def test_basic(self): """Test basic fuzzing session.""" session = fuzz_task.FuzzingSession('libFuzzer', 'libfuzzer_asan_test', 60) session.testcase_directory = os.environ['FUZZ_INPUTS'] session.data_directory = '/data_dir' os.environ['FUZZ_TARGET'] = 'test_target' os.environ['APP_REVISION'] = '1' expected_crashes = [engine.Crash('/input', 'stack', ['args'], 1.0)] engine_impl = mock.Mock() engine_impl.name = 'libFuzzer' engine_impl.prepare.return_value = engine.FuzzOptions( '/corpus', ['arg'], ['strategy_1', 'strategy_2']) engine_impl.fuzz.return_value = engine.Result( 'logs', ['cmd'], expected_crashes, {'stat': 1}, 42.0) crashes, fuzzer_metadata = session.do_engine_fuzzing(engine_impl) self.assertDictEqual({ 'issue_components': 'component1,component2', 'issue_labels': 'label1,label2', 'issue_owners': '*****@*****.**', }, fuzzer_metadata) log_time = datetime.datetime(1970, 1, 1, 0, 0) self.mock.upload_log.assert_called_with( 'Component revisions (build r1):\n' 'component: rev\n\n' 'Return code: 1\n\n' 'Command: cmd\nBot: None\nTime ran: 42.0\n\n' 'logs\n' 'cf::fuzzing_strategies: strategy_1,strategy_2', log_time) self.mock.upload_testcase.assert_called_with('/input', log_time) self.assertEqual(1, len(crashes)) self.assertEqual('/input', crashes[0].file_path) self.assertEqual(1, crashes[0].return_code) self.assertEqual('stack', crashes[0].unsymbolized_crash_stacktrace) self.assertEqual(1.0, crashes[0].crash_time) self.assertListEqual(['test_target', 'args'], crashes[0].arguments) upload_args = self.mock.upload_stats.call_args[0][0] testcase_run = upload_args[0] self.assertDictEqual({ 'build_revision': 1, 'command': ['cmd'], 'fuzzer': u'libFuzzer_test_target', 'job': 'libfuzzer_asan_test', 'kind': 'TestcaseRun', 'stat': 1, 'timestamp': 0.0, }, testcase_run.data)
def prepare(self, corpus_dir, target_path, build_dir): # pylint: disable=unused-argument """Prepare for a fuzzing session by generating options. Though blackbox fuzzers follow the engine interface, they must be launched in a different manner from most other engine fuzzers. Instead of running a target directly, these fuzzers tend to be wrapper scripts which generate test cases and pass them to a binary that is managed by the infrastructure. Args: corpus_dir: The main corpus directory. target_path: Path to the fuzzer script or binary. build_dir: Path to the build directory. Returns: A FuzzOptions object. """ return engine.FuzzOptions(corpus_dir, [], {})
def prepare(self, corpus_dir, target_path, build_dir): """Prepare for a fuzzing session, by generating options. Returns a FuzzOptions object. Args: corpus_dir: The main corpus directory. target_path: Path to the target. build_dir: Path to the build directory. Returns: A FuzzOptions object. """ arguments = [] dict_path = dictionary_manager.get_default_dictionary_path(target_path) if os.path.exists(dict_path): arguments.extend(['--dict', dict_path]) return engine.FuzzOptions(corpus_dir, arguments, {})