diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | collection | 17 | ||||
| -rw-r--r-- | fix.m4 | 2 |
3 files changed, 20 insertions, 1 deletions
diff --git a/Makefile b/Makefile index 19f3d6b..df00cc6 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,7 @@ BIN_PREFIX ::= $(DESTDIR)$(PREFIX)/bin/taosc- DATA_DIR ::= $(DESTDIR)$(PREFIX)/share/taosc BIN ::= fix fix-lib scout synth -DATA ::= collect patch +DATA ::= collect collection patch all: $(BIN) $(DATA) diff --git a/collection b/collection new file mode 100644 index 0000000..fa0d3df --- /dev/null +++ b/collection @@ -0,0 +1,17 @@ +1 r15 int +2 r14 int +3 r13 int +4 r12 int +5 r11 int +6 r10 int +7 r9 int +8 r8 int +9 rdi int +10 rsi int +11 rbp int +12 rbx int +13 rdx int +14 rcx int +15 rax int +16 rsp int +17 rip int diff --git a/fix.m4 b/fix.m4 index 03b0e89..b6fd666 100644 --- a/fix.m4 +++ b/fix.m4 @@ -37,9 +37,11 @@ e9tool -M addr=$address -P 'log(state)@collect'\ e9tool -M addr=$address -P 'if dest(state)@patch goto'\ -o "$bin.patched" "$binary" +install -Dm 644 DATA_DIR/collection "$wd/vars/list" # TODO: augment number of executions afl-dyninst-env afl-fuzz -i "$wd/fuzz/exploits" -o "$wd/fuzz/crashes"\ -CE 10000 -- "$bin.fuzzee" $opts @@ +install -d "$wd/vars/neg" find "$wd/fuzz/crashes/default/crashes" -name id:* | parallel\ TAOSC_OUTPUT="$wd/vars/neg/"'$(basename {})' "$bin.collect" $opts {} || true taosc-synth "$wd/vars" > "$wd/predicates" |