6502/llvm-6502
1
0
Fork 0
mirror of https://github.com/c64scene-ar/llvm-6502.git synced 2025-01-18 13:34:04 +00:00
Code Issues Projects Releases Wiki Activity

[fuzzer] add option -save_minimized_corpus

Browse Source 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@227395 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
Kostya Serebryany 2015-01-28 23:48:39 +00:00
parent 41e59785c1
commit 1f3043175c
5 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/Fuzzer/FuzzerFlags.def
View File

@ -22,3 +22,6 @@ FUZZER_FLAG(int, exit_on_first, 0,
"If 1, exit after the first new interesting input is found.") "If 1, exit after the first new interesting input is found.")
FUZZER_FLAG(int, timeout, -1, "Timeout in seconds (if positive).") FUZZER_FLAG(int, timeout, -1, "Timeout in seconds (if positive).")
FUZZER_FLAG(int, help, 0, "Print help.") FUZZER_FLAG(int, help, 0, "Print help.")
FUZZER_FLAG(
int, save_minimized_corpus, 0,
"If 1, the minimized corpus is saved into the first input directory")

9
lib/Fuzzer/FuzzerIO.cpp
View File

@ -13,7 +13,7 @@
#include <dirent.h> #include <dirent.h>
namespace fuzzer { namespace fuzzer {
std::vector<std::string> ListFilesInDir(const std::string &Dir) { static std::vector<std::string> ListFilesInDir(const std::string &Dir) {
std::vector<std::string> V; std::vector<std::string> V;
DIR *D = opendir(Dir.c_str()); DIR *D = opendir(Dir.c_str());
if (!D) return V; if (!D) return V;
@ -38,7 +38,12 @@ void WriteToFile(const Unit &U, const std::string &Path) {
void ReadDirToVectorOfUnits(const char *Path, std::vector<Unit> *V) { void ReadDirToVectorOfUnits(const char *Path, std::vector<Unit> *V) {
for (auto &X : ListFilesInDir(Path)) for (auto &X : ListFilesInDir(Path))
V->push_back(FileToVector(std::string(Path) + "/" + X)); V->push_back(FileToVector(DirPlusFile(Path, X)));
}
std::string DirPlusFile(const std::string &DirPath,
const std::string &FileName) {
return DirPath + "/" + FileName;
} }
} // namespace fuzzer } // namespace fuzzer

6
lib/Fuzzer/FuzzerInternal.h
View File

@ -20,9 +20,11 @@ typedef std::vector<uint8_t> Unit;
using namespace std::chrono; using namespace std::chrono;
Unit ReadFile(const char *Path); Unit ReadFile(const char *Path);
std::vector<std::string> ListFilesInDir(const std::string &Dir);
void ReadDirToVectorOfUnits(const char *Path, std::vector<Unit> *V); void ReadDirToVectorOfUnits(const char *Path, std::vector<Unit> *V);
void WriteToFile(const Unit &U, const std::string &Path); void WriteToFile(const Unit &U, const std::string &Path);
// Returns "Dir/FileName" or equivalent for the current OS.
std::string DirPlusFile(const std::string &DirPath,
const std::string &FileName);
void Mutate(Unit *U, size_t MaxLen); void Mutate(Unit *U, size_t MaxLen);
@ -53,6 +55,8 @@ class Fuzzer {
void ReadDir(const std::string &Path) { void ReadDir(const std::string &Path) {
ReadDirToVectorOfUnits(Path.c_str(), &Corpus); ReadDirToVectorOfUnits(Path.c_str(), &Corpus);
} }
// Save the current corpus to OutputCorpus.
void SaveCorpus();
static void AlarmCallback(); static void AlarmCallback();

11
lib/Fuzzer/FuzzerLoop.cpp
View File

@ -96,7 +96,7 @@ size_t Fuzzer::RunOne(const Unit &U) {
void Fuzzer::WriteToOutputCorpus(const Unit &U) { void Fuzzer::WriteToOutputCorpus(const Unit &U) {
if (Options.OutputCorpus.empty()) return; if (Options.OutputCorpus.empty()) return;
std::string Path = Options.OutputCorpus + "/" + Hash(U); std::string Path = DirPlusFile(Options.OutputCorpus, Hash(U));
WriteToFile(U, Path); WriteToFile(U, Path);
if (Options.Verbosity >= 2) if (Options.Verbosity >= 2)
std::cerr << "Written to " << Path << std::endl; std::cerr << "Written to " << Path << std::endl;
@ -108,6 +108,15 @@ void Fuzzer::WriteToCrash(const Unit &U, const char *Prefix) {
std::cerr << "CRASHED; file written to " << Path << std::endl; std::cerr << "CRASHED; file written to " << Path << std::endl;
} }
void Fuzzer::SaveCorpus() {
if (Options.OutputCorpus.empty()) return;
for (const auto &U : Corpus)
WriteToFile(U, DirPlusFile(Options.OutputCorpus, Hash(U)));
if (Options.Verbosity)
std::cerr << "Written corpus of " << Corpus.size() << " files to "
<< Options.OutputCorpus << "\n";
}
size_t Fuzzer::MutateAndTestOne(Unit *U) { size_t Fuzzer::MutateAndTestOne(Unit *U) {
size_t NewUnits = 0; size_t NewUnits = 0;
for (size_t i = 0; i < Options.MutateDepth; i++) { for (size_t i = 0; i < Options.MutateDepth; i++) {

2
lib/Fuzzer/FuzzerMain.cpp
View File

@ -139,6 +139,8 @@ int main(int argc, char **argv) {
if (F.CorpusSize() == 0) if (F.CorpusSize() == 0)
F.AddToCorpus(Unit()); // Can't fuzz empty corpus, so add an empty input. F.AddToCorpus(Unit()); // Can't fuzz empty corpus, so add an empty input.
F.ShuffleAndMinimize(); F.ShuffleAndMinimize();
if (Flags.save_minimized_corpus)
F.SaveCorpus();
F.Loop(Flags.iterations < 0 ? INT_MAX : Flags.iterations); F.Loop(Flags.iterations < 0 ? INT_MAX : Flags.iterations);
if (Flags.verbosity) if (Flags.verbosity)
std::cerr << "Done\n"; std::cerr << "Done\n";