diff options
Diffstat (limited to 'fix-lib.m4')
| -rw-r--r-- | fix-lib.m4 | 54 |
1 files changed, 0 insertions, 54 deletions
diff --git a/fix-lib.m4 b/fix-lib.m4 deleted file mode 100644 index 3d9216a..0000000 --- a/fix-lib.m4 +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/sh -# Patcher for dynamically linked library -# Copyright (C) 2025 Nguyễn Gia Phong -# -# This file is part of taosc. -# -# Taosc is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Taosc is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with taosc. If not, see <https://www.gnu.org/licenses/>. - -set -ex -if test $# -lt 4 -then - echo Usage: taosc-fix-lib executable library address workdir option... - exit 1 -fi -binary="$(realpath $1)" -library="$(realpath $2)" -lib="$(basename $library)" -address="$3" -wd="$(realpath $4)" -bin="$wd/$(basename $binary)" -opts="${@:5}" - -afl-dyninst --library="$library" -x "$binary" "$bin.fuzzee" -pushd DATA_DIR > /dev/null -trap 'popd > /dev/null' EXIT -mkdir -p "$wd/collect" -e9tool -M false -P 'log(state)@collect' -o "$bin.collect" "$binary" -e9tool -M addr=$address -P 'log(state)@collect'\ - -o "$wd/collect/$lib" --shared "$library" -mkdir -p "$wd/patched" -e9tool -M addr=$address -P 'if dest(state)@patch goto'\ - -o "$wd/patched/$lib" --shared "$library" - -# TODO: augment number of executions -afl-dyninst-env afl-fuzz -i "$wd/fuzz/exploits" -o "$wd/fuzz/crashes"\ - -CE 10000 -- "$bin.fuzzee" $opts @@ -# TODO: use patchelf -find "$wd/fuzz/crashes/default/crashes" -name id:* | parallel\ - LD_LIBRARY_PATH="$wd/collect" TAOSC_OUTPUT="$wd/vars/neg/"'$(basename {})'\ - "$bin.collect" $opts {} || true -taosc-synth "$wd/vars" > "$wd/predicates" -taosc-scout "$library" "$address" > "$wd/destinations" -# vim: filetype=sh.m4 |