def prepare_build_environment(): """Set environment variables used to build AFL-based fuzzers.""" utils.set_no_sanitizer_compilation_flags() cflags = ['-O3', '-fsanitize-coverage=trace-pc-guard'] utils.append_flags('CFLAGS', cflags) utils.append_flags('CXXFLAGS', cflags) os.environ['CC'] = 'clang' os.environ['CXX'] = 'clang++' os.environ['FUZZER_LIB'] = '/libAFL.a'
def build(): """Build benchmark.""" utils.set_no_sanitizer_compilation_flags() cflags = ['-O3', '-fsanitize-coverage=trace-pc-guard'] utils.append_flags('CFLAGS', cflags) utils.append_flags('CXXFLAGS', cflags) os.environ['CC'] = 'clang' os.environ['CXX'] = 'clang++' os.environ['FUZZER_LIB'] = '/usr/lib/libFuzzer.a' utils.build_benchmark()
def build(): """Build benchmark.""" utils.set_no_sanitizer_compilation_flags() cflags = ['-O3', '-fsanitize=fuzzer-no-link'] utils.append_flags('CFLAGS', cflags) utils.append_flags('CXXFLAGS', cflags) os.environ['CC'] = 'clang' os.environ['CXX'] = 'clang++' os.environ['FUZZER_LIB'] = '/libEntropic.a' utils.build_benchmark()
def build(): """Build benchmark.""" # QEMU does not work with sanitizers, so skip -fsanitize=. See # https://github.com/SoftSec-KAIST/Eclipser/issues/5 utils.set_no_sanitizer_compilation_flags() cflags = ['-O3'] utils.append_flags('CFLAGS', cflags) utils.append_flags('CXXFLAGS', cflags) os.environ['CC'] = 'clang' os.environ['CXX'] = 'clang++' os.environ['FUZZER_LIB'] = '/libStandaloneFuzzTarget.a' utils.build_benchmark()
def build(): """Build benchmark.""" # With LibFuzzer we use -fsanitize=fuzzer-no-link for build CFLAGS and then # /usr/lib/libFuzzer.a as the FUZZER_LIB for the main fuzzing binary. This # allows us to link against a version of LibFuzzer that we specify. utils.set_no_sanitizer_compilation_flags() cflags = ['-O3', '-fsanitize=fuzzer-no-link'] utils.append_flags('CFLAGS', cflags) utils.append_flags('CXXFLAGS', cflags) os.environ['CC'] = 'clang' os.environ['CXX'] = 'clang++' os.environ['FUZZER_LIB'] = '/usr/lib/libFuzzer.a' utils.build_benchmark()
def build(): """Build benchmark.""" utils.set_no_sanitizer_compilation_flags() cflags = ['-O3'] utils.append_flags('CFLAGS', cflags) utils.append_flags('CXXFLAGS', cflags) # honggfuzz doesn't need additional libraries when code is compiled # with hfuzz-clang(++) os.environ['CC'] = '/honggfuzz/hfuzz_cc/hfuzz-clang' os.environ['CXX'] = '/honggfuzz/hfuzz_cc/hfuzz-clang++' os.environ['FUZZER_LIB'] = '/honggfuzz/empty_lib.o' utils.build_benchmark() print('[post_build] Copying honggfuzz to $OUT directory') # Copy over honggfuzz's main fuzzing binary. shutil.copy('/honggfuzz/honggfuzz', os.environ['OUT'])
def build(): """Build fuzzer.""" afl_fuzzer.prepare_build_environment() # Override AFL's FUZZER_LIB with QSYM's. os.environ['FUZZER_LIB'] = '/libQSYM.a' src = os.getenv('SRC') work = os.getenv('WORK') with utils.restore_directory(src), utils.restore_directory(work): # Restore SRC to its initial state so we can build again without any # trouble. For some OSS-Fuzz projects, build_benchmark cannot be run # twice in the same directory without this. utils.build_benchmark() # QSYM requires an uninstrumented build as well. new_env = os.environ.copy() utils.set_no_sanitizer_compilation_flags(new_env) cflags = ['-O2', '-fno-omit-frame-pointer', '-gline-tables-only'] utils.append_flags('CFLAGS', cflags, new_env) utils.append_flags('CXXFLAGS', cflags, new_env) # For uninstrumented build, set the OUT and FUZZ_TARGET environment # variable to point to the new uninstrumented build directory. build_directory = os.environ['OUT'] uninstrumented_build_directory = get_uninstrumented_build_directory( build_directory) os.mkdir(uninstrumented_build_directory) new_env['OUT'] = uninstrumented_build_directory fuzz_target = os.getenv('FUZZ_TARGET') if fuzz_target: new_env['FUZZ_TARGET'] = os.path.join(uninstrumented_build_directory, os.path.basename(fuzz_target)) print('Re-building benchmark for uninstrumented fuzzing target') utils.build_benchmark(env=new_env) print('[post_build] Copying afl-fuzz to $OUT directory') # Copy out the afl-fuzz binary as a build artifact. shutil.copy('/afl/afl-fuzz', build_directory) # QSYM also requires afl-showmap. print('[post_build] Copying afl-showmap to $OUT directory') shutil.copy('/afl/afl-showmap', build_directory)
def build(): """Build fuzzer.""" cflags = ['-O3'] utils.set_no_sanitizer_compilation_flags() utils.append_flags('CFLAGS', cflags) utils.append_flags('CXXFLAGS', cflags) os.environ['CC'] = '/afl/afl-clang-fast' os.environ['CXX'] = '/afl/afl-clang-fast++' os.environ['FUZZER_LIB'] = '/libAFLDriver.a' # Some benchmarks like lcms # (see: https://github.com/mm2/Little-CMS/commit/ab1093539b4287c233aca6a3cf53b234faceb792#diff-f0e6d05e72548974e852e8e55dffc4ccR212) # fail to compile if the compiler outputs things to stderr in unexpected # cases. Prevent these failures by using AFL_QUIET to stop afl-clang-fast # from writing AFL specific messages to stderr. os.environ['AFL_QUIET'] = '1' utils.build_benchmark() shutil.copy('/afl/afl-fuzz', os.environ['OUT'])
def prepare_build_environment(): """Set environment variables used to build benchmark.""" utils.set_no_sanitizer_compilation_flags() # Update compiler flags for clang-3.8. cflags = ['-fPIC'] cppflags = cflags + [ '-I/usr/local/include/c++/v1/', '-stdlib=libc++', '-std=c++11' ] utils.append_flags('CFLAGS', cflags) utils.append_flags('CXXFLAGS', cppflags) # Add flags for various benchmarks. add_compilation_cflags() # Setup aflcc compiler. os.environ['LLVM_CONFIG'] = 'llvm-config-3.8' os.environ['CC'] = '/afl/aflc-gclang' os.environ['CXX'] = '/afl/aflc-gclang++' os.environ['FUZZER_LIB'] = '/libAFL.a' # Fix FUZZER_LIB for various benchmarks. fix_fuzzer_lib()
def prepare_build_environment(): """Set environment variables used to build benchmark.""" utils.set_no_sanitizer_compilation_flags() # In php benchmark, there is a call to __builtin_cpu_supports("ssse3") # (see https://github.com/php/php-src/blob/master/Zend/zend_cpuinfo.h). # It is not supported by clang-3.8, so we define the MACRO below # to replace any __builtin_cpu_supports() with 0, i.e., not supported cflags = ['-O3', '-fPIC', '-D__builtin_cpu_supports\\(x\\)=0'] cppflags = cflags + ['-I/usr/local/include/c++/v1/', '-std=c++11'] utils.append_flags('CFLAGS', cflags) utils.append_flags('CXXFLAGS', cppflags) # Enable LAF-INTEL changes os.environ['LAF_SPLIT_SWITCHES'] = '1' os.environ['LAF_TRANSFORM_COMPARES'] = '1' os.environ['LAF_SPLIT_COMPARES'] = '1' os.environ['AFL_CC'] = 'clang-3.8' os.environ['AFL_CXX'] = 'clang++-3.8' os.environ['CC'] = '/afl/afl-clang-fast' os.environ['CXX'] = '/afl/afl-clang-fast++' os.environ['FUZZER_LIB'] = '/libAFL.a'
def build(): """Build fuzzer.""" # BUILD_MODES is not already supported by fuzzbench, meanwhile we provide # a default configuration. build_modes = ['instrim', 'laf'] if 'BUILD_MODES' in os.environ: build_modes = os.environ['BUILD_MODES'].split(',') utils.set_no_sanitizer_compilation_flags() optimization_cflags = [ '-O2', ] utils.append_flags('CFLAGS', optimization_cflags) utils.append_flags('CXXFLAGS', optimization_cflags) if 'qemu' in build_modes: os.environ['CC'] = 'clang' os.environ['CXX'] = 'clang++' else: os.environ['CC'] = '/afl/afl-clang-fast' os.environ['CXX'] = '/afl/afl-clang-fast++' if 'laf' in build_modes: os.environ['AFL_LLVM_LAF_SPLIT_SWITCHES'] = '1' os.environ['AFL_LLVM_LAF_TRANSFORM_COMPARES'] = '1' os.environ['AFL_LLVM_LAF_SPLIT_COMPARES'] = '1' if 'instrim' in build_modes: # I avoid to put also AFL_LLVM_INSTRIM_LOOPHEAD os.environ['AFL_LLVM_INSTRIM'] = '1' os.environ['AFL_LLVM_INSTRIM_SKIPSINGLEBLOCK'] = '1' os.environ['FUZZER_LIB'] = '/libAFLDriver.a' # Some benchmarks like lcms # (see: https://github.com/mm2/Little-CMS/commit/ab1093539b4287c233aca6a3cf53b234faceb792#diff-f0e6d05e72548974e852e8e55dffc4ccR212) # fail to compile if the compiler outputs things to stderr in unexpected # cases. Prevent these failures by using AFL_QUIET to stop afl-clang-fast # from writing AFL specific messages to stderr. os.environ['AFL_QUIET'] = '1' src = os.getenv('SRC') work = os.getenv('WORK') with utils.restore_directory(src), utils.restore_directory(work): # Restore SRC to its initial state so we can build again without any # trouble. For some OSS-Fuzz projects, build_benchmark cannot be run # twice in the same directory without this. utils.build_benchmark() if 'cmplog' in build_modes and 'qemu' not in build_modes: # CmpLog requires an build with different instrumentation. new_env = os.environ.copy() new_env['AFL_LLVM_CMPLOG'] = '1' # For CmpLog build, set the OUT and FUZZ_TARGET environment # variable to point to the new CmpLog build directory. build_directory = os.environ['OUT'] cmplog_build_directory = get_cmplog_build_directory(build_directory) os.mkdir(cmplog_build_directory) new_env['OUT'] = cmplog_build_directory fuzz_target = os.getenv('FUZZ_TARGET') if fuzz_target: new_env['FUZZ_TARGET'] = os.path.join(cmplog_build_directory, os.path.basename(fuzz_target)) print('Re-building benchmark for CmpLog fuzzing target') utils.build_benchmark(env=new_env) shutil.copy('/afl/afl-fuzz', os.environ['OUT'])