Python build_benchmark примеры использования

Пример #1

def build():
    """Build benchmark."""
    # With LibFuzzer we use -fsanitize=fuzzer-no-link for build CFLAGS and then
    # /usr/lib/libFuzzer.a as the FUZZER_LIB for the main fuzzing binary. This
    # allows us to link against a version of LibFuzzer that we specify.
    cflags = ['-fsanitize=fuzzer-no-link']

    # Can be removed once the patch https://reviews.llvm.org/D83987
    # appears in gcr.io/fuzzbench/base-builder
    cflags += ['-fno-builtin-bcmp']
    cflags += ['-fno-builtin-memcmp']
    cflags += ['-fno-builtin-strncmp']
    cflags += ['-fno-builtin-strcmp']
    cflags += ['-fno-builtin-strncasecmp']
    cflags += ['-fno-builtin-strcasecmp']
    cflags += ['-fno-builtin-strstr']
    cflags += ['-fno-builtin-strcasestr']
    cflags += ['-fno-builtin-memmem']

    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/usr/lib/libFuzzer.a'

    utils.build_benchmark()

Пример #2

Файл: fuzzer.py Проект: zzyyrr/fuzzbench

def build():
    """Build benchmark."""
    afl_fuzzer.prepare_build_environment()

    utils.build_benchmark()

    print('[post_build] Copying Ankou to $OUT directory')
    shutil.copy('/Ankou', os.environ['OUT'])

Пример #3

def build():
    # Environment variables
    os.environ['CC'] = 'clang'    # C compiler.
    os.environ['CXX'] = 'clang++' # C++ compiler.
    os.environ['FUZZER_LIB'] = '/river/empty_lib.o' # Empty fuzz library

    utils.build_benchmark()
    shutil.copytree('/river', os.environ['OUT'], dirs_exist_ok=True)
    print('[post_build] Finished river building process')

Пример #4

Файл: fuzzer.py Проект: realwatch/fuzzbench

def build():
    """Build benchmark."""
    prepare_build_environment()

    utils.build_benchmark()

    print('[post_build] Copying afl-fuzz to $OUT directory')
    # Copy out the afl-fuzz binary as a build artifact.
    shutil.copy('/afl/afl-fuzz', os.environ['OUT'])

Пример #5

def build():
    """Build an AFL version and SymCC version of the benchmark"""
    print("Step 1: Building with AFL")
    build_directory = os.environ['OUT']

    # Save the environment for use in SymCC
    new_env = os.environ.copy()

    # First build with AFL.
    src = os.getenv('SRC')
    work = os.getenv('WORK')
    with utils.restore_directory(src), utils.restore_directory(work):
        # Restore SRC to its initial state so we can build again without any
        # trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
        # twice in the same directory without this.
        aflplusplus_fuzzer.build()

    print("Step 2: Completed AFL build")
    # Copy over AFL artifacts needed by SymCC.
    shutil.copy("/afl/afl-fuzz", build_directory)
    shutil.copy("/afl/afl-showmap", build_directory)

    # Build the SymCC-instrumented target.
    print("Step 3: Building the benchmark with SymCC")
    symcc_build_dir = get_symcc_build_dir(os.environ['OUT'])
    os.mkdir(symcc_build_dir)

    # Set flags to ensure compilation with SymCC.
    new_env['CC'] = "/symcc/build/symcc"
    new_env['CXX'] = "/symcc/build/sym++"
    new_env['CXXFLAGS'] = new_env['CXXFLAGS'].replace("-stlib=libc++", "")
    new_env['FUZZER_LIB'] = '/libfuzzer-harness.o'
    new_env['OUT'] = symcc_build_dir

    new_env['CXXFLAGS'] += " -fno-sanitize=all "
    new_env['CFLAGS'] += " -fno-sanitize=all "

    # Setting this environment variable instructs SymCC to use the
    # libcxx library compiled with SymCC instrumentation.
    new_env['SYMCC_LIBCXX_PATH'] = "/libcxx_native_build"

    # Instructs SymCC to consider no symbolic inputs at runtime. This is needed
    # if, for example, some tests are run during compilation of the benchmark.
    new_env['SYMCC_NO_SYMBOLIC_INPUT'] = "1"

    # Build benchmark.
    utils.build_benchmark(env=new_env)

    # Copy over symcc artifacts and symbolic libc++.
    shutil.copy(
        "/symcc/build//SymRuntime-prefix/src/SymRuntime-build/libSymRuntime.so",
        symcc_build_dir)
    shutil.copy("/usr/lib/libz3.so", os.path.join(symcc_build_dir, "libz3.so"))
    shutil.copy("/libcxx_native_build/lib/libc++.so.1", symcc_build_dir)
    shutil.copy("/libcxx_native_build/lib/libc++abi.so.1", symcc_build_dir)
    shutil.copy("/rust/bin/symcc_fuzzing_helper", symcc_build_dir)

Пример #6

def build():
    """Build benchmark."""
    prepare_build_environment()

    utils.build_benchmark()

    print('[post_build] Extracting .bc file')
    fuzz_target = os.getenv('FUZZ_TARGET')
    fuzz_target_path = os.path.join(os.environ['OUT'], fuzz_target)
    post_build(fuzz_target_path)

Пример #7

Файл: fuzzer.py Проект: realwatch/fuzzbench

def build():
    """Build benchmark."""
    # QEMU does not work with sanitizers.
    # See https://github.com/SoftSec-KAIST/Eclipser/issues/5

    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/libStandaloneFuzzTarget.a'

    utils.build_benchmark()

Пример #8

def build():
    """Build benchmark."""
    prepare_build_environment()

    utils.build_benchmark()

    print('[post_build] Extracting .bc file')
    fuzz_targets = get_fuzz_targets()
    for fuzz_target in fuzz_targets:
        post_build(fuzz_target)

Пример #9

def build():
    """Build benchmark."""
    cflags = ['-fsanitize=fuzzer-no-link']
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/libEntropic.a'

    utils.build_benchmark()

Пример #10

Файл: fuzzer.py Проект: chenju2k6/fuzzbench-1

def build():
    """Build benchmark."""
    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/libQEMU.a'

    utils.build_benchmark()

    # Copy over weizz's binaries.
    shutil.copy('/weizz/weizz', os.environ['OUT'])
    shutil.copy('/weizz/weizz-qemu', os.environ['OUT'])

Пример #11

Файл: fuzzer.py Проект: zzyyrr/fuzzbench

def build():
    """Build benchmark."""
    cflags = ['-fsanitize-coverage=trace-pc-guard']
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/usr/lib/libFuzzer.a'

    utils.build_benchmark()

Пример #12

def build():
    """Build benchmark."""
    cflags = ['-fprofile-instr-generate', '-fcoverage-mapping']
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/usr/lib/libFuzzer.a'

    utils.build_benchmark()

Пример #13

Файл: fuzzer.py Проект: NeoTim/fuzzbench

def build():
    """Build benchmark."""
    prepare_build_environment()

    utils.build_benchmark()

    fuzz_target = os.getenv('FUZZ_TARGET')
    fuzz_target_path = os.path.join(os.environ['OUT'], fuzz_target)
    getbc_cmd = f'extract-bc {fuzz_target_path}'
    if os.system(getbc_cmd) != 0:
        raise ValueError('extract-bc failed')
    get_bcs_for_shared_libs(fuzz_target_path)

Пример #14

Файл: fuzzer.py Проект: chenju2k6/fuzzbench-1

def build():
    """Build benchmark."""
    # honggfuzz doesn't need additional libraries when code is compiled
    # with hfuzz-clang(++)
    os.environ['CC'] = '/honggfuzz/hfuzz_cc/hfuzz-clang'
    os.environ['CXX'] = '/honggfuzz/hfuzz_cc/hfuzz-clang++'
    os.environ['FUZZER_LIB'] = '/honggfuzz/empty_lib.o'

    utils.build_benchmark()

    print('[post_build] Copying honggfuzz to $OUT directory')
    # Copy over honggfuzz's main fuzzing binary.
    shutil.copy('/honggfuzz/honggfuzz', os.environ['OUT'])

Пример #15

Файл: fuzzer.py Проект: csfuzz/fuzzbench

def build():
    """Build benchmark."""
    # With LibFuzzer we use -fsanitize=fuzzer-no-link for build CFLAGS and then
    # /usr/lib/libFuzzer.a as the FUZZER_LIB for the main fuzzing binary. This
    # allows us to link against a version of LibFuzzer that we specify.
    cflags = [ '-fsanitize=fuzzer-no-link']
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = '/clangwrapper'
    os.environ['CXX'] = '/clang++wrapper'
    os.environ['FUZZER_LIB'] = '/usr/lib/libFuzzer.a'

    utils.build_benchmark()

Пример #16

def build():
    """Build benchmark."""
    cflags = ['-fsanitize=fuzzer-no-link']
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/fuzzer.a'

    utils.build_benchmark()
    output_directory = os.environ['OUT']
    print('[post_build] Copy config.')
    shutil.copy('/fuzzer.yml', output_directory)

Пример #17

def build():  # pylint: disable=too-many-branches,too-many-statements
    """Build benchmark."""
    os.environ['CC'] = '/libafl/fuzzers/fuzzbench/target/release/libafl_cc'
    os.environ['CXX'] = '/libafl/fuzzers/fuzzbench/target/release/libafl_cxx'

    os.environ['ASAN_OPTIONS'] = 'abort_on_error=0:allocator_may_return_null=1'
    os.environ['UBSAN_OPTIONS'] = 'abort_on_error=0'

    cflags = ['--libafl']
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['FUZZER_LIB'] = '/emptylib.a'
    utils.build_benchmark()

Пример #18

def build():
    """Build benchmark."""
    # QEMU does not work with sanitizers, so skip -fsanitize=. See
    # https://github.com/SoftSec-KAIST/Eclipser/issues/5
    utils.set_no_sanitizer_compilation_flags()
    cflags = ['-O3']
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/libStandaloneFuzzTarget.a'

    utils.build_benchmark()

Пример #19

Файл: fuzzer.py Проект: thuanpv/fuzzbench

def build():
    """Build benchmark."""
    prepare_build_environment()

    utils.build_benchmark()

    fuzz_targets = get_fuzz_target()
    for target in fuzz_targets:
        getbc_cmd = 'extract-bc {target}'.format(target=target)

    if os.system(getbc_cmd) != 0:
        raise ValueError('extract-bc failed')
    for target in fuzz_targets:
        get_bcs_for_shared_libs(target)

Пример #20

Файл: fuzzer.py Проект: wideglide/fuzzbench

def build():
    """Build benchmark."""
    prepare_build_environment()
    utils.build_benchmark()
    output_directory = os.environ['OUT']
    # Copy out the afl-fuzz binary as a build artifact.
    print('[post_build] Copying afl-fuzz to $OUT directory')
    shutil.copy('/afl/afl-fuzz', output_directory)
    # Neuzz also requires afl-showmap.
    print('[post_build] Copying afl-showmap to $OUT directory')
    shutil.copy('/afl/afl-showmap', output_directory)
    # Copy the Neuzz fuzzer itself.
    print('[post_build] Copy neuzz fuzzer.')
    shutil.copy('/neuzz/neuzz', output_directory)
    shutil.copy('/neuzz/nn.py', output_directory)

Пример #21

Файл: fuzzer.py Проект: chenju2k6/fuzzbench-1

def build():
    """Build benchmark."""
    # With LibFuzzer we use -fsanitize=fuzzer-no-link for build CFLAGS and then
    # /usr/lib/libFuzzer.a as the FUZZER_LIB for the main fuzzing binary. This
    # allows us to link against a version of LibFuzzer that we specify.
    cflags = ['-fsanitize-coverage=trace-pc-guard']
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/libaflfuzzer.a'
    os.environ['AFL_LLVM_LAF_ALL'] = '1'

    utils.build_benchmark()

Пример #22

def build():
    """Build fuzzer."""
    cflags = [
        '-O2',
        '-fno-omit-frame-pointer',
        '-gline-tables-only',
        '-fsanitize=address,fuzzer-no-link',
    ]
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/libEntropic.a'

    utils.build_benchmark()

Пример #23

def build():
    """Build benchmark."""
    # honggfuzz doesn't need additional libraries when code is compiled
    # with hfuzz-clang(++)
    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/libQEMU.a'

    utils.build_benchmark()

    print('[post_build] Copying honggfuzz to $OUT directory')
    # Copy over honggfuzz's main fuzzing binary.
    shutil.copy('/honggfuzz/honggfuzz', os.environ['OUT'])
    shutil.copy(
        '/honggfuzz/qemu_mode/honggfuzz-qemu/x86_64-linux-user/qemu-x86_64',
        os.environ['OUT'])

Пример #24

def build():
    """Build benchmark."""

    # Backup the environment.
    new_env = os.environ.copy()
    src = os.getenv('SRC')
    work = os.getenv('WORK')
    out = os.getenv('OUT')

    # First, build an instrumented binary for AFL.
    os.environ['CC'] = '/out/AFLplusplus/afl-clang-fast'
    os.environ['CXX'] = '/out/AFLplusplus/afl-clang-fast++'
    os.environ['FUZZER_LIB'] = '/libAFLDriver.a'
    os.environ['AFL_PATH'] = '/out/AFLplusplus/'
    os.environ['AFL_LLVM_DICT2FILE'] = out + '/afl++.dict'
    #afl_fuzzer.prepare_build_environment()
    with utils.restore_directory(src), utils.restore_directory(work):
        # Restore SRC to its initial state so we can build again without any
        # trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
        # twice in the same directory without this.
        utils.build_benchmark()
    print('[build] Copying afl-fuzz to $OUT directory')
    shutil.copy('/out/AFLplusplus/afl-fuzz', os.environ['OUT'])

    # Next, build an uninstrumented binary for Fuzzolic.
    new_env['CC'] = 'clang'
    new_env['CXX'] = 'clang++'
    new_env['FUZZER_LIB'] = '/libStandaloneFuzzTarget.a'
    # Ensure to compile with NO_SANITIZER_COMPAT* flags even for bug benchmarks,
    # as QEMU is incompatible with sanitizers. Also, Fuzzolic prefers clean and
    # unoptimized binaries. We leave fast random fuzzing as AFL's job.
    new_env['CFLAGS'] = ' '.join(utils.NO_SANITIZER_COMPAT_CFLAGS)
    cxxflags = [utils.LIBCPLUSPLUS_FLAG] + utils.NO_SANITIZER_COMPAT_CFLAGS
    new_env['CXXFLAGS'] = ' '.join(cxxflags)
    uninstrumented_outdir = get_uninstrumented_outdir(os.environ['OUT'])
    os.mkdir(uninstrumented_outdir)
    new_env['OUT'] = uninstrumented_outdir
    fuzz_target = os.getenv('FUZZ_TARGET')
    if fuzz_target:
        targ_name = os.path.basename(fuzz_target)
        new_env['FUZZ_TARGET'] = os.path.join(uninstrumented_outdir, targ_name)
    print('[build] Re-building benchmark for uninstrumented fuzzing target')
    with utils.restore_directory(src), utils.restore_directory(work):
        utils.build_benchmark(env=new_env)

Пример #25

def build():
    """Build fuzzer."""
    afl_fuzzer.prepare_build_environment()

    # Override AFL's FUZZER_LIB with QSYM's.
    os.environ['FUZZER_LIB'] = '/libQSYM.a'

    src = os.getenv('SRC')
    work = os.getenv('WORK')
    with utils.restore_directory(src), utils.restore_directory(work):
        # Restore SRC to its initial state so we can build again without any
        # trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
        # twice in the same directory without this.
        utils.build_benchmark()

    # QSYM requires an uninstrumented build as well.
    new_env = os.environ.copy()
    utils.set_no_sanitizer_compilation_flags(new_env)
    cflags = ['-O2', '-fno-omit-frame-pointer', '-gline-tables-only']
    utils.append_flags('CFLAGS', cflags, new_env)
    utils.append_flags('CXXFLAGS', cflags, new_env)

    # For uninstrumented build, set the OUT and FUZZ_TARGET environment
    # variable to point to the new uninstrumented build directory.
    build_directory = os.environ['OUT']
    uninstrumented_build_directory = get_uninstrumented_build_directory(
        build_directory)
    os.mkdir(uninstrumented_build_directory)
    new_env['OUT'] = uninstrumented_build_directory
    fuzz_target = os.getenv('FUZZ_TARGET')
    if fuzz_target:
        new_env['FUZZ_TARGET'] = os.path.join(uninstrumented_build_directory,
                                              os.path.basename(fuzz_target))

    print('Re-building benchmark for uninstrumented fuzzing target')
    utils.build_benchmark(env=new_env)

    print('[post_build] Copying afl-fuzz to $OUT directory')
    # Copy out the afl-fuzz binary as a build artifact.
    shutil.copy('/afl/afl-fuzz', build_directory)
    # QSYM also requires afl-showmap.
    print('[post_build] Copying afl-showmap to $OUT directory')
    shutil.copy('/afl/afl-showmap', build_directory)

Пример #26

def build():
    """Build benchmark."""
    os.environ['AFL_MAP_SIZE'] = '65536'
    os.environ['AFL_LLVM_MAP_ADDR'] = '0x1000000'
    os.environ['ZAFL_FIXED_MAP_ADDR'] = '0x1000000'
    os.environ['CC'] = '/cc.sh'
    os.environ['CXX'] = '/cxx.sh'
    if 'LD_LIBRARY_PATH' in os.environ:
        os.environ['LD_LIBRARY_PATH'] = os.environ['LD_LIBRARY_PATH'] + ":/out"
    else:
        os.environ['LD_LIBRARY_PATH'] = "/out"

    utils.append_flags('CFLAGS', ['-fPIC', '-lpthread'])
    utils.append_flags('CXXFLAGS', ['-fPIC', '-lpthread'])
    os.environ['FUZZER_LIB'] = '/out/fakeLibrary.a'
    utils.build_benchmark()
    res = os.system('bash -x /zafl_bins.sh')
    if res != 0:
        os.system('rm -rf /out')

Пример #27

def build():
    """Build benchmark."""
    utils.set_no_sanitizer_compilation_flags()

    cflags = ['-O3']
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    # honggfuzz doesn't need additional libraries when code is compiled
    # with hfuzz-clang(++)
    os.environ['CC'] = '/honggfuzz/hfuzz_cc/hfuzz-clang'
    os.environ['CXX'] = '/honggfuzz/hfuzz_cc/hfuzz-clang++'
    os.environ['FUZZER_LIB'] = '/honggfuzz/empty_lib.o'

    utils.build_benchmark()

    print('[post_build] Copying honggfuzz to $OUT directory')
    # Copy over honggfuzz's main fuzzing binary.
    shutil.copy('/honggfuzz/honggfuzz', os.environ['OUT'])

Пример #28

def build():
    """Build fuzzer."""
    cflags = [
        '-O2',
        '-fno-omit-frame-pointer',
        '-gline-tables-only',
        '-fsanitize=address',
    ]
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = '/honggfuzz/hfuzz_cc/hfuzz-clang'
    os.environ['CXX'] = '/honggfuzz/hfuzz_cc/hfuzz-clang++'
    os.environ['FUZZER_LIB'] = '/honggfuzz/libhfuzz/persistent.o'

    utils.build_benchmark()

    print('[post_build] Copying honggfuzz to $OUT directory')
    # Copy over honggfuzz's main fuzzing binary.
    shutil.copy('/honggfuzz/honggfuzz', os.environ['OUT'])

Пример #29

def build():
    """Build fuzzer."""
    cflags = ['-O3']
    utils.set_no_sanitizer_compilation_flags()
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = '/afl/afl-clang-fast'
    os.environ['CXX'] = '/afl/afl-clang-fast++'
    os.environ['FUZZER_LIB'] = '/libAFLDriver.a'

    # Some benchmarks like lcms
    # (see: https://github.com/mm2/Little-CMS/commit/ab1093539b4287c233aca6a3cf53b234faceb792#diff-f0e6d05e72548974e852e8e55dffc4ccR212)
    # fail to compile if the compiler outputs things to stderr in unexpected
    # cases. Prevent these failures by using AFL_QUIET to stop afl-clang-fast
    # from writing AFL specific messages to stderr.
    os.environ['AFL_QUIET'] = '1'

    utils.build_benchmark()
    shutil.copy('/afl/afl-fuzz', os.environ['OUT'])

Пример #30

def build():
    """Build fuzzer."""
    # With LibFuzzer we use -fsanitize=fuzzer-no-link for build CFLAGS and then
    # /usr/lib/libFuzzer.a as the FUZZER_LIB for the main fuzzing binary. This
    # allows us to link against a version of LibFuzzer that we specify.

    cflags = [
        '-O2',
        '-fno-omit-frame-pointer',
        '-gline-tables-only',
        '-fsanitize=address,fuzzer-no-link',
    ]
    utils.append_flags('CFLAGS', cflags)
    utils.append_flags('CXXFLAGS', cflags)

    os.environ['CC'] = 'clang'
    os.environ['CXX'] = 'clang++'
    os.environ['FUZZER_LIB'] = '/usr/lib/libFuzzer.a'

    utils.build_benchmark()