------------------------------------------------CUT + cat errors + echo CUT------------------------------------------------------------------CUT + $ECHO "$RED[!] afl-fuzz is not working correctly with nyx_mode" + CODE=1 + } + } || { + $ECHO "$RED[!] nyx_packer failed, likely install requirements not met." + CODE=1 + } + } || { + $ECHO "$RED[!] nyx_packer failed, likely install requirements not met." + CODE=1 + } + #rm -rf test-instr in out errors nyx-test + } + } || { + $ECHO "$RED[!] afl-cc compilation of test targets failed - what is going on??" + CODE=1 + } +} || { + $ECHO "$YELLOW[-] nyx_mode is not compiled, cannot test" + INCOMPLETE=1 +} + +. ./test-post.sh diff --git a/test/test-pre.sh b/test/test-pre.sh index 1ca9dfb5..ce996415 100755 --- a/test/test-pre.sh +++ b/test/test-pre.sh @@ -20,7 +20,7 @@ echo foobar | grep -qE 'asd|oob' 2>/dev/null || { echo Error: grep command does test -e ./test-all.sh || cd $(dirname $0) || exit 1 test -e ./test-all.sh || { echo Error: you must be in the test/ directory ; exit 1 ; } export AFL_PATH=`pwd`/.. -export AFL_NO_AFFINITY=1 # workaround for travis that fails for no avail cores +export AFL_TRY_AFFINITY=1 # workaround for travis that fails for no avail cores echo 1 > test.1 echo 1 > test.2 -- cgit v1.2.3 From da5d3d63e20d7c522db06d7f8439ad3e386e2006 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Wed, 31 Jan 2024 17:00:04 +0100 Subject: test error output --- test/test-nyx-mode.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index 913a6d07..1d97045b 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -5,7 +5,7 @@ $ECHO "$BLUE[*] Testing: nyx_mode" test -e ../libnyx.so && { - ../afl-cc -o test-instr ../test-instr.c >/dev/null 2>&1 + ../afl-cc -o test-instr ../test-instr.c > errors 2>&1 test -e test-instr && { { rm -rf nyx-test in out @@ -58,6 +58,9 @@ test -e ../libnyx.so && { #rm -rf test-instr in out errors nyx-test } } || { + echo CUT------------------------------------------------------------------CUT + cat errors + echo CUT------------------------------------------------------------------CUT $ECHO "$RED[!] afl-cc compilation of test targets failed - what is going on??" CODE=1 } -- cgit v1.2.3 From 3768933c92cd03e7810c856cf3c89e2d589b29dd Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Wed, 31 Jan 2024 17:43:37 +0100 Subject: debug ci --- test/test-nyx-mode.sh | 3 +++ 1 file changed, 3 insertions(+) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index 1d97045b..bfb2e8b7 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -42,6 +42,9 @@ test -e ../libnyx.so && { rm -rf errors nyx-test test-instr in out } || { echo CUT------------------------------------------------------------------CUT + afl-cc + afl-cc -v + clang -v cat errors echo CUT------------------------------------------------------------------CUT $ECHO "$RED[!] afl-fuzz is not working correctly with nyx_mode" -- cgit v1.2.3 From 970e0b14ce16c04a25ae90be81a933d943a04410 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 1 Feb 2024 08:13:52 +0100 Subject: debug ci --- test/test-nyx-mode.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index bfb2e8b7..95829828 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -42,9 +42,8 @@ test -e ../libnyx.so && { rm -rf errors nyx-test test-instr in out } || { echo CUT------------------------------------------------------------------CUT - afl-cc - afl-cc -v - clang -v + ../afl-cc + ../afl-cc -v cat errors echo CUT------------------------------------------------------------------CUT $ECHO "$RED[!] afl-fuzz is not working correctly with nyx_mode" -- cgit v1.2.3 From 5da5d6e0dfe1e3f8a0068d9289ecc34dd8a7b6af Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 1 Feb 2024 08:48:35 +0100 Subject: debug ci --- test/test-nyx-mode.sh | 3 +++ 1 file changed, 3 insertions(+) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index 95829828..7cffb321 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -4,6 +4,9 @@ $ECHO "$BLUE[*] Testing: nyx_mode" +env|grep -E 'NYX|AFL' +ls -al ../libnyx.so +ls -al ../afl-cc ../*.so test -e ../libnyx.so && { ../afl-cc -o test-instr ../test-instr.c > errors 2>&1 test -e test-instr && { -- cgit v1.2.3 From 123ec5d1361e922201e86fd20016c78900b329b8 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 1 Feb 2024 09:06:34 +0100 Subject: debug ci --- test/test-nyx-mode.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index 7cffb321..f2d217e9 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -4,9 +4,11 @@ $ECHO "$BLUE[*] Testing: nyx_mode" -env|grep -E 'NYX|AFL' -ls -al ../libnyx.so -ls -al ../afl-cc ../*.so +ls -al ../libnyx.so ../afl-* ../*.so +../afl-cc -h +../afl-clang-fast -h +../afl-clang-fast -v + test -e ../libnyx.so && { ../afl-cc -o test-instr ../test-instr.c > errors 2>&1 test -e test-instr && { -- cgit v1.2.3 From 6e6d91b6b08db7cbcbc1efd0bf7b6f9ed5d85078 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 1 Feb 2024 09:23:01 +0100 Subject: debug ci --- test/test-nyx-mode.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index f2d217e9..99267ece 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -6,9 +6,12 @@ $ECHO "$BLUE[*] Testing: nyx_mode" ls -al ../libnyx.so ../afl-* ../*.so ../afl-cc -h -../afl-clang-fast -h ../afl-clang-fast -v - +echo AFL-CC +AFL_DEBUG=1 ../afl-cc -v -o test-inst ../test-instr.c 2>&1 +echo AFL-CLANG-FAST +AFL_DEBUG=1 ../afl-clang-fast -v -o test-inst ../test-instr.c 2>&1 +ls -l test-instr test -e ../libnyx.so && { ../afl-cc -o test-instr ../test-instr.c > errors 2>&1 test -e test-instr && { -- cgit v1.2.3 From 97ba817aa78888b318a76fa278a6fc4454cec1b7 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 1 Feb 2024 09:56:31 +0100 Subject: debug ci --- test/test-nyx-mode.sh | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index 99267ece..5b63d1b7 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -4,13 +4,11 @@ $ECHO "$BLUE[*] Testing: nyx_mode" +apt-cache search clang|grep -E '^clang-1' ls -al ../libnyx.so ../afl-* ../*.so ../afl-cc -h -../afl-clang-fast -v echo AFL-CC AFL_DEBUG=1 ../afl-cc -v -o test-inst ../test-instr.c 2>&1 -echo AFL-CLANG-FAST -AFL_DEBUG=1 ../afl-clang-fast -v -o test-inst ../test-instr.c 2>&1 ls -l test-instr test -e ../libnyx.so && { ../afl-cc -o test-instr ../test-instr.c > errors 2>&1 -- cgit v1.2.3 From 236fb9b1456d15a0c0962a95db87f3005446f1a0 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 1 Feb 2024 12:03:02 +0100 Subject: debug ci --- test/test-nyx-mode.sh | 3 +++ 1 file changed, 3 insertions(+) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index 5b63d1b7..4d5f66ff 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -4,7 +4,10 @@ $ECHO "$BLUE[*] Testing: nyx_mode" +echo AFL_CC=$AFL_CC +unset AFL_CC apt-cache search clang|grep -E '^clang-1' +apt-cache search gcc|grep -E '^gcc-1' ls -al ../libnyx.so ../afl-* ../*.so ../afl-cc -h echo AFL-CC -- cgit v1.2.3 From 5549212d9e87de8f45cf72390cf549e23d7a9f60 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 1 Feb 2024 12:59:37 +0100 Subject: clean test script --- test/test-nyx-mode.sh | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index 4d5f66ff..494a74f2 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -4,15 +4,8 @@ $ECHO "$BLUE[*] Testing: nyx_mode" -echo AFL_CC=$AFL_CC unset AFL_CC -apt-cache search clang|grep -E '^clang-1' -apt-cache search gcc|grep -E '^gcc-1' -ls -al ../libnyx.so ../afl-* ../*.so -../afl-cc -h -echo AFL-CC -AFL_DEBUG=1 ../afl-cc -v -o test-inst ../test-instr.c 2>&1 -ls -l test-instr + test -e ../libnyx.so && { ../afl-cc -o test-instr ../test-instr.c > errors 2>&1 test -e test-instr && { -- cgit v1.2.3 From 96ada75bd95741f99987e7bddeea8bde16ebc80c Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 1 Feb 2024 14:18:36 +0100 Subject: debug ci --- test/test-nyx-mode.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index 494a74f2..d30be39f 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -3,6 +3,7 @@ . ./test-pre.sh $ECHO "$BLUE[*] Testing: nyx_mode" +env unset AFL_CC @@ -44,8 +45,6 @@ test -e ../libnyx.so && { rm -rf errors nyx-test test-instr in out } || { echo CUT------------------------------------------------------------------CUT - ../afl-cc - ../afl-cc -v cat errors echo CUT------------------------------------------------------------------CUT $ECHO "$RED[!] afl-fuzz is not working correctly with nyx_mode" -- cgit v1.2.3 From d8e8d34c4e5d481433d7fa73db1583410a6981cd Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 1 Feb 2024 14:34:07 +0100 Subject: fix ci --- test/test-nyx-mode.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'test') diff --git a/test/test-nyx-mode.sh b/test/test-nyx-mode.sh index d30be39f..6de63f1b 100755 --- a/test/test-nyx-mode.sh +++ b/test/test-nyx-mode.sh @@ -3,7 +3,11 @@ . ./test-pre.sh $ECHO "$BLUE[*] Testing: nyx_mode" -env + +test "$CI" = "true" && { + $ECHO "$YELLOW[-] nyx_mode cannot be tested in the Github CI, skipping ..." + exit 0 +} unset AFL_CC -- cgit v1.2.3 From 5ba66a8860657b21c45480f1d565634cfe38a7dc Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 1 Feb 2024 15:22:51 +0100 Subject: final touches for skipdet --- test/test-custom-mutators.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'test') diff --git a/test/test-custom-mutators.sh b/test/test-custom-mutators.sh index 49feedc0..8c8b0ad3 100755 --- a/test/test-custom-mutators.sh +++ b/test/test-custom-mutators.sh @@ -38,7 +38,7 @@ test -e test-custom-mutator.c -a -e ${CUSTOM_MUTATOR_PATH}/example.c -a -e ${CUS # Run afl-fuzz w/ the C mutator $ECHO "$GREY[*] running afl-fuzz for the C mutator, this will take approx 10 seconds" { - AFL_CUSTOM_MUTATOR_LIBRARY=./libexamplemutator.so AFL_CUSTOM_MUTATOR_ONLY=1 ../afl-fuzz -V07 -m ${MEM_LIMIT} -i in -o out -- ./test-custom-mutator >>errors 2>&1 + AFL_CUSTOM_MUTATOR_LIBRARY=./libexamplemutator.so AFL_CUSTOM_MUTATOR_ONLY=1 ../afl-fuzz -V07 -m ${MEM_LIMIT} -i in -o out -d -- ./test-custom-mutator >>errors 2>&1 } >>errors 2>&1 # Check results @@ -58,7 +58,7 @@ test -e test-custom-mutator.c -a -e ${CUSTOM_MUTATOR_PATH}/example.c -a -e ${CUS # Run afl-fuzz w/ multiple C mutators $ECHO "$GREY[*] running afl-fuzz with multiple custom C mutators, this will take approx 10 seconds" { - AFL_CUSTOM_MUTATOR_LIBRARY="./libexamplemutator.so;./libexamplemutator2.so" AFL_CUSTOM_MUTATOR_ONLY=1 ../afl-fuzz -V07 -m ${MEM_LIMIT} -i in -o out -- ./test-multiple-mutators >>errors 2>&1 + AFL_CUSTOM_MUTATOR_LIBRARY="./libexamplemutator.so;./libexamplemutator2.so" AFL_CUSTOM_MUTATOR_ONLY=1 ../afl-fuzz -V07 -m ${MEM_LIMIT} -i in -o out -d -- ./test-multiple-mutators >>errors 2>&1 } >>errors 2>&1 test -n "$( ls out/default/crashes/id:000000* 2>/dev/null )" && { # TODO: update here -- cgit v1.2.3 From c77709cdd9b50832ed537dfd65d30bc7ffa79e7b Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Sun, 4 Feb 2024 16:03:12 +0100 Subject: add U256/32byte support --- test/test-llvm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'test') diff --git a/test/test-llvm.sh b/test/test-llvm.sh index 53bbd7b4..aef7a5e2 100755 --- a/test/test-llvm.sh +++ b/test/test-llvm.sh @@ -62,7 +62,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { $ECHO "$RED[!] llvm_mode threadsafe instrumentation failed" CODE=1 } - rm -f test-instr.ts.0 test-instr.ts.1 + rm -f test-instr.ts.0 test-instr.ts.1 test-instr.ts } || { $ECHO "$RED[!] llvm_mode (threadsafe) failed" CODE=1 -- cgit v1.2.3 From 07bc202e0ad940e0cc7c8770f69ceb32ed851384 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Fri, 9 Feb 2024 13:51:05 +0100 Subject: fixes --- test/test-qemu-mode.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'test') diff --git a/test/test-qemu-mode.sh b/test/test-qemu-mode.sh index 8eb7cb67..2ba81d02 100755 --- a/test/test-qemu-mode.sh +++ b/test/test-qemu-mode.sh @@ -63,7 +63,7 @@ test -e ../afl-qemu-trace && { { export AFL_PRELOAD=../libcompcov.so export AFL_COMPCOV_LEVEL=2 - ../afl-fuzz -m ${MEM_LIMIT} -V07 -Q -i in -o out -- ./test-compcov >>errors 2>&1 + AFL_NO_UI=1 ../afl-fuzz -V07 -Q -i in -o out -- ./test-compcov 2>&1 unset AFL_PRELOAD unset AFL_COMPCOV_LEVEL } >>errors 2>&1 @@ -88,7 +88,7 @@ test -e ../afl-qemu-trace && { test "$SYS" = "i686" -o "$SYS" = "x86_64" -o "$SYS" = "amd64" -o "$SYS" = "i86pc" -o "$SYS" = "aarch64" -o ! "${SYS%%arm*}" && { $ECHO "$GREY[*] running afl-fuzz for qemu_mode cmplog, this will take approx 10 seconds" { - ../afl-fuzz -m none -V07 -Q -c 0 -l 3 -i in -o out -- ./test-compcov >>errors 2>&1 + ../afl-fuzz -V07 -Q -c 0 -l 3 -i in -o out -- ./test-compcov >>errors 2>&1 } >>errors 2>&1 test -n "$( ls out/default/queue/id:000001* 2>/dev/null )" && { $ECHO "$GREEN[+] afl-fuzz is working correctly with qemu_mode cmplog" -- cgit v1.2.3 From b282ce999d2ab9428210deb0e838f45a6a534084 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 13 May 2024 13:42:58 +0200 Subject: post_process after trim --- test/test-llvm.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'test') diff --git a/test/test-llvm.sh b/test/test-llvm.sh index aef7a5e2..13e1bad1 100755 --- a/test/test-llvm.sh +++ b/test/test-llvm.sh @@ -197,7 +197,8 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { for I in char short int long "long long"; do for BITS in 8 16 32 64; do bin="$testcase-split-$I-$BITS.compcov" - AFL_LLVM_INSTRUMENT=AFL AFL_DEBUG=1 AFL_LLVM_LAF_SPLIT_COMPARES_BITW=$BITS AFL_LLVM_LAF_SPLIT_COMPARES=1 ../afl-clang-fast -fsigned-char -DINT_TYPE="$I" -o "$bin" "$testcase" > test.out 2>&1; + #AFL_LLVM_INSTRUMENT=AFL + AFL_DEBUG=1 AFL_LLVM_LAF_SPLIT_COMPARES_BITW=$BITS AFL_LLVM_LAF_SPLIT_COMPARES=1 ../afl-clang-fast -fsigned-char -DINT_TYPE="$I" -o "$bin" "$testcase" > test.out 2>&1; if ! test -e "$bin"; then cat test.out $ECHO "$RED[!] llvm_mode laf-intel/compcov integer splitting failed! ($testcase with type $I split to $BITS)!"; @@ -269,7 +270,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { { mkdir -p in echo 00000000000000000000000000000000 > in/in - AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -l 3 -m none -V30 -i in -o out -c ./test-cmplog -- ./test-c >>errors 2>&1 + AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -Z -l 3 -m none -V30 -i in -o out -c ./test-cmplog -- ./test-c >>errors 2>&1 } >>errors 2>&1 test -n "$( ls out/default/crashes/id:000000* out/default/hangs/id:000000* 2>/dev/null )" && { $ECHO "$GREEN[+] afl-fuzz is working correctly with llvm_mode cmplog" -- cgit v1.2.3 From a87ea969133d9d403fd5207ec08a1ffdc4d8376b Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 14 May 2024 12:58:09 +0200 Subject: make slow systems pass our test suite --- test/test-cmplog.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'test') diff --git a/test/test-cmplog.c b/test/test-cmplog.c index 2ab579b0..0c91b21c 100644 --- a/test/test-cmplog.c +++ b/test/test-cmplog.c @@ -10,12 +10,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t i) { if (i < 15) return -1; if (buf[0] != 'A') return 0; - if (buf[1] != 'B') return 0; - if (buf[2] != 'C') return 0; - if (buf[3] != 'D') return 0; - int *icmp = (int *)(buf + 4); + int *icmp = (int *)(buf + 1); if (*icmp != 0x69694141) return 0; - if (memcmp(buf + 8, "1234EF", 6) == 0) abort(); + if (memcmp(buf + 5, "1234EF", 6) == 0) abort(); return 0; } -- cgit v1.2.3 From 0a16ea74879a935bbeb33e488cd451d6d9a7e19a Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Wed, 15 May 2024 10:57:46 +0200 Subject: better cmplog ci test for low memory machines --- test/test-llvm.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'test') diff --git a/test/test-llvm.sh b/test/test-llvm.sh index 13e1bad1..4dd35e6e 100755 --- a/test/test-llvm.sh +++ b/test/test-llvm.sh @@ -264,13 +264,12 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { } rm -f test-compcov test.out instrumentlist.txt AFL_LLVM_CMPLOG=1 ../afl-clang-fast -o test-cmplog test-cmplog.c > /dev/null 2>&1 - ../afl-clang-fast -O0 -o test-c test-cmplog.c > /dev/null 2>&1 test -e test-cmplog && { $ECHO "$GREY[*] running afl-fuzz for llvm_mode cmplog, this will take approx 10 seconds" { mkdir -p in echo 00000000000000000000000000000000 > in/in - AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -Z -l 3 -m none -V30 -i in -o out -c ./test-cmplog -- ./test-c >>errors 2>&1 + AFL_BENCH_UNTIL_CRASH=1 ../afl-fuzz -Z -l 3 -m none -V30 -i in -o out -c 0 -- ./test-cmplog >>errors 2>&1 } >>errors 2>&1 test -n "$( ls out/default/crashes/id:000000* out/default/hangs/id:000000* 2>/dev/null )" && { $ECHO "$GREEN[+] afl-fuzz is working correctly with llvm_mode cmplog" @@ -285,7 +284,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { $ECHO "$YELLOW[-] we cannot test llvm_mode cmplog because it is not present" INCOMPLETE=1 } - rm -rf errors test-cmplog test-c in core.* + rm -rf errors test-cmplog in core.* ../afl-clang-fast -o test-persistent ../utils/persistent_mode/persistent_demo.c > /dev/null 2>&1 test -e test-persistent && { echo foo | AFL_QUIET=1 ../afl-showmap -m ${MEM_LIMIT} -o /dev/null -q -r ./test-persistent && { -- cgit v1.2.3