def load_data(self): """ Method to load an entire master state from JSON file... """ with open(FuzzerConfiguration().argument_values['work_dir'] + "/mapserver.json", 'r') as infile: dump = json.load(infile) for key, value in dump.iteritems(): if key == "hash_list" or key == "shadow_map": tmp = set() for e in value: tmp.add(tuple(e)) setattr(self, key, tmp) elif key == "mapserver_state_obj": tmp = MapserverState() tmp.load_data(value) setattr(self, key, tmp) else: setattr(self, key, value)
def main(): cfg = FuzzerConfiguration(IRPT_CONFIG) q = qemu(0, cfg, debug_mode=0) if not q.start(): return interface_manager.load(cfg.argument_values['interface']) iocode_list = list(interface_manager.get_all_codes()) exec_res = q.send_irp(IRP(iocode_list[0], 0, 0)) for iocode in iocode_list[1:]: q.reload_driver() exec_res2 = q.send_irp(IRP(iocode, 0, 0)) if exec_res.copy_to_array() != exec_res2.copy_to_array(): print("IoControlCode(%x) == IoControlCode(%x)" % (iocode_list[0], iocode)) else: print("IoControlCode(%x) != IoControlCode(%x)" % (iocode_list[0], iocode)) q.shutdown()
def __init__(self, comm, reload=False): self.comm = comm self.kafl_state = State() self.payload = "" self.counter = 0 self.round_counter = 0 self.start = time.time() self.benchmark_time = time.time() self.counter_offset = 0 self.payload_buffer = [] self.byte_map = [] self.stage_abortion = False self.abortion_counter = 0 self.mapserver_status_pending = False self.skip_zero = False self.config = FuzzerConfiguration() # self.skip_zero = self.config.argument_values['s'] # self.refresh_rate = self.config.config_values['UI_REFRESH_RATE'] # self.use_effector_map = self.config.argument_values['d'] # self.arith_max = FuzzerConfiguration().config_values["ARITHMETIC_MAX"] self.use_effector_map = False self.arith_max = 35 self.refresh_rate = 0.25 if not self.config.argument_values['D']: self.use_effector_map = False # self.global_model = GlobalModel(self.config) self.concolic_payloads = [] self.load_old_state = False if reload: self.load_old_state = True self.load_data() self._stop_event = threading.Event()
def load_dict(file_name): f = open(file_name) dict_entries = [] for line in f: if not line.startswith("#"): try: dict_entries.append((line.split("=\"")[1].split("\"\n")[0] ).decode("string_escape")) except: pass f.close() return dict_entries if FuzzerConfiguration().argument_values["I"]: set_dict(load_dict(FuzzerConfiguration().argument_values["I"])) append_handler(havoc_dict) append_handler(havoc_dict) location_findings = FuzzerConfiguration( ).argument_values['work_dir'] + "/findings/" location_corpus = FuzzerConfiguration( ).argument_values['work_dir'] + "/corpus/" def havoc_range(perf_score): max_iterations = int(perf_score * 2.5) if max_iterations < AFL_HAVOC_MIN:
def __init__(self, level, payload, bitmap, methode, sequence=None, node_state=None, node_type=None, current=False, write_data=True, performance=None, new_byte_count=0, new_bit_count=0): global KaflNodeID, KaflCrashID, KaflKASanID, KaflTimeoutID, KaflPreliminaryID if methode: self.bb_delta = methode.bb_delta else: self.bb_delta = 0 self.new_byte_count = new_byte_count self.new_bit_count = new_bit_count self.level = level self.current = current self.performance = performance self.fav_bits = 0 if node_state: self.node_state = node_state else: self.node_state = KaflNodeState.untouched if node_type: self.node_type = node_type else: self.node_type = KaflNodeType.regular if self.node_type == KaflNodeType.regular or self.node_type == KaflNodeType.favorite: self.node_id = KaflNodeID KaflNodeID += 1 elif self.node_type == KaflNodeType.crash: self.node_id = KaflCrashID KaflCrashID += 1 elif self.node_type == KaflNodeType.kasan: self.node_id = KaflKASanID KaflKASanID += 1 elif self.node_type == KaflNodeType.timeout: self.node_id = KaflTimeoutID KaflTimeoutID += 1 elif self.node_type == KaflNodeType.preliminary: self.node_id = KaflPreliminaryID KaflPreliminaryID += 1 if methode: if self.node_type == KaflNodeType.preliminary: methode.save_to_file(FuzzerConfiguration().argument_values['work_dir'], self.node_id, preliminary=True) elif self.node_type == KaflNodeType.regular or self.node_type == KaflNodeType.favorite: methode.save_to_file(FuzzerConfiguration().argument_values['work_dir'], self.node_id, preliminary=False) else: pass self.payload_hash = mmh3.hash(payload) self.bits = {} if write_data: self.__save_payload(payload) self.__write_eval_results() self.__process_bitmap(bitmap) if sequence: self.__save_payload_sequence(sequence) FILTER = ''.join([(len(repr(chr(x))) == 3) and chr(x) or '.' for x in range(256)]) self.identifier = ''.join(["%s" % ((ord(x) <= 127 and FILTER[ord(x)]) or '.') for x in payload]) if len(self.identifier) > 10: self.identifier = self.identifier[:10] + " (...)" self.payload_len = len(payload) if performance is None: self.performance = 0.0 self.fav_factor = 10000000 else: self.fav_factor = self.performance * self.payload_len
def __get_payload_filename(exit_reason, id): workdir = FuzzerConfiguration().argument_values['work_dir'] filename = "/corpus/%s/payload_%05d" % (exit_reason, id) return workdir + filename
def __get_metadata_filename(id): workdir = FuzzerConfiguration().argument_values['work_dir'] return workdir + "/metadata/node_%05d" % id
return max_iterations def execute(cmd): logger("CMD: " + cmd) proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=None, shell=True) return proc # proc.wait() location_corpus = FuzzerConfiguration( ).argument_values['work_dir'] + "/corpus/" def mutate_seq_radamsa_array(data, func, default_info, max_iterations): logger("FILES: " + str(len(os.listdir(location_corpus)))) default_info["method"] = "radamsa" files = sorted(glob.glob(location_corpus + "/*/payload_*")) last_n = 5 rand_n = 5 samples = files[-last_n:] + random.sample( files[:-last_n], max(0, min(rand_n, len(files) - last_n))) try: if samples: proc = execute("./fuzzer/technique/radamsa -o :21337 -n inf " + " ".join(samples))
def __get_bitmap_filename(self): workdir = FuzzerConfiguration().argument_values['work_dir'] filename = "/bitmaps/payload_%05d.lz4" % (self.get_id()) return workdir + filename
print "bitmap:", len(bitmap), pop print "crash %d, timeout %d, kasan %d" % (q.crashed, q.timeout, q.kasan) print sys.stdout.flush() time.sleep(0.2) def testFile(fn): print fn dat = file(fn, 'rb').read() return test(dat) # ----------- config = FuzzerConfiguration() enable_logging() start = time.time() q = qemu(0, config) q.start() timediff("start qemu", start) testFile('tests/ok') testFile('tests/ok') testFile('tests/panic') q.soft_reload() testFile('tests/ok') testFile('tests/exit') q.soft_reload() testFile('tests/timeout')
def __init__(self, comm, use_ui): self.comm = comm self.config = FuzzerConfiguration() self.timeout = self.config.config_values['UI_REFRESH_RATE'] self.use_ui = use_ui
def __init__(self, seed, enable_graphviz=False, flush=True): global KaflNodeID self.fuzz_yield = fuzz_yield() self.qemu_lookup = QemuLookupSet() self.level = 0 self.max_level = 0 self.cycles = -1 self.all_nodes = [] self.references = {} self.current = self.MASTER_NODE_ID self.random_shuffled = False self.favorite_buf = [] self.favorite_unfinished_buf = [] self.regular_buf = [] self.regular_unfinished_buf = [] self.finished_buf = [] self.bitmap_size = FuzzerConfiguration().config_values['BITMAP_SHM_SIZE'] self.depth_search_first = FuzzerConfiguration().config_values["DEPTH-FIRST-SEARCH"] self.buckets = [0x0, 0x1, 0x2, 0x4, 0x8, 0x10, 0x20, 0x40, 0x80] self.fav_bitmap = [] self.fav_bitmap_updated = False if FuzzerConfiguration().config_values['MAX_MIN_BUCKETS']: self.max_bucket_values = [] self.backup_max_bucket_values = [] self.max_bucket_ref = [] self.next_max_bucket = [] self.old_pending_node = None self.max_min_bucketing_enabled = True else: self.max_min_bucketing_enabled = False self.preliminary_mode = False self.preliminary_mode_queue = [] self.bitmap_fd = os.open(FuzzerConfiguration().argument_values['work_dir'] + "/bitmaps/bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) self.crash_bitmap_fd = os.open(FuzzerConfiguration().argument_values['work_dir'] + "/bitmaps/crash_bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) self.kasan_bitmap_fd = os.open(FuzzerConfiguration().argument_values['work_dir'] + "/bitmaps/kasan_bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) self.timeout_bitmap_fd = os.open(FuzzerConfiguration().argument_values['work_dir'] + "/bitmaps/timeout_bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) self.backup_bitmap_fd = os.open(FuzzerConfiguration().argument_values['work_dir'] + "/bitmaps/backup_bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) self.backup_crash_bitmap_fd = os.open(FuzzerConfiguration().argument_values['work_dir'] + "/bitmaps/backup_crash_bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) self.backup_kasan_bitmap_fd = os.open(FuzzerConfiguration().argument_values['work_dir'] + "/bitmaps/backup_kasan_bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) self.backup_timeout_bitmap_fd = os.open(FuzzerConfiguration().argument_values['work_dir'] + "/bitmaps/backup_timeout_bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) os.ftruncate(self.bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) os.ftruncate(self.crash_bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) os.ftruncate(self.kasan_bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) os.ftruncate(self.timeout_bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) os.ftruncate(self.backup_bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) os.ftruncate(self.backup_crash_bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) os.ftruncate(self.backup_kasan_bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) os.ftruncate(self.backup_timeout_bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) self.bitmap = mmap.mmap(self.bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) self.crash_bitmap = mmap.mmap(self.crash_bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) self.kasan_bitmap = mmap.mmap(self.kasan_bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) self.timeout_bitmap = mmap.mmap(self.timeout_bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) self.backup_bitmap = mmap.mmap(self.backup_bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) self.backup_crash_bitmap = mmap.mmap(self.backup_crash_bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) self.backup_kasan_bitmap = mmap.mmap(self.backup_kasan_bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) self.backup_timeout_bitmap = mmap.mmap(self.backup_timeout_bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) if flush: for i in range(self.bitmap_size): self.bitmap[i] = '\x00' self.crash_bitmap[i] = '\x00' self.kasan_bitmap[i] = '\x00' self.timeout_bitmap[i] = '\x00' for i in range(self.bitmap_size): self.fav_bitmap.append(None) if self.max_min_bucketing_enabled: for i in range(self.bitmap_size): self.max_bucket_values.append(None) self.backup_max_bucket_values.append(None) self.max_bucket_ref.append(None) self.c_bitmap = (c_uint8 * self.bitmap_size).from_buffer(self.bitmap) self.c_crash_bitmap = (c_uint8 * self.bitmap_size).from_buffer(self.crash_bitmap) self.c_kasan_bitmap = (c_uint8 * self.bitmap_size).from_buffer(self.kasan_bitmap) self.c_timeout_bitmap = (c_uint8 * self.bitmap_size).from_buffer(self.timeout_bitmap) self.graph = KaflGraph([], enabled=enable_graphviz) self.favorites = 0 self.favorites_in_progress = 0 self.favorites_finished = 0 self.paths = 0 self.paths = len(seed) self.paths_in_progress = 0 self.paths_finished = 0 self.score_changed = False self.payload_hashes = {} self.bitmap_native_so = CDLL(os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe()))) + '/native/bitmap.so') for payload, bitmap in seed: node = KaflNode(self.level, payload, bitmap, None, node_type=KaflNodeType.favorite) self.__append_to_level(node) self.favorites += 1 if self.all_nodes: self.current = 0 self.__restore_state() self.__restore_graph() self.sort_default = True self.ignore_bit_counts = False
def __init__(self, comm): self.comm = comm self.config = FuzzerConfiguration() self.global_model = GlobalModel(self.config)
def __write_eval_results(self): with open(FuzzerConfiguration().argument_values['work_dir']+"/evaluation/findings.csv",'ab') as f: f.write("%s\n"%json.dumps([time.time()-GlobalState().values["inittime"], self.__get_filename()] ))
def __check_hash(self, new_hash, bitmap, payload, crash, timeout, kasan, slave_id, reloaded, performance, qid, pos, methode): self.ring_buffers[slave_id].append(str(payload)) if self.preliminary_mode: hash_was_new = True else: hash_was_new = False if new_hash != self.last_hash: if len(self.hash_list) == 0: hash_was_new = True if new_hash not in self.hash_list and new_hash not in self.shadow_map: hash_was_new = True if crash or kasan or timeout: if crash: state_str = "crash" node_type = KaflNodeType.crash elif kasan: state_str = "kasan" node_type = KaflNodeType.kasan elif timeout: state_str = "timeout" node_type = KaflNodeType.timeout if self.treemap.append(payload, bitmap, methode, node_type=node_type): if not self.preliminary_mode: log_mapserver("Unique " + state_str + " submited by slave #" + str(slave_id) + " ...") self.__save_ring_buffer( slave_id, self.config.argument_values['work_dir'] + "/rbuf/" + state_str + "_" + str(self.state[state_str + "_unique"]) + ".rbuf") self.state[state_str] += 1 self.state[state_str + "_unique"] += 1 else: self.state["preliminary"] += 1 log_mapserver("Unique " + state_str + " submited by slave #" + str(slave_id) + " [preliminary]...") else: if not self.preliminary_mode: self.state[state_str] += 1 path = FuzzerConfiguration().argument_values[ 'work_dir'] + "/findings/non_uniq/" + state_str + "_non_uniq_" + str( self.state[state_str]) with open(path, "w") as f: f.write(payload) with open( FuzzerConfiguration().argument_values['work_dir'] + "/evaluation/findings.csv", 'ab') as f: f.write("%s\n" % json.dumps([ time.time() - GlobalState().values["inittime"], path ])) elif hash_was_new: if self.treemap.append(payload, bitmap, methode, performance=performance): if not self.preliminary_mode: if methode.get_type() == METHODE_IMPORT: self.state["imports"] += 1 self.hash_list.add(new_hash) self.new_findings += 1 self.state["last_hash_time"] = time.time() self.__update_state() else: self.state["preliminary"] += 1 else: if not self.preliminary_mode: self.shadow_map.add(new_hash) if reloaded: self.ring_buffers[slave_id].clear()
def __init__(self, seed, enable_graphviz=False, flush=True): global KaflNodeID self.level = 0 self.max_level = 0 self.cycles = -1 self.all_nodes = [] self.references = {} self.current = self.MASTER_NODE_ID self.random_shuffled = False self.favorite_buf = [] self.favorite_unfinished_buf = [] self.regular_buf = [] self.regular_unfinished_buf = [] self.finished_buf = [] self.bitmap_size = FuzzerConfiguration( ).config_values['BITMAP_SHM_SIZE'] self.buckets = [0x0, 0x1, 0x2, 0x4, 0x8, 0x10, 0x20, 0x40, 0x80] self.fav_bitmap = [] self.fav_bitmap_updated = False self.bitmap_fd = os.open( FuzzerConfiguration().argument_values['work_dir'] + "/bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) self.crash_bitmap_fd = os.open( FuzzerConfiguration().argument_values['work_dir'] + "/crash_bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) self.kasan_bitmap_fd = os.open( FuzzerConfiguration().argument_values['work_dir'] + "/kasan_bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) self.timeout_bitmap_fd = os.open( FuzzerConfiguration().argument_values['work_dir'] + "/timeout_bitmap", os.O_RDWR | os.O_SYNC | os.O_CREAT) os.ftruncate(self.bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) os.ftruncate(self.crash_bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) os.ftruncate(self.kasan_bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) os.ftruncate(self.timeout_bitmap_fd, FuzzerConfiguration().config_values['BITMAP_SHM_SIZE']) self.bitmap = mmap.mmap(self.bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) self.crash_bitmap = mmap.mmap(self.crash_bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) self.kasan_bitmap = mmap.mmap(self.kasan_bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) self.timeout_bitmap = mmap.mmap(self.timeout_bitmap_fd, self.bitmap_size, mmap.MAP_SHARED, mmap.PROT_WRITE | mmap.PROT_READ) if flush: for i in range(self.bitmap_size): self.bitmap[i] = 0 self.crash_bitmap[i] = 0 self.kasan_bitmap[i] = 0 self.timeout_bitmap[i] = 0 for i in range(self.bitmap_size): self.fav_bitmap.append(None) self.graph = KaflGraph([], enabled=enable_graphviz) self.favorites = 0 self.favorites_in_progress = 0 self.favorites_finished = 0 self.paths = 0 self.paths = len(seed) self.paths_in_progress = 0 self.paths_finished = 0 self.score_changed = False self.payload_hashes = {} for payload, bitmap in seed: node = KaflNode(self.level, payload, bitmap, node_type=KaflNodeType.favorite) self.__append_to_level(node) self.favorites += 1 if self.all_nodes: self.current = 0 #self.__get_ref(self.all_nodes[0]) self.__restore_state() self.__restore_graph()
def start(): config = FuzzerConfiguration() if not post_self_check(config): return -1 if config.argument_values['v']: enable_logging() num_processes = config.argument_values['p'] if config.argument_values['Purge'] and check_if_old_state_exits( config.argument_values['work_dir']): print_warning("Old workspace found!") if ask_for_permission("PURGE", " to wipe old workspace:"): print_warning("Wiping old workspace...") prepare_working_dir(config.argument_values['work_dir'], purge=True) time.sleep(2) else: print_fail("Aborting...") return 0 if not check_if_old_state_exits(config.argument_values['work_dir']): if not prepare_working_dir(config.argument_values['work_dir'], purge=True): print_fail("Working directory is weired or corrupted...") return 1 if not copy_seed_files(config.argument_values['work_dir'], config.argument_values['seed_dir']): print_fail("Seed directory is empty...") return 1 config.save_data() else: log_core("Old state exist -> loading...") config.load_data() comm = Communicator(num_processes=num_processes, tasks_per_requests=config.argument_values['t'], bitmap_size=config.config_values["BITMAP_SHM_SIZE"]) comm.create_shm() qlookup = QemuLookupSet() master = MasterProcess(comm) update_process = multiprocessing.Process(name='UPDATE', target=update_loader, args=(comm, )) mapserver_process = multiprocessing.Process(name='MAPSERVER', target=mapserver_loader, args=(comm, )) slaves = [] for i in range(num_processes): slaves.append( multiprocessing.Process(name='SLAVE' + str(i), target=slave_loader, args=(comm, i))) slaves[i].start() update_process.start() mapserver_process.start() try: master.loop() except KeyboardInterrupt: master.save_data() log_core("Date saved!") signal.signal(signal.SIGINT, signal.SIG_IGN) counter = 0 print_pre_exit_msg(counter, clrscr=True) for slave in slaves: while True: counter += 1 print_pre_exit_msg(counter) slave.join(timeout=0.25) if not slave.is_alive(): break print_exit_msg() return 0
def save_to_file(self, label): workdir = FuzzerConfiguration().argument_values['work_dir'] filename = "/corpus/%s/payload_%05d" % (label, Program.PayloadCount) atomic_write(workdir + filename, self.serialize()) Program.PayloadCount += 1
def main(): signal.signal(signal.SIGUSR1, handle_pdb) print(os.getpid()) time.sleep(1) config = FuzzerConfiguration() num_processes = config.argument_values['p'] num_concolic = config.argument_values['concolic'] reload = False if config.argument_values['Purge'] and check_if_old_state_exits( config.argument_values['work_dir']): print_warning("Old workspace found!") print_warning("Wiping old workspace...") prepare_working_dir(config.argument_values['work_dir'], purge=config.argument_values['Purge']) time.sleep(2) if not check_if_old_state_exits(config.argument_values['work_dir']): if not prepare_working_dir(config.argument_values['work_dir'], purge=config.argument_values['Purge']): print_fail("Working directory is weired or corrupted...") return 1 if not copy_seed_files(config.argument_values['work_dir'], config.argument_values['seed_dir']): print_fail("Seed directory is empty...") return 1 config.save_data() else: log_core("Old state exist -> loading...") config.load_data() reload = True DO_USE_UI = (USE_UI and not config.argument_values['verbose'] and config.argument_values['f']) comm = Communicator(num_processes=num_processes, concolic_thread=num_concolic) master = MasterProcess(comm, reload=reload) mapserver_process = multiprocessing.Process(name='MAPSERVER', target=mapserver_loader, args=(comm, reload)) modelserver_process = multiprocessing.Process(name='MODELSERVER', target=modelserver_loader, args=(comm, )) update_process = multiprocessing.Process(name='UPDATE', target=update_loader, args=(comm, DO_USE_UI)) slaves = [] for i in range(num_processes): slave = SlaveThread(comm, i, reload=reload) slaves.append(slave) concolic_models = [] for i in range(num_concolic): controller = ConcolicController(comm, num_processes, i) slaves.append(controller) concolic_models.append(controller.model) concserv = ConcolicServerThread(comm, num_processes, num_concolic, concolic_models) comm.start() comm.create_shm() update_process.start() time.sleep(.1) mapserver_process.start() modelserver_process.start() concserv.start() for slave in slaves: slave.start() # print('Starting master loop') try: master.loop() except KeyboardInterrupt: master.stop() print('Saving data') # Wait for child processes to properly exit mapserver_process.join() update_process.join() concserv.stop() # Properly stop threads for slave in slaves: slave.stop() time.sleep(1) # Stop communicator last because Queues may be in used comm.stop() master.save_data() print('Data saved')
def append(self, payload, bitmap, methode, node_state=None, node_type=None, performance=0.0): accepted = False new_byte_count = 0 new_bit_count = 0 if self.preliminary_mode: found = False if node_type >= KaflNodeType.crash: if node_type == KaflNodeType.crash: accepted = self.__is_unique_crash(bitmap) elif node_type == KaflNodeType.kasan: accepted = self.__is_unique_kasan(bitmap) elif node_type == KaflNodeType.timeout: accepted = self.__is_unique_timeout(bitmap) else: new_byte_count, new_bit_count = self.__are_new_bits_present(bitmap) if new_bit_count != 0 and not self.__check_if_duplicate(payload): accepted = True if accepted: log_tree("new preliminary input found: " + repr(payload[:32])) new_node = KaflNode((self.level + 1), payload, bitmap, methode, node_state=KaflNodeState.untouched, node_type=KaflNodeType.preliminary, performance=performance) self.preliminary_mode_queue.append(new_node) self.graph.append(self.__get_from_ref(self.current), new_node) self.draw() return True return False if node_type: if node_type >= KaflNodeType.crash: if node_type == KaflNodeType.crash: accepted = self.__is_unique_crash(bitmap) elif node_type == KaflNodeType.kasan: accepted = self.__is_unique_kasan(bitmap) elif node_type == KaflNodeType.timeout: accepted = self.__is_unique_timeout(bitmap) if not accepted: return False if not accepted: new_byte_count, new_bit_count = self.__are_new_bits_present(bitmap) found = (new_bit_count != 0) if self.__check_if_duplicate(payload): return False if found: if not node_type >=KaflNodeType.crash: self.paths += 1 accepted = True if accepted: if self.__check_if_duplicate(payload): return False log_tree("new input found: " + repr(payload[:32])) new_node = KaflNode((self.level + 1), payload, bitmap, methode, node_state=node_state, node_type=node_type, performance=performance, new_byte_count=new_byte_count, new_bit_count=new_bit_count) if methode: self.fuzz_yield.append_result(methode) self.fuzz_yield.write_result(FuzzerConfiguration().argument_values['work_dir'] + "/yield.txt") self.__append_to_level(new_node) self.graph.append(self.__get_from_ref(self.current), new_node) if not node_type >=KaflNodeType.crash: self.__check_if_favorite(new_node) self.__is_favorite(new_node) if self.max_min_bucketing_enabled and self.old_pending_node: self.__is_favorite(self.old_pending_node) self.old_pending_node = None self.draw() return True else: return False