def prepare_build_environment():
"""Set environment variables used to build AFL-based fuzzers."""
utils.set_no_sanitizer_compilation_flags()
cflags = ['-O3', '-fsanitize-coverage=trace-pc-guard']
utils.append_flags('CFLAGS', cflags)
utils.append_flags('CXXFLAGS', cflags)
os.environ['CC'] = 'clang'
os.environ['CXX'] = 'clang++'
os.environ['FUZZER_LIB'] = '/libAFL.a'
def build():
"""Build benchmark."""
utils.set_no_sanitizer_compilation_flags()
cflags = ['-O3', '-fsanitize-coverage=trace-pc-guard']
utils.append_flags('CFLAGS', cflags)
utils.append_flags('CXXFLAGS', cflags)
os.environ['CC'] = 'clang'
os.environ['CXX'] = 'clang++'
os.environ['FUZZER_LIB'] = '/usr/lib/libFuzzer.a'
utils.build_benchmark()
def build():
"""Build benchmark."""
utils.set_no_sanitizer_compilation_flags()
cflags = ['-O3', '-fsanitize=fuzzer-no-link']
utils.append_flags('CFLAGS', cflags)
utils.append_flags('CXXFLAGS', cflags)
os.environ['CC'] = 'clang'
os.environ['CXX'] = 'clang++'
os.environ['FUZZER_LIB'] = '/libEntropic.a'
utils.build_benchmark()
def build():
"""Build benchmark."""
# QEMU does not work with sanitizers, so skip -fsanitize=. See
# https://github.com/SoftSec-KAIST/Eclipser/issues/5
utils.set_no_sanitizer_compilation_flags()
cflags = ['-O3']
utils.append_flags('CFLAGS', cflags)
utils.append_flags('CXXFLAGS', cflags)
os.environ['CC'] = 'clang'
os.environ['CXX'] = 'clang++'
os.environ['FUZZER_LIB'] = '/libStandaloneFuzzTarget.a'
utils.build_benchmark()
def build():
"""Build benchmark."""
# With LibFuzzer we use -fsanitize=fuzzer-no-link for build CFLAGS and then
# /usr/lib/libFuzzer.a as the FUZZER_LIB for the main fuzzing binary. This
# allows us to link against a version of LibFuzzer that we specify.
utils.set_no_sanitizer_compilation_flags()
cflags = ['-O3', '-fsanitize=fuzzer-no-link']
utils.append_flags('CFLAGS', cflags)
utils.append_flags('CXXFLAGS', cflags)
os.environ['CC'] = 'clang'
os.environ['CXX'] = 'clang++'
os.environ['FUZZER_LIB'] = '/usr/lib/libFuzzer.a'
utils.build_benchmark()
def build():
"""Build benchmark."""
utils.set_no_sanitizer_compilation_flags()
cflags = ['-O3']
utils.append_flags('CFLAGS', cflags)
utils.append_flags('CXXFLAGS', cflags)
# honggfuzz doesn't need additional libraries when code is compiled
# with hfuzz-clang(++)
os.environ['CC'] = '/honggfuzz/hfuzz_cc/hfuzz-clang'
os.environ['CXX'] = '/honggfuzz/hfuzz_cc/hfuzz-clang++'
os.environ['FUZZER_LIB'] = '/honggfuzz/empty_lib.o'
utils.build_benchmark()
print('[post_build] Copying honggfuzz to $OUT directory')
# Copy over honggfuzz's main fuzzing binary.
shutil.copy('/honggfuzz/honggfuzz', os.environ['OUT'])
def build():
"""Build fuzzer."""
afl_fuzzer.prepare_build_environment()
# Override AFL's FUZZER_LIB with QSYM's.
os.environ['FUZZER_LIB'] = '/libQSYM.a'
src = os.getenv('SRC')
work = os.getenv('WORK')
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
utils.build_benchmark()
# QSYM requires an uninstrumented build as well.
new_env = os.environ.copy()
utils.set_no_sanitizer_compilation_flags(new_env)
cflags = ['-O2', '-fno-omit-frame-pointer', '-gline-tables-only']
utils.append_flags('CFLAGS', cflags, new_env)
utils.append_flags('CXXFLAGS', cflags, new_env)
# For uninstrumented build, set the OUT and FUZZ_TARGET environment
# variable to point to the new uninstrumented build directory.
build_directory = os.environ['OUT']
uninstrumented_build_directory = get_uninstrumented_build_directory(
build_directory)
os.mkdir(uninstrumented_build_directory)
new_env['OUT'] = uninstrumented_build_directory
fuzz_target = os.getenv('FUZZ_TARGET')
if fuzz_target:
new_env['FUZZ_TARGET'] = os.path.join(uninstrumented_build_directory,
os.path.basename(fuzz_target))
print('Re-building benchmark for uninstrumented fuzzing target')
utils.build_benchmark(env=new_env)
print('[post_build] Copying afl-fuzz to $OUT directory')
# Copy out the afl-fuzz binary as a build artifact.
shutil.copy('/afl/afl-fuzz', build_directory)
# QSYM also requires afl-showmap.
print('[post_build] Copying afl-showmap to $OUT directory')
shutil.copy('/afl/afl-showmap', build_directory)
def build():
"""Build fuzzer."""
cflags = ['-O3']
utils.set_no_sanitizer_compilation_flags()
utils.append_flags('CFLAGS', cflags)
utils.append_flags('CXXFLAGS', cflags)
os.environ['CC'] = '/afl/afl-clang-fast'
os.environ['CXX'] = '/afl/afl-clang-fast++'
os.environ['FUZZER_LIB'] = '/libAFLDriver.a'
# Some benchmarks like lcms
# (see: https://github.com/mm2/Little-CMS/commit/ab1093539b4287c233aca6a3cf53b234faceb792#diff-f0e6d05e72548974e852e8e55dffc4ccR212)
# fail to compile if the compiler outputs things to stderr in unexpected
# cases. Prevent these failures by using AFL_QUIET to stop afl-clang-fast
# from writing AFL specific messages to stderr.
os.environ['AFL_QUIET'] = '1'
utils.build_benchmark()
shutil.copy('/afl/afl-fuzz', os.environ['OUT'])
def prepare_build_environment():
"""Set environment variables used to build benchmark."""
utils.set_no_sanitizer_compilation_flags()
# Update compiler flags for clang-3.8.
cflags = ['-fPIC']
cppflags = cflags + [
'-I/usr/local/include/c++/v1/', '-stdlib=libc++', '-std=c++11'
]
utils.append_flags('CFLAGS', cflags)
utils.append_flags('CXXFLAGS', cppflags)
# Add flags for various benchmarks.
add_compilation_cflags()
# Setup aflcc compiler.
os.environ['LLVM_CONFIG'] = 'llvm-config-3.8'
os.environ['CC'] = '/afl/aflc-gclang'
os.environ['CXX'] = '/afl/aflc-gclang++'
os.environ['FUZZER_LIB'] = '/libAFL.a'
# Fix FUZZER_LIB for various benchmarks.
fix_fuzzer_lib()
def prepare_build_environment():
"""Set environment variables used to build benchmark."""
utils.set_no_sanitizer_compilation_flags()
# In php benchmark, there is a call to __builtin_cpu_supports("ssse3")
# (see https://github.com/php/php-src/blob/master/Zend/zend_cpuinfo.h).
# It is not supported by clang-3.8, so we define the MACRO below
# to replace any __builtin_cpu_supports() with 0, i.e., not supported
cflags = ['-O3', '-fPIC', '-D__builtin_cpu_supports\\(x\\)=0']
cppflags = cflags + ['-I/usr/local/include/c++/v1/', '-std=c++11']
utils.append_flags('CFLAGS', cflags)
utils.append_flags('CXXFLAGS', cppflags)
# Enable LAF-INTEL changes
os.environ['LAF_SPLIT_SWITCHES'] = '1'
os.environ['LAF_TRANSFORM_COMPARES'] = '1'
os.environ['LAF_SPLIT_COMPARES'] = '1'
os.environ['AFL_CC'] = 'clang-3.8'
os.environ['AFL_CXX'] = 'clang++-3.8'
os.environ['CC'] = '/afl/afl-clang-fast'
os.environ['CXX'] = '/afl/afl-clang-fast++'
os.environ['FUZZER_LIB'] = '/libAFL.a'
def build():
"""Build fuzzer."""
# BUILD_MODES is not already supported by fuzzbench, meanwhile we provide
# a default configuration.
build_modes = ['instrim', 'laf']
if 'BUILD_MODES' in os.environ:
build_modes = os.environ['BUILD_MODES'].split(',')
utils.set_no_sanitizer_compilation_flags()
optimization_cflags = [
'-O2',
]
utils.append_flags('CFLAGS', optimization_cflags)
utils.append_flags('CXXFLAGS', optimization_cflags)
if 'qemu' in build_modes:
os.environ['CC'] = 'clang'
os.environ['CXX'] = 'clang++'
else:
os.environ['CC'] = '/afl/afl-clang-fast'
os.environ['CXX'] = '/afl/afl-clang-fast++'
if 'laf' in build_modes:
os.environ['AFL_LLVM_LAF_SPLIT_SWITCHES'] = '1'
os.environ['AFL_LLVM_LAF_TRANSFORM_COMPARES'] = '1'
os.environ['AFL_LLVM_LAF_SPLIT_COMPARES'] = '1'
if 'instrim' in build_modes:
# I avoid to put also AFL_LLVM_INSTRIM_LOOPHEAD
os.environ['AFL_LLVM_INSTRIM'] = '1'
os.environ['AFL_LLVM_INSTRIM_SKIPSINGLEBLOCK'] = '1'
os.environ['FUZZER_LIB'] = '/libAFLDriver.a'
# Some benchmarks like lcms
# (see: https://github.com/mm2/Little-CMS/commit/ab1093539b4287c233aca6a3cf53b234faceb792#diff-f0e6d05e72548974e852e8e55dffc4ccR212)
# fail to compile if the compiler outputs things to stderr in unexpected
# cases. Prevent these failures by using AFL_QUIET to stop afl-clang-fast
# from writing AFL specific messages to stderr.
os.environ['AFL_QUIET'] = '1'
src = os.getenv('SRC')
work = os.getenv('WORK')
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
utils.build_benchmark()
if 'cmplog' in build_modes and 'qemu' not in build_modes:
# CmpLog requires an build with different instrumentation.
new_env = os.environ.copy()
new_env['AFL_LLVM_CMPLOG'] = '1'
# For CmpLog build, set the OUT and FUZZ_TARGET environment
# variable to point to the new CmpLog build directory.
build_directory = os.environ['OUT']
cmplog_build_directory = get_cmplog_build_directory(build_directory)
os.mkdir(cmplog_build_directory)
new_env['OUT'] = cmplog_build_directory
fuzz_target = os.getenv('FUZZ_TARGET')
if fuzz_target:
new_env['FUZZ_TARGET'] = os.path.join(cmplog_build_directory,
os.path.basename(fuzz_target))
print('Re-building benchmark for CmpLog fuzzing target')
utils.build_benchmark(env=new_env)
shutil.copy('/afl/afl-fuzz', os.environ['OUT'])
