2024-07-15 17:00:53 +00:00
|
|
|
#!/usr/bin/env python3
|
|
|
|
|
|
|
|
|
|
import configparser
|
|
|
|
|
import logging
|
|
|
|
|
import os
|
2024-09-30 02:43:53 +00:00
|
|
|
import re
|
2024-07-15 17:00:53 +00:00
|
|
|
import subprocess
|
2024-09-30 03:43:34 +00:00
|
|
|
from pathlib import Path
|
2024-07-15 17:00:53 +00:00
|
|
|
|
|
|
|
|
DEBUGGER = os.getenv("DEBUGGER", "")
|
|
|
|
|
FUZZER_ARGS = os.getenv("FUZZER_ARGS", "")
|
|
|
|
|
|
2024-09-30 03:43:34 +00:00
|
|
|
|
2024-09-30 02:43:53 +00:00
|
|
|
def report(source: str, reason: str, call_stack: list, test_unit: str):
|
|
|
|
|
print(f"########### REPORT: {source} {reason} {test_unit}")
|
|
|
|
|
for line in call_stack:
|
|
|
|
|
print(f" {line}")
|
|
|
|
|
print("########### END OF REPORT ###########")
|
|
|
|
|
|
2024-09-30 03:43:34 +00:00
|
|
|
|
2024-09-30 04:02:25 +00:00
|
|
|
# pylint: disable=unused-argument
|
2024-09-30 02:43:53 +00:00
|
|
|
def process_fuzzer_output(output: str):
|
|
|
|
|
pass
|
|
|
|
|
|
2024-09-30 03:43:34 +00:00
|
|
|
|
2024-09-30 02:43:53 +00:00
|
|
|
def process_error(error: str):
|
2024-09-30 03:43:34 +00:00
|
|
|
ERROR = r"^==\d+== ERROR: (\S+): (.*)"
|
|
|
|
|
error_source = ""
|
|
|
|
|
error_reason = ""
|
|
|
|
|
SUMMARY = r"^SUMMARY: "
|
2024-09-30 02:43:53 +00:00
|
|
|
TEST_UNIT_LINE = r"artifact_prefix='.*/'; Test unit written to (.*)"
|
2024-09-30 03:43:34 +00:00
|
|
|
test_unit = ""
|
|
|
|
|
CALL_STACK_LINE = r"^\s+(#\d+.*)"
|
2024-09-30 02:43:53 +00:00
|
|
|
call_stack = []
|
|
|
|
|
is_call_stack = False
|
|
|
|
|
|
2024-09-30 04:02:25 +00:00
|
|
|
# pylint: disable=unused-variable
|
2024-09-30 02:43:53 +00:00
|
|
|
for line_num, line in enumerate(error.splitlines(), 1):
|
|
|
|
|
|
|
|
|
|
if is_call_stack:
|
|
|
|
|
match = re.search(CALL_STACK_LINE, line)
|
|
|
|
|
if match:
|
|
|
|
|
call_stack.append(match.group(1))
|
|
|
|
|
continue
|
2024-09-30 04:02:25 +00:00
|
|
|
|
|
|
|
|
if re.search(SUMMARY, line):
|
|
|
|
|
is_call_stack = False
|
|
|
|
|
continue
|
2024-09-30 02:43:53 +00:00
|
|
|
|
|
|
|
|
if not call_stack and not is_call_stack:
|
|
|
|
|
match = re.search(ERROR, line)
|
|
|
|
|
if match:
|
|
|
|
|
error_source = match.group(1)
|
|
|
|
|
error_reason = match.group(2)
|
|
|
|
|
is_call_stack = True
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
match = re.search(TEST_UNIT_LINE, line)
|
|
|
|
|
if match:
|
|
|
|
|
test_unit = match.group(1)
|
|
|
|
|
|
|
|
|
|
report(error_source, error_reason, call_stack, test_unit)
|
2024-07-15 17:00:53 +00:00
|
|
|
|
2024-09-30 03:43:34 +00:00
|
|
|
|
2024-10-01 14:02:17 +00:00
|
|
|
def run_fuzzer(fuzzer: str, timeout: int):
|
2024-07-16 14:17:51 +00:00
|
|
|
logging.info("Running fuzzer %s...", fuzzer)
|
2024-07-15 17:00:53 +00:00
|
|
|
|
2024-09-30 02:43:53 +00:00
|
|
|
seed_corpus_dir = f"{fuzzer}.in"
|
|
|
|
|
with Path(seed_corpus_dir) as path:
|
2024-07-15 17:00:53 +00:00
|
|
|
if not path.exists() or not path.is_dir():
|
2024-09-30 02:43:53 +00:00
|
|
|
seed_corpus_dir = ""
|
|
|
|
|
|
|
|
|
|
active_corpus_dir = f"{fuzzer}.corpus"
|
|
|
|
|
if not os.path.exists(active_corpus_dir):
|
|
|
|
|
os.makedirs(active_corpus_dir)
|
|
|
|
|
|
2024-07-15 17:00:53 +00:00
|
|
|
options_file = f"{fuzzer}.options"
|
|
|
|
|
custom_libfuzzer_options = ""
|
|
|
|
|
fuzzer_arguments = ""
|
|
|
|
|
|
|
|
|
|
with Path(options_file) as path:
|
|
|
|
|
if path.exists() and path.is_file():
|
|
|
|
|
parser = configparser.ConfigParser()
|
|
|
|
|
parser.read(path)
|
|
|
|
|
|
|
|
|
|
if parser.has_section("asan"):
|
|
|
|
|
os.environ["ASAN_OPTIONS"] = (
|
2024-07-16 15:01:43 +00:00
|
|
|
f"{os.environ['ASAN_OPTIONS']}:{':'.join(f'{key}={value}' for key, value in parser['asan'].items())}"
|
2024-07-15 17:00:53 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if parser.has_section("msan"):
|
|
|
|
|
os.environ["MSAN_OPTIONS"] = (
|
2024-07-16 15:01:43 +00:00
|
|
|
f"{os.environ['MSAN_OPTIONS']}:{':'.join(f'{key}={value}' for key, value in parser['msan'].items())}"
|
2024-07-15 17:00:53 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if parser.has_section("ubsan"):
|
|
|
|
|
os.environ["UBSAN_OPTIONS"] = (
|
2024-07-16 15:01:43 +00:00
|
|
|
f"{os.environ['UBSAN_OPTIONS']}:{':'.join(f'{key}={value}' for key, value in parser['ubsan'].items())}"
|
2024-07-15 17:00:53 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if parser.has_section("libfuzzer"):
|
|
|
|
|
custom_libfuzzer_options = " ".join(
|
2024-07-16 15:16:11 +00:00
|
|
|
f"-{key}={value}" for key, value in parser["libfuzzer"].items()
|
2024-07-15 17:00:53 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if parser.has_section("fuzzer_arguments"):
|
|
|
|
|
fuzzer_arguments = " ".join(
|
2024-07-16 14:17:51 +00:00
|
|
|
(f"{key}") if value == "" else (f"{key}={value}")
|
2024-07-15 17:00:53 +00:00
|
|
|
for key, value in parser["fuzzer_arguments"].items()
|
|
|
|
|
)
|
|
|
|
|
|
2024-09-30 03:43:34 +00:00
|
|
|
cmd_line = (
|
|
|
|
|
f"{DEBUGGER} ./{fuzzer} {FUZZER_ARGS} {active_corpus_dir} {seed_corpus_dir}"
|
|
|
|
|
)
|
2024-07-15 17:00:53 +00:00
|
|
|
if custom_libfuzzer_options:
|
|
|
|
|
cmd_line += f" {custom_libfuzzer_options}"
|
|
|
|
|
if fuzzer_arguments:
|
|
|
|
|
cmd_line += f" {fuzzer_arguments}"
|
|
|
|
|
|
|
|
|
|
if not "-dict=" in cmd_line and Path(f"{fuzzer}.dict").exists():
|
|
|
|
|
cmd_line += f" -dict={fuzzer}.dict"
|
|
|
|
|
|
|
|
|
|
cmd_line += " < /dev/null"
|
|
|
|
|
|
2024-07-16 14:17:51 +00:00
|
|
|
logging.info("...will execute: %s", cmd_line)
|
2024-09-30 03:43:34 +00:00
|
|
|
# subprocess.check_call(cmd_line, shell=True)
|
2024-09-30 02:43:53 +00:00
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
result = subprocess.run(
|
|
|
|
|
cmd_line,
|
|
|
|
|
stderr=subprocess.PIPE,
|
|
|
|
|
stdout=subprocess.DEVNULL,
|
|
|
|
|
text=True,
|
|
|
|
|
check=True,
|
2024-09-30 03:43:34 +00:00
|
|
|
shell=True,
|
2024-09-30 15:03:00 +00:00
|
|
|
errors="replace",
|
2024-10-01 14:02:17 +00:00
|
|
|
timeout=timeout,
|
2024-09-30 02:43:53 +00:00
|
|
|
)
|
|
|
|
|
except subprocess.CalledProcessError as e:
|
2024-09-30 03:43:34 +00:00
|
|
|
# print("Command failed with error:", e)
|
2024-09-30 02:43:53 +00:00
|
|
|
print("Stderr output:", e.stderr)
|
|
|
|
|
process_error(e.stderr)
|
|
|
|
|
else:
|
|
|
|
|
process_fuzzer_output(result.stderr)
|
2024-07-15 17:00:53 +00:00
|
|
|
|
2024-09-30 03:43:34 +00:00
|
|
|
|
2024-07-15 19:10:07 +00:00
|
|
|
def main():
|
2024-07-15 17:00:53 +00:00
|
|
|
logging.basicConfig(level=logging.INFO)
|
|
|
|
|
|
|
|
|
|
subprocess.check_call("ls -al", shell=True)
|
|
|
|
|
|
2024-10-01 14:02:17 +00:00
|
|
|
timeout = 30
|
|
|
|
|
|
|
|
|
|
match = re.search(r"(^|\s+)-max_total_time=(\d+)($|\s)", FUZZER_ARGS)
|
|
|
|
|
if match:
|
2024-10-01 15:49:26 +00:00
|
|
|
timeout += int(match.group(2))
|
2024-10-01 14:02:17 +00:00
|
|
|
|
2024-07-15 17:00:53 +00:00
|
|
|
with Path() as current:
|
|
|
|
|
for fuzzer in current.iterdir():
|
|
|
|
|
if (current / fuzzer).is_file() and os.access(current / fuzzer, os.X_OK):
|
2024-10-01 14:02:17 +00:00
|
|
|
run_fuzzer(fuzzer, timeout)
|
2024-07-15 19:10:07 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
|
main()
|
