From 9cad514abb308ba57b3c87a63d035bf9ea6c1ed1 Mon Sep 17 00:00:00 2001 From: Ian Jackson Date: Sat, 19 Nov 2016 18:59:10 +0000 Subject: [PATCH] regress: Provide Makefile targets to generate fuzzer inputs These will be useful for seeding AFL and may be useful for other purposes. This also lets us check that at least with our existing test cases, the corresponding fuzzer input files work. Signed-off-by: Ian Jackson This reverts commit 44843c19f7b3ebf59aa4cda4cef9be0f5d973126. --- .gitignore | 1 + regress/Makefile.in | 14 +++++++++++++ regress/check1fuzz | 28 ++++++++++++++++++++++++++ regress/make1fuzz | 49 +++++++++++++++++++++++++++++++++++++++++++++ settings.make.in | 2 +- 5 files changed, 93 insertions(+), 1 deletion(-) create mode 100755 regress/check1fuzz create mode 100755 regress/make1fuzz diff --git a/.gitignore b/.gitignore index 0d0daf9..4218eae 100644 --- a/.gitignore +++ b/.gitignore @@ -34,6 +34,7 @@ regress/*_record regress/*_playback regress/*_fuzz regress/output-*.* +regress/fuzz-* regress/pipe.out regress/pipe.err regress/harness.h diff --git a/regress/Makefile.in b/regress/Makefile.in index 846c236..3c5252f 100644 --- a/regress/Makefile.in +++ b/regress/Makefile.in @@ -53,9 +53,23 @@ check: $(TARGETS) $(addprefix check-,$(ALL_TESTS)) @echo @echo 'all tests passed or maybe skipped.' +checkfuzz: $(TARGETS) $(addprefix checkfuzz-,$(ALL_TESTS)) + @echo + @echo 'all fuzzes passed or maybe skipped.' +# this target is mostly useful as prep work for running the fuzzer; +# it doesn't really test any of adns + check-%: case-%.sys @srcdir=$(srcdir) $(srcdir)/r1test $* || test $$? = 5 +fuzz-%: case-%.sys $(TARGETS) make1fuzz shlib + srcdir=$(srcdir) $(srcdir)/make1fuzz $* + +.PRECIOUS: fuzz-% + +checkfuzz-%: fuzz-% $(TARGETS) + @srcdir=$(srcdir) $(srcdir)/check1fuzz $< || test $$? = 5 + LINK_CMD= $(CC) $(LDFLAGS) $^ $(LDLIBS) -o $@ %_record: %_c.o hrecord.o hnonfuzz.o $(HARNLOBJS) diff --git a/regress/check1fuzz b/regress/check1fuzz new file mode 100755 index 0000000..73ed172 --- /dev/null +++ b/regress/check1fuzz @@ -0,0 +1,28 @@ +#!/bin/sh +# usage: check1fuzz +# fuzz check script, for checking that one fuzz input works + +set -e +: ${srcdir=.} +. "$srcdir"/shlib + +fuzzfile="$1" + +exec <"$fuzzfile" + +desc="${fuzzfile#fuzz-}" + +read nargs +if [ "$nargs" = 0 ]; then printf "SKIPPED-$desc "; exit 5; fi + +read arg1len +read program + +case "$program" in +*/*) ;; +*) program="./$program" ;; +esac + +${program} <"$fuzzfile" >/dev/null + +printf "$desc " diff --git a/regress/make1fuzz b/regress/make1fuzz new file mode 100755 index 0000000..a7a08f2 --- /dev/null +++ b/regress/make1fuzz @@ -0,0 +1,49 @@ +#!/bin/sh +set -e + +: ${srcdir=.} +. "$srcdir"/shlib + +casename="$1" + +playback_prepare + +ofuzz="fuzz-$casename" + +rm -f "$ofuzz.tmp" +exec >"$ofuzz.tmp" + +fuzzout_complete () { + mv "$ofuzz.tmp" "$ofuzz" + exit 0 +} + +if test ! -e $playback; then + echo 0 + fuzzout_complete +fi + +playback_execute_callback () { + set "${program}_fuzz" "$@" + + printf "%d\n" "$#" + for a in "$@"; do + printf "%d\n" "${#a}" + printf "%s\n" "$a" + done +} +playback_execute + +if test -e "$case.in" +then + inputsz=$(stat -c'%s' -L "$case.in") + printf "%d\n" "$inputsz" + cat "$case.in" +else + echo 0 +fi +echo + +cat <&4 + +fuzzout_complete diff --git a/settings.make.in b/settings.make.in index e68899d..3b1e4bd 100644 --- a/settings.make.in +++ b/settings.make.in @@ -29,7 +29,7 @@ clean mostlyclean: rm -f $(TARGETS) $(AUTOCSRCS) $(AUTOCHDRS) rm -f *.o *.tmp* *.so *.so.* pipe.* rm -f output-*.err output-*.leftover - rm -f output-*.out output-*.report + rm -f output-*.out output-*.report fuzz-* distclean: clean rm -f *~ ./#*# core *.orig *.rej Makefile config.h -- 2.30.2