aa21815a97
* Introduce libafl-fuzz * fix corpus file path * simplify SeedFeedback * fix incorrect comment * add clap::ValueEnum to PowerSchedule as an optional derive if clap is enabled * UnixShMemProvider replaced with StdShMemProvider for libafl-fuzz * remove io_error_more feature constraint * libafl-fuzz: make Ok(()) unreachable in CentralizedLauncher * libafl-fuzz: make harness_input_stdin to harness_input_type with &'static * libafl-fuzz: move each feedback to it's own file * make run_fuzzer_with_stage into a function. use CachedOnDiskCorpus instead of OnDiskCorpus for Corpora remove utils file * remove unecessary clone * libafl-fuzz: cleanup AFLStatsStage * move peak_rss_mb to libafl_bolts * parse envs by hand * add sensible defaults for map size and broker port * fix test.sh and corpus_id padding * add Makefile.toml * libafl-fuzz update test suite * libafl-fuzz: clippy * rename peak_rss_mb to peak_rss_mb_children * remove minor version constraint for clap * libafl-fuzz: fix ELF check and instrumentation check in check_binary * libafl-fuzz: improve Makefile.toml * simplify fuzzer and cleanup typos * libafl-fuzz: load corpus entries in a multicore fashion * libafl-fuzz: create output dir if not exists (non-racey) * libafl-fuzz: add sequential scheduling support libafl-fuzz: add cmplog options libafl-fuzz: add test-cmplog.c to CI * rename peak_rss_mb_children to peak_rss_mb_child_processes * fix race condition in SyncFromDiskStage, add interval based checking and support for multiple directories. libafl-fuzz: add support for syncing with foreign fuzzers * update README * implement AflScheduler for QueueScheduler. Add queue_cycles field to AflScheduler * libafl-fuzz: remove dependecy on SchedulerMetadata for AflStatsStage * clippy * remove queue_cycles from AflScheduler into int's own trait. libafl-fuzz: simplify map observer tracking * clippy * libafl-fuzz: disable cmplog check in CI for now * add missing constraints for libafl_qemu executor * clippy * libafl-fuzz: improve Makefile libafl-fuzz: clippy * libafl-fuzz: misc * misc typos, beautify --------- Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com> Co-authored-by: Dominik Maier <domenukk@gmail.com>
39 lines
665 B
C
39 lines
665 B
C
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <stdint.h>
|
|
#include <stdarg.h>
|
|
#include <stdlib.h>
|
|
#include <stdint.h>
|
|
#include <unistd.h>
|
|
|
|
int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t i) {
|
|
|
|
if (i < 15) return -1;
|
|
if (buf[0] != 'A') return 0;
|
|
int *icmp = (int *)(buf + 1);
|
|
if (*icmp != 0x69694141) return 0;
|
|
if (memcmp(buf + 5, "1234EF", 6) == 0) abort();
|
|
return 0;
|
|
|
|
}
|
|
|
|
#ifdef __AFL_COMPILER
|
|
int main(int argc, char *argv[]) {
|
|
|
|
unsigned char buf[1024];
|
|
ssize_t i;
|
|
while (__AFL_LOOP(1000)) {
|
|
|
|
i = read(0, (char *)buf, sizeof(buf) - 1);
|
|
if (i > 0) buf[i] = 0;
|
|
LLVMFuzzerTestOneInput(buf, i);
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
#endif
|
|
|