Ejemplo n.º 1
0
 def loop(self):
     ui = FuzzerUI(self.comm.num_processes, fancy=self.config.argument_values['f'], inline_log=self.config.argument_values['l'])
     ev = Evaluation(self.config)
     ui.install_sighandler()
     Thread(target=self.blacklist_updater, args=(ui,)).start()
     update = None
     while True:
         msg = recv_msg(self.comm.to_update_queue, timeout=self.timeout)
         self.__update_ui(ui, ev, update, msg)
         while not self.comm.to_update_queue.empty():
             msg = recv_msg(self.comm.to_update_queue)
             self.__update_ui(ui, ev, update, msg)
Ejemplo n.º 2
0
    def __init__(self, comm, initial=True):

        self.comm = comm
        #self.state = MapserverState()
        self.state = GlobalState()

        self.hash_set = set()
        self.preliminary_set = set()

        self.hash_list = set()
        self.crash_list = []
        self.shadow_map = set()

        self.last_hash = ""
        self.post_sync_master_tag = None

        self.effector_map = []
        self.new_findings = 0

        self.redqueen_sync = False

        self.effector_initial_bitmap = None
        self.effector_sync = False
        self.performance = 0

        self.post_sync = False
        self.pre_sync = False
        self.verification_sync = False
        self.round_counter = 0

        self.round_counter_redqueen_sync = 0
        self.round_counter_effector_sync = 0
        self.round_counter_master_post = 0
        self.round_counter_master_pre = 0
        self.round_counter_verification_sync = 0

        self.config = FuzzerConfiguration()
        self.enable_graphviz = self.config.argument_values['g']

        self.abortion_threshold = self.config.config_values[
            'ABORTION_TRESHOLD']

        self.preliminary_mode = False

        self.ring_buffers = []
        for e in range(self.config.argument_values['p']):
            self.ring_buffers.append(collections.deque(maxlen=30))

        if self.config.load_old_state:
            self.load_data()
            self.treemap = KaflTree.load_data(
                enable_graphviz=self.enable_graphviz)
        else:
            msg = recv_msg(self.comm.to_mapserver_queue)
            self.state["pending"] = len(msg.data)
            self.treemap = KaflTree(msg.data,
                                    enable_graphviz=self.enable_graphviz)
Ejemplo n.º 3
0
    def __init__(self, comm, initial=True):

        self.comm = comm
        self.mapserver_state_obj = MapserverState()

        self.hash_list = set()
        self.crash_list = []
        self.shadow_map = set()

        self.last_hash = ""
        self.post_sync_master_tag = None

        self.effector_map = []
        self.abortion_counter = 0
        self.abortion_alredy_sent = False
        self.comm.stage_abortion_notifier.value = False
        self.new_findings = 0

        self.effector_initial_bitmap = None
        self.effector_sync = False
        self.performance = 0

        self.post_sync = False
        self.pre_sync = False
        self.round_counter = 0

        self.round_counter_effector_sync = 0
        self.round_counter_master_post = 0
        self.round_counter_master_pre = 0

        self.config = FuzzerConfiguration()
        self.enable_graphviz = self.config.argument_values['g']

        self.abortion_threshold = self.config.config_values[
            'ABORTION_TRESHOLD']

        #self.q = qemu(1337, self.config)
        #self.q.start()

        self.ring_buffers = []
        for e in range(self.config.argument_values['p']):
            self.ring_buffers.append(collections.deque(maxlen=30))

        if self.config.load_old_state:
            self.load_data()
            self.treemap = KaflTree.load_data(
                enable_graphviz=self.enable_graphviz)
        else:
            msg = recv_msg(self.comm.to_mapserver_queue)
            self.mapserver_state_obj.pending = len(msg.data)
            self.treemap = KaflTree(msg.data,
                                    enable_graphviz=self.enable_graphviz)
Ejemplo n.º 4
0
    def loop(self):
        while True:
            self.__sync_handler()
            request = recv_msg(self.comm.to_mapserver_queue)

            if request.tag == KAFL_TAG_RESULT:
                self.__result_tag_handler(request)
            elif request.tag == KAFL_TAG_MAP_INFO:
                self.__map_info_tag_handler(request)
            elif request.tag == KAFL_TAG_NXT_FIN or request.tag == KAFL_TAG_NXT_UNFIN:
                self.abortion_counter = 0
                self.abortion_alredy_sent = False
                self.comm.stage_abortion_notifier.value = False
                self.__next_tag_handler(request)
            elif request.tag == KAFL_TAG_UNTOUCHED_NODES:
                self.__untouched_tag_handler(request)
            elif request.tag == KAFL_TAG_REQ_EFFECTOR:
                self.__req_effector_tag_handler(request)
            elif request.tag == KAFL_TAG_GET_EFFECTOR:
                self.__get_effector_tag_handler(request)
Ejemplo n.º 5
0
    def interprocess_proto_handler(self):
        response = recv_msg(self.comm.to_slave_queues[self.slave_id])

        if response.tag == KAFL_TAG_JOB:
            self.__respond_job_req(response)
            send_msg(KAFL_TAG_REQ,
                     self.q.qemu_id,
                     self.comm.to_master_queue,
                     source=self.slave_id)

        elif response.tag == KAFL_TAG_REQ_BITMAP:
            self.__respond_bitmap_req(response)

        elif response.tag == KAFL_TAG_REQ_SAMPLING:
            self.__respond_sampling_req(response)

        elif response.tag == KAFL_TAG_REQ_BENCHMARK:
            self.__respond_benchmark_req(response)

        else:
            log_slave("Received TAG: " + str(response.tag), self.slave_id)
Ejemplo n.º 6
0
    def loop(self):
        while True:
            self.__sync_handler()
            request = recv_msg(self.comm.to_mapserver_queue)

            if request.tag == KAFL_TAG_RESULT:
                self.__result_tag_handler(request)
            elif request.tag == KAFL_TAG_NXT_FIN or request.tag == KAFL_TAG_NXT_UNFIN:
                self.__next_tag_handler(request)
            elif request.tag == KAFL_TAG_UNTOUCHED_NODES:
                self.__untouched_tag_handler(request)
            elif request.tag == KAFL_TAG_REQ_EFFECTOR:
                self.__req_effector_tag_handler(request)
            elif request.tag == KAFL_TAG_GET_EFFECTOR:
                self.__get_effector_tag_handler(request)
            elif request.tag == KAFL_TAG_REDQUEEN_SYNC:
                self.__fin_redqueen_tag_handler(request)
            elif request.tag == KAFL_TAG_REQ_PRELIMINARY:
                self.__fin_preliminary_tag_handler(request)
            elif request.tag == KAFL_TAG_REQ_VERIFY_SYNC:
                self.__fin_verification_tag_handler(request)
Ejemplo n.º 7
0
    def interprocess_proto_handler(self):
        response = recv_msg(self.comm.to_slave_queues[self.slave_id])

        if response.tag == KAFL_TAG_JOB:
            self.__respond_job_req(response)
            send_msg(KAFL_TAG_REQ, self.q.qemu_id, self.comm.to_master_queue, source=self.slave_id)

        elif response.tag == KAFL_TAG_REQ_PING:
            send_msg(KAFL_TAG_REQ_PING, self.q.qemu_id, self.comm.to_master_queue, source=self.slave_id)

        elif response.tag == KAFL_TAG_UPDATE_REDQUEEN:
            self.redqueen_state.update_redqueen_patches(self.q.redqueen_workdir)
            self.q.send_payload(apply_patches=False)
            self.q.send_payload(apply_patches=True)
            send_msg(KAFL_TAG_UPDATE_REDQUEEN, self.q.qemu_id, self.comm.to_master_queue, source=self.slave_id)

        elif response.tag == KAFL_TAG_REQ_BITMAP:
            self.__respond_bitmap_req(response)

        elif response.tag == KAFL_TAG_REQ_BITMAP_HASH:
            self.__respond_bitmap_hash_req(response)

        elif response.tag == KAFL_TAG_REQ_SAMPLING:
            self.__respond_sampling_req(response)

        elif response.tag == KAFL_TAG_REQ_BENCHMARK:
            self.__respond_benchmark_req(response)  

        elif response.tag == KAFL_TAG_REQ_REDQUEEN:
            self.__respond_redqueen_req(response)   

        elif response.tag == KAFL_TAG_REQ_VERIFY:
            self.__respond_verification(response)
            send_msg(KAFL_TAG_REQ, self.q.qemu_id, self.comm.to_master_queue, source=self.slave_id)

        else:
            log_slave("Received TAG: " + str(response.tag), self.slave_id)