def fuzz_obj(obj): obj.SetAsync(True) obj.SetAsync(False) obj.GetAsync() obj.SkipLLDBInitFiles(True) obj.SetInputFileHandle(None, True) obj.SetOutputFileHandle(None, True) obj.SetErrorFileHandle(None, True) obj.SetInputString("") obj.GetInputFileHandle() obj.GetOutputFileHandle() obj.GetErrorFileHandle() obj.GetCommandInterpreter() obj.HandleCommand("nothing here") listener = obj.GetListener() try: obj.HandleProcessEvent(lldb.SBProcess(), lldb.SBEvent(), None, None) except Exception: pass obj.CreateTargetWithFileAndTargetTriple("a.out", "A-B-C") obj.CreateTargetWithFileAndArch("b.out", "arm") obj.CreateTarget("c.out") obj.DeleteTarget(lldb.SBTarget()) obj.GetTargetAtIndex(0xffffffff) obj.FindTargetWithProcessID(0) obj.FindTargetWithFileAndArch("a.out", "arm") obj.GetNumTargets() obj.GetSelectedTarget() obj.GetNumPlatforms() obj.GetPlatformAtIndex(0xffffffff) obj.GetNumAvailablePlatforms() obj.GetAvailablePlatformInfoAtIndex(0xffffffff) obj.GetSourceManager() obj.SetSelectedTarget(lldb.SBTarget()) obj.SetCurrentPlatformSDKRoot("tmp/sdk-root") try: obj.DispatchInput(None) except Exception: pass obj.DispatchInputInterrupt() obj.DispatchInputEndOfFile() obj.GetInstanceName() obj.GetDescription(lldb.SBStream()) obj.GetTerminalWidth() obj.SetTerminalWidth(0xffffffff) obj.GetID() obj.GetPrompt() obj.SetPrompt("Hi, Mom!") obj.GetScriptLanguage() obj.SetScriptLanguage(lldb.eScriptLanguageNone) obj.SetScriptLanguage(lldb.eScriptLanguagePython) obj.GetCloseInputOnEOF() obj.SetCloseInputOnEOF(True) obj.SetCloseInputOnEOF(False) obj.Clear() for target in obj: s = str(target)
def fuzz_obj(obj): obj.GetFileAddress() obj.GetLoadAddress(lldb.SBTarget()) obj.SetLoadAddress(0xffff, lldb.SBTarget()) obj.OffsetAddress(sys.maxsize) obj.GetDescription(lldb.SBStream()) obj.GetSection() obj.GetSymbolContext(lldb.eSymbolContextEverything) obj.GetModule() obj.GetCompileUnit() obj.GetFunction() obj.GetBlock() obj.GetSymbol() obj.GetLineEntry() obj.Clear()
def test_SBTarget(self): obj = lldb.SBTarget() if self.TraceOn(): print obj self.assertFalse(obj) # Do fuzz testing on the invalid obj, it should not crash lldb. import sb_target sb_target.fuzz_obj(obj)
def fuzz_obj(obj): obj.GetName() obj.GetMangledName() obj.GetInstructions(lldb.SBTarget()) obj.GetStartAddress() obj.GetEndAddress() obj.GetPrologueByteSize() obj.GetType() obj.GetDescription(lldb.SBStream())
def fuzz_obj(obj): obj.GetName() obj.GetMangledName() obj.GetInstructions(lldb.SBTarget()) sa = obj.GetStartAddress() ea = obj.GetEndAddress() # Do fuzz testing on the address obj, it should not crash lldb. import sb_address sb_address.fuzz_obj(sa) sb_address.fuzz_obj(ea) obj.GetPrologueByteSize obj.GetDescription(lldb.SBStream())
def fuzz_obj(obj): obj.GetFileSpec() obj.GetPlatformFileSpec() obj.SetPlatformFileSpec(lldb.SBFileSpec()) obj.GetUUIDString() obj.ResolveFileAddress(sys.maxint) obj.ResolveSymbolContextForAddress(lldb.SBAddress(), 0) obj.GetDescription(lldb.SBStream()) obj.GetNumSymbols() obj.GetSymbolAtIndex(sys.maxint) obj.FindFunctions("my_func", 0xffffffff, True, lldb.SBSymbolContextList()) obj.FindGlobalVariables(lldb.SBTarget(), "my_global_var", 1) for section in obj.section_iter(): print section for symbol in obj.symbol_in_section_iter(lldb.SBSection()): print symbol for symbol in obj: print symbol
def fuzz_obj(obj): obj.GetFileSpec() obj.GetPlatformFileSpec() obj.SetPlatformFileSpec(lldb.SBFileSpec()) obj.GetUUIDString() obj.ResolveFileAddress(sys.maxint) obj.ResolveSymbolContextForAddress(lldb.SBAddress(), 0) obj.GetDescription(lldb.SBStream()) obj.GetNumSymbols() obj.GetSymbolAtIndex(sys.maxint) sc_list = obj.FindFunctions("my_func") sc_list = obj.FindFunctions("my_func", lldb.eFunctionNameTypeAny) obj.FindGlobalVariables(lldb.SBTarget(), "my_global_var", 1) for section in obj.section_iter(): print section for symbol in obj.symbol_in_section_iter(lldb.SBSection()): print symbol for symbol in obj: print symbol obj.GetAddressByteSize() obj.GetByteOrder() obj.GetTriple()
def test_debugger_delete_invalid_target(self): """SBDebugger.DeleteTarget() should not crash LLDB given and invalid target.""" target = lldb.SBTarget() self.assertFalse(target.IsValid()) self.dbg.DeleteTarget(target)
def do_test(self, use_target_create): self.absent_file = '/nosuch_dir/nosuch_subdir/nosuch_executable' self.a_packet_file = None class MyResponder(MockGDBServerResponder): def __init__(self, testcase): MockGDBServerResponder.__init__(self) self.after_launch = False self.testcase = testcase self.current_thread = 0 def A(self, packet): # This is the main test, we want to see that lldb DID send the # A packet to get debugserver to load the file. # Skip the length and second length: print("Got A packet: {0}".format(packet)) a_arr = packet.split(",") self.testcase.a_packet_file = bytearray.fromhex(a_arr[2]).decode() return "OK" def qXferRead(self, obj, annex, offset, length): if annex == "target.xml": return """<?xml version="1.0"?> <target version="1.0"> <architecture>i386:x86-64</architecture> <feature name="org.gnu.gdb.i386.core"> <reg name="rip" bitsize="64" regnum="0" type="code_ptr" group="general"/> </feature> </target>""", False else: return None, False def qC(self): if not self.after_launch: return "QC0" return "0" def qfThreadInfo(self): if not self.after_launch: return "OK" return "m0" def qsThreadInfo(self): if not self.after_launch: return "OK" return "l" def qLaunchSuccess(self): return "OK" def qProcessInfo(self): return "$pid:10b70;parent-pid:10b20;real-uid:1f6;real-gid:14;effective-uid:1f6;effective-gid:14;cputype:1000007;cpusubtype:8;ptrsize:8;ostype:macosx;vendor:apple;endian:little;" error = lldb.SBError() self.server.responder = MyResponder(self) target = lldb.SBTarget() if (use_target_create): create_cmd = "target create --arch x86_64-apple-macosx --platform remote-macosx --remote-file {0}".format(self.absent_file) self.runCmd(create_cmd) target = self.dbg.GetSelectedTarget() self.assertTrue(target.IsValid(), "Made a valid target") else: target = self.dbg.CreateTarget(None, "x86_64-apple-macosx", "remote-macosx", False, error) self.assertSuccess(error, "Made a valid target") launch_info = target.GetLaunchInfo() if (not use_target_create): launch_info.SetExecutableFile(lldb.SBFileSpec(self.absent_file), True) flags = launch_info.GetLaunchFlags() flags |= lldb.eLaunchFlagStopAtEntry launch_info.SetLaunchFlags(flags) process = self.connect(target) self.assertTrue(process.IsValid(), "Process is valid") # We need to fetch the connected event: lldbutil.expect_state_changes(self, self.dbg.GetListener(), process, [lldb.eStateConnected]) self.server.responder.after_launch = True process = target.Launch(launch_info, error) self.assertSuccess(error, "Successfully launched.") self.assertEqual(process.GetState(), lldb.eStateStopped, "Should be stopped at entry") self.assertIsNotNone(self.a_packet_file, "A packet was sent") self.assertEqual(self.absent_file, self.a_packet_file, "The A packet file was correct")
#! /usr/bin/python2.7 import lldb import os import sys DIR = '/home/arman/dev/' SOURCE = 'test.cpp' TARGET = 'test' if __name__ == '__main__': debugger = lldb.SBDebugger.Create() if debugger: print 'Debugger initialized' target = lldb.SBTarget(debugger.CreateTarget(DIR + TARGET)) if target: print 'Target created' file_name = str(DIR + SOURCE) target.BreakpointCreateByLocation(file_name, 13) target.BreakpointCreateByLocation(file_name, 29) target.BreakpointCreateByLocation(file_name, 35) target.BreakpointCreateByLocation(file_name, 41) target.BreakpointCreateByLocation(file_name, 43) target.BreakpointCreateByLocation(file_name, 45) args = [DIR + TARGET] launch_info = lldb.SBLaunchInfo(args) launch_info.SetWorkingDirectory(DIR) launch_info.SetLaunchFlags(lldb.eLaunchFlagNone)