def build():
"""Build an AFL version and SymCC version of the benchmark"""
print("Step 1: Building with AFL and SymCC")
build_directory = os.environ['OUT']
# First build with AFL.
src = os.getenv('SRC')
work = os.getenv('WORK')
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
aflplusplus_fuzzer.build("tracepc", "symcc")
print("Step 2: Completed AFL build")
# Copy over AFL artifacts needed by SymCC.
shutil.copy("/afl/afl-fuzz", build_directory)
shutil.copy("/afl/afl-showmap", build_directory)
# Copy over symcc artifacts and symbolic libc++.
print("Step 3: Copying SymCC files")
symcc_build_dir = get_symcc_build_dir(os.environ['OUT'])
shutil.copy(
"/symcc/build//SymRuntime-prefix/src/SymRuntime-build/libSymRuntime.so",
symcc_build_dir)
shutil.copy("/usr/lib/libz3.so", os.path.join(symcc_build_dir, "libz3.so"))
shutil.copy("/libcxx_native_build/lib/libc++.so.1", symcc_build_dir)
shutil.copy("/libcxx_native_build/lib/libc++abi.so.1", symcc_build_dir)
shutil.copy("/rust/bin/symcc_fuzzing_helper", symcc_build_dir)
def build():
"""Build benchmark."""
# Backup the environment.
orig_env = os.environ.copy()
#src = os.getenv('SRC')
#work = os.getenv('WORK')
build_directory = os.getenv('OUT')
fuzz_target = os.getenv('FUZZ_TARGET')
# First, build an uninstrumented binary for Eclipser.
aflplusplus_fuzzer.build("qemu", "eclipser")
eclipser_dir = get_uninstrumented_outdir(build_directory)
os.mkdir(eclipser_dir)
fuzz_binary = build_directory + '/' + fuzz_target
shutil.copy(fuzz_binary, eclipser_dir)
if os.path.isdir(build_directory + '/seeds'):
shutil.rmtree(build_directory + '/seeds')
# Second, build an instrumented binary for AFL++.
os.environ = orig_env
aflplusplus_fuzzer.build("tracepc")
print('[build] Copying afl-fuzz to $OUT directory')
# Copy afl-fuzz
shutil.copy('/afl/afl-fuzz', build_directory)
def build():
"""Build an AFL version and SymCC version of the benchmark"""
print("Step 1: Building with AFL")
build_directory = os.environ['OUT']
# Save the environment for use in SymCC
new_env = os.environ.copy()
# First build with AFL.
src = os.getenv('SRC')
work = os.getenv('WORK')
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
aflplusplus_fuzzer.build()
print("Step 2: Completed AFL build")
# Copy over AFL artifacts needed by SymCC.
shutil.copy("/afl/afl-fuzz", build_directory)
shutil.copy("/afl/afl-showmap", build_directory)
# Build the SymCC-instrumented target.
print("Step 3: Building the benchmark with SymCC")
symcc_build_dir = get_symcc_build_dir(os.environ['OUT'])
os.mkdir(symcc_build_dir)
# Set flags to ensure compilation with SymCC.
new_env['CC'] = "/symcc/build/symcc"
new_env['CXX'] = "/symcc/build/sym++"
new_env['CXXFLAGS'] = new_env['CXXFLAGS'].replace("-stlib=libc++", "")
new_env['FUZZER_LIB'] = '/libfuzzer-harness.o'
new_env['OUT'] = symcc_build_dir
new_env['CXXFLAGS'] += " -fno-sanitize=all "
new_env['CFLAGS'] += " -fno-sanitize=all "
# Setting this environment variable instructs SymCC to use the
# libcxx library compiled with SymCC instrumentation.
new_env['SYMCC_LIBCXX_PATH'] = "/libcxx_native_build"
# Instructs SymCC to consider no symbolic inputs at runtime. This is needed
# if, for example, some tests are run during compilation of the benchmark.
new_env['SYMCC_NO_SYMBOLIC_INPUT'] = "1"
# Build benchmark.
utils.build_benchmark(env=new_env)
# Copy over symcc artifacts and symbolic libc++.
shutil.copy(
"/symcc/build//SymRuntime-prefix/src/SymRuntime-build/libSymRuntime.so",
symcc_build_dir)
shutil.copy("/usr/lib/libz3.so", os.path.join(symcc_build_dir, "libz3.so"))
shutil.copy("/libcxx_native_build/lib/libc++.so.1", symcc_build_dir)
shutil.copy("/libcxx_native_build/lib/libc++abi.so.1", symcc_build_dir)
shutil.copy("/rust/bin/symcc_fuzzing_helper", symcc_build_dir)
def build():
"""Build benchmark."""
build_directory = os.getenv('OUT')
fuzz_target = os.getenv('FUZZ_TARGET')
# First, build an uninstrumented binary.
aflplusplus_fuzzer.build("qemu", "eclipser")
qemu_dir = get_uninstrumented_outdir(build_directory)
os.mkdir(qemu_dir)
fuzz_binary = build_directory + '/' + fuzz_target
shutil.copy(fuzz_binary, qemu_dir)
if os.path.isdir(build_directory + '/seeds'):
shutil.rmtree(build_directory + '/seeds')
aflplusplus_fuzzer.build("tracepc")
shutil.copy('/afl/afl-fuzz', build_directory)
if os.path.exists('/afl/afl-qemu-trace'):
shutil.copy('/afl/afl-qemu-trace', build_directory)
if os.path.exists('/aflpp_qemu_driver_hook.so'):
shutil.copy('/aflpp_qemu_driver_hook.so', build_directory)
def build():
"""Build an AFL version and SymCC version of the benchmark"""
# Backup the environment.
orig_env = os.environ.copy()
#src = os.getenv('SRC')
#work = os.getenv('WORK')
build_directory = os.getenv('OUT')
fuzz_target = os.getenv('FUZZ_TARGET')
# First, build an uninstrumented binary for Eclipser.
aflplusplus_fuzzer.build("qemu", "eclipser")
eclipser_dir = get_symcc_build_dir(build_directory)
os.mkdir(eclipser_dir)
fuzz_binary = build_directory + '/' + fuzz_target
shutil.copy(fuzz_binary, eclipser_dir)
if os.path.isdir(build_directory + '/seeds'):
shutil.rmtree(build_directory + '/seeds')
# Second, build an instrumented binary for AFL++.
os.environ = orig_env
aflplusplus_fuzzer.build("tracepc")
print('[build] Copying afl-fuzz to $OUT directory')
# Copy afl-fuzz
shutil.copy('/afl/afl-fuzz', build_directory)
shutil.copy("/afl/afl-showmap", build_directory)
shutil.copy("/rust/bin/symcc_fuzzing_helper", eclipser_dir)
symcc_build_dir = get_symcc_build_dir(os.environ['OUT'])
# Copy over symcc artifacts and symbolic libc++.
shutil.copy(
"/symcc/build//SymRuntime-prefix/src/SymRuntime-build/libSymRuntime.so",
symcc_build_dir)
shutil.copy("/usr/lib/libz3.so", os.path.join(symcc_build_dir, "libz3.so"))
shutil.copy("/rust/bin/symcc_fuzzing_helper", symcc_build_dir)
shutil.copy("/symqemu/build/x86_64-linux-user/symqemu-x86_64",
symcc_build_dir)
def build():
"""Build fuzzer."""
aflplusplus_fuzzer.build()
def build(): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
aflplusplus_fuzzer.build()
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build('classic', 'ctx', 'laf', 'nozero')
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build('classic', 'ngram6', 'laf')
def build(): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
benchmark_name = os.environ['BENCHMARK']
if benchmark_name == 'bloaty_fuzz_target':
aflplusplus_fuzzer.build("lto")
elif benchmark_name == 'curl_curl_fuzzer_http':
aflplusplus_fuzzer.build("lto")
elif benchmark_name == 'freetype2-2017':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'harfbuzz-1.3.2':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'jsoncpp_jsoncpp_fuzzer':
aflplusplus_fuzzer.build("lto", "laf")
elif benchmark_name == 'lcms-2017-03-21':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'libjpeg-turbo-07-2017':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'libxslt_xpath':
aflplusplus_fuzzer.build("lto", "cmplog")
elif benchmark_name == 'openh264_decoder_fuzzer':
aflplusplus_fuzzer.build("lto", "cmplog")
elif benchmark_name == 'openssl_x509':
aflplusplus_fuzzer.build("tracepc", "dict2file")
elif benchmark_name == 'php_php-fuzz-parser':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'proj4-2017-08-14':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'sqlite3_ossfuzz':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'stb_stbi_read_fuzzer':
aflplusplus_fuzzer.build("lto", "cmplog")
elif benchmark_name == 'systemd_fuzz-link-parser':
aflplusplus_fuzzer.build("tracepc", "dict2file")
elif benchmark_name == 'vorbis-2017-12-11':
aflplusplus_fuzzer.build("lto", "laf")
elif benchmark_name == 'zlib_zlib_uncompress_fuzzer':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
else:
build_flags = os.environ['CFLAGS']
if build_flags.find('array-bounds') != -1:
aflplusplus_fuzzer.build("tracepc", "dict2file")
else:
aflplusplus_fuzzer.build("lto", "cmplog")
for copy_file in glob.glob("/afl/libc*"):
shutil.copy(copy_file, os.environ['OUT'])
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build('classic', 'ctx', 'laf', 'skipsingle')
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build("tracepc", "nozero")
def build(): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
benchmark_name = os.environ['BENCHMARK']
if benchmark_name == 'bloaty_fuzz_target':
aflplusplus_fuzzer.build("tracepc", "cmplog")
elif benchmark_name == 'curl_curl_fuzzer_http':
aflplusplus_fuzzer.build("tracepc", "cmplog")
elif benchmark_name == 'libjpeg-turbo-07-2017':
aflplusplus_fuzzer.build("lto", "fixed")
elif benchmark_name == 'libpng-1.2.56':
aflplusplus_fuzzer.build("lto", "laf", "fixed")
elif benchmark_name == 'libxml2-v2.9.2':
aflplusplus_fuzzer.build("lto", "fixed")
elif benchmark_name == 'mbedtls_fuzz_dtlsclient':
aflplusplus_fuzzer.build("tracepc")
elif benchmark_name == 'openssl_x509':
aflplusplus_fuzzer.build("tracepc")
elif benchmark_name == 'php_php-fuzz-parser':
aflplusplus_fuzzer.build("classic", "ctx", "cmplog")
elif benchmark_name == 'proj4-2017-08-14':
aflplusplus_fuzzer.build("tracepc", "cmplog")
elif benchmark_name == 'sqlite3_ossfuzz':
aflplusplus_fuzzer.build("lto", "fixed")
elif benchmark_name == 'systemd_fuzz-link-parser':
aflplusplus_fuzzer.build("lto", "cmplog")
elif benchmark_name == 'vorbis-2017-12-11':
aflplusplus_fuzzer.build("tracepc", "laf")
elif benchmark_name == 'woff2-2016-05-06':
aflplusplus_fuzzer.build("lto", "fixed")
elif benchmark_name == 'zlib_zlib_uncompress_fuzzer':
aflplusplus_fuzzer.build("tracepc", "cmplog")
else:
aflplusplus_fuzzer.build("lto", "cmplog", "fixed")
for copy_file in glob.glob("/afl/libc*"):
shutil.copy(copy_file, os.environ['OUT'])
def build(): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
os.environ['LOOP_ONLY'] = '1'
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
def build(): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
benchmark_name = os.environ['BENCHMARK']
if benchmark_name == 'bloaty_fuzz_target':
aflplusplus_fuzzer.build("lto", "laf", "autodict", "dynamic")
elif benchmark_name == 'curl_curl_fuzzer_http':
aflplusplus_fuzzer.build("tracepc", "cmplog")
elif benchmark_name == 'freetype2-2017':
aflplusplus_fuzzer.build("lto", "autodict", "dynamic")
elif benchmark_name == 'harfbuzz-1.3.2':
aflplusplus_fuzzer.build("tracepc")
elif benchmark_name == 'jsoncpp_jsoncpp_fuzzer':
aflplusplus_fuzzer.build("tracepc")
elif benchmark_name == 'lcms-2017-03-21':
aflplusplus_fuzzer.build("classic", "ctx", "nozero", "skipsingle",
"cmplog")
elif benchmark_name == 'libjpeg-turbo-07-2017':
aflplusplus_fuzzer.build("tracepc", "laf")
elif benchmark_name == 'libpcap_fuzz_both':
aflplusplus_fuzzer.build("lto", "laf")
elif benchmark_name == 'libpng-1.2.56':
aflplusplus_fuzzer.build("classic", "ctx", "nozero", "skipsingle")
elif benchmark_name == 'mbedtls_fuzz_dtlsclient':
aflplusplus_fuzzer.build("tracepc")
elif benchmark_name == 'openssl_x509':
aflplusplus_fuzzer.build("lto", "autodict", "dynamic")
elif benchmark_name == 'openthread-2019-12-23':
aflplusplus_fuzzer.build("classic", "ctx", "nozero", "skipsingle")
elif benchmark_name == 'php_php-fuzz-parser':
aflplusplus_fuzzer.build("classic", "ctx", "nozero", "skipsingle")
elif benchmark_name == 'proj4-2017-08-14':
aflplusplus_fuzzer.build("lto", "cmplog", "autodict")
elif benchmark_name == 'systemd_fuzz-link-parser':
aflplusplus_fuzzer.build("tracepc", "cmplog")
elif benchmark_name == 'vorbis-2017-12-11':
aflplusplus_fuzzer.build("tracepc", "laf")
elif benchmark_name == 'woff2-2016-05-06':
aflplusplus_fuzzer.build("classic", "ctx", "nozero", "skipsingle",
"laf")
elif benchmark_name == 'zlib_zlib_uncompress_fuzzer':
aflplusplus_fuzzer.build("classic", "ngram6", "nozero", "skipsingle",
"cmplog")
else:
aflplusplus_fuzzer.build("lto", "autodict")
for copy_file in glob.glob("/afl/libc*"):
shutil.copy(copy_file, os.environ['OUT'])
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build("cmplog", "ngram3", "nozero")
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build("instrim")
def build(): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
benchmark_name = os.environ['BENCHMARK']
if benchmark_name == 'bloaty_fuzz_target':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'curl_curl_fuzzer_http':
aflplusplus_fuzzer.build("tracepc", "cmplog")
elif benchmark_name == 'lcms-2017-03-21':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'libjpeg-turbo-07-2017':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'libpcap_fuzz_both':
aflplusplus_fuzzer.build("tracepc", "dict2file")
elif benchmark_name == 'libpng-1.2.56':
aflplusplus_fuzzer.build("lto", "laf")
elif benchmark_name == 'libxml2-v2.9.2':
aflplusplus_fuzzer.build("lto")
elif benchmark_name == 'libxslt_xpath':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'mbedtls_fuzz_dtlsclient':
aflplusplus_fuzzer.build("tracepc")
elif benchmark_name == 'ndpi_fuzz_ndpi_reader':
aflplusplus_fuzzer.build("tracepc", "dict2file")
elif benchmark_name == 'openexr_openexr_exrenvmap_fuzzer':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'openssl_x509':
aflplusplus_fuzzer.build("tracepc", "dict2file")
elif benchmark_name == 'php_php-fuzz-parser':
aflplusplus_fuzzer.build("native", "cmplog", "dict2file")
elif benchmark_name == 'proj4-2017-08-14':
aflplusplus_fuzzer.build("tracepc", "cmplog")
elif benchmark_name == 're2-2014-12-09':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'sqlite3_ossfuzz':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'systemd_fuzz-link-parser':
aflplusplus_fuzzer.build("lto", "cmplog")
elif benchmark_name == 'vorbis-2017-12-11':
aflplusplus_fuzzer.build("tracepc", "laf")
elif benchmark_name == 'woff2-2016-05-06':
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
elif benchmark_name == 'zlib_zlib_uncompress_fuzzer':
aflplusplus_fuzzer.build("tracepc", "cmplog")
else:
build_flags = os.environ['CFLAGS']
if build_flags.find('array-bounds') != -1:
aflplusplus_fuzzer.build("tracepc", "laf", "dict2file")
else:
aflplusplus_fuzzer.build("lto", "cmplog")
for copy_file in glob.glob("/afl/libc*"):
shutil.copy(copy_file, os.environ['OUT'])
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build('laf', 'cmplog')
def build(): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
#os.environ['AFL_MAP_SIZE'] = '2621440'
os.environ['DDG_INSTR'] = '1'
aflplusplus_fuzzer.build("classic")
def build(): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
os.environ['AFL_MAP_SIZE'] = '2621440'
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build("cmplog", "instrim", "nozero")
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build('qemu')
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build('cmplog')
shutil.copy('/afl/honggfuzz.so', os.environ['OUT'])
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build('qemu')
shutil.copy('/afl/frida_mode/build/frida_hook.so', os.environ['OUT'])
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build("ctx")
def build():
"""Build benchmark."""
aflplusplus_fuzzer.build("ngram2")
def build(): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
os.environ['AFL_LLVM_SKIP_NEVERZERO'] = '1'
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
def build(): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
aflplusplus_fuzzer.build("tracepc", "cmplog", "dict2file")
def build():
"""Build benchmark."""
build_directory = os.getenv('OUT')
aflplusplus_fuzzer.build("tracepc", "cmplog")
shutil.copy('/afl/afl-fuzz', build_directory)
