def test_not_exists(self):
"""Test not exists."""
with open(self.test_path, 'rb') as f:
self.assertFalse(utils.search_bytes_in_file(b'A' * 17, f))
self.assertFalse(utils.search_bytes_in_file(b'B' * 17, f))
self.assertFalse(utils.search_bytes_in_file(b'C' * 2, f))
self.assertFalse(utils.search_bytes_in_file(b'D' * 17, f))
self.assertFalse(utils.search_bytes_in_file(b'ABCD', f))
def test_exists(self):
"""Test exists."""
with open(self.test_path, 'rb') as f:
self.assertTrue(utils.search_bytes_in_file(b'A', f))
self.assertTrue(utils.search_bytes_in_file(b'B', f))
self.assertTrue(utils.search_bytes_in_file(b'C', f))
self.assertTrue(utils.search_bytes_in_file(b'D', f))
self.assertTrue(utils.search_bytes_in_file(b'A' * 16, f))
self.assertTrue(utils.search_bytes_in_file(b'B' * 16, f))
self.assertTrue(utils.search_bytes_in_file(b'D' * 16, f))
def is_fuzz_target_local(file_path, file_handle=None):
"""Returns whether |file_path| is a fuzz target binary (local path)."""
# TODO(hzawawy): Handle syzkaller case.
filename, file_extension = os.path.splitext(os.path.basename(file_path))
if not VALID_TARGET_NAME_REGEX.match(filename):
# Check fuzz target has a valid name (without any special chars).
return False
if BLOCKLISTED_TARGET_NAME_REGEX.match(filename):
# Check fuzz target an explicitly disallowed name (e.g. binaries used for
# jazzer-based targets).
return False
if file_extension not in ALLOWED_FUZZ_TARGET_EXTENSIONS:
# Ignore files with disallowed extensions (to prevent opening e.g. .zips).
return False
if not file_handle and not os.path.exists(file_path):
# Ignore non-existant files for cases when we don't have a file handle.
return False
if filename.endswith('_fuzzer'):
return True
# TODO(aarya): Remove this optimization if it does not show up significant
# savings in profiling results.
fuzz_target_name_regex = environment.get_value('FUZZER_NAME_REGEX')
if fuzz_target_name_regex:
return bool(re.match(fuzz_target_name_regex, filename))
if os.path.exists(file_path) and not stat.S_ISREG(
os.stat(file_path).st_mode):
# Don't read special files (eg: /dev/urandom).
logs.log_warn('Tried to read from non-regular file: %s.' % file_path)
return False
# Use already provided file handle or open the file.
local_file_handle = file_handle or open(file_path, 'rb')
# TODO(metzman): Bound this call so we don't read forever if something went
# wrong.
result = utils.search_bytes_in_file(FUZZ_TARGET_SEARCH_BYTES,
local_file_handle)
if not file_handle:
# If this local file handle is owned by our function, close it now.
# Otherwise, it is caller's responsibility.
local_file_handle.close()
return result
def _is_multistep_merge_supported(target_path):
"""Checks whether a particular binary support multistep merge."""
# TODO(Dor1s): implementation below a temporary workaround, do not tell any
# body that we are doing this. The real solution would be to execute a
# fuzz target with '-help=1' and check the output for the presence of
# multistep merge support added in https://reviews.llvm.org/D71423.
# The temporary implementation checks that the version of libFuzzer is at
# least https://github.com/llvm/llvm-project/commit/da3cf61, which supports
# multi step merge: https://github.com/llvm/llvm-project/commit/f054067.
if os.path.exists(target_path):
with open(target_path, 'rb') as file_handle:
return utils.search_bytes_in_file(MULTISTEP_MERGE_SUPPORT_TOKEN,
file_handle)
return False
def is_lpm_fuzz_target(fuzzer_path):
"""Returns True if |fuzzer_path| is a libprotobuf-mutator based fuzz
target."""
# TODO(metzman): Use this function to disable running LPM targets with AFL.
with open(fuzzer_path, 'rb') as file_handle:
return utils.search_bytes_in_file(b'TestOneProtoInput', file_handle)
