Skip to content

Commit

Permalink
Fuzzer (#446)
Browse files Browse the repository at this point in the history
  • Loading branch information
@weinrank
weinrank authored Mar 17, 2020
1 parent 3212d54 commit 7b87cd4
Show file tree
Hide file tree
Showing 116 changed files with 127 additions and 137 deletions.
3 changes: 2 additions & 1 deletion CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -259,8 +259,9 @@ elseif (CMAKE_C_COMPILER_ID MATCHES "Clang" OR CMAKE_C_COMPILER_ID MATCHES "Appl
endif ()

if (sctp_build_fuzzer)
set(CMAKE_BUILD_TYPE "DEBUG")
add_definitions(-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=fuzzer-no-link")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O1 -fsanitize=fuzzer-no-link")
endif ()
endif ()

Expand Down
Binary file added fuzzer/CORPUS_CONNECT/addip-000000
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000001
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000002
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000003
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000004
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000005
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000006
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000007
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000008
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000009
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000010
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/addip-000011
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/dummy-01
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000000
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000001
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000002
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000003
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000004
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000005
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000006
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000007
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000008
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000009
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000010
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000011
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000012
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000013
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000014
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000015
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000016
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000017
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/rtcweb-000018
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/rtcweb-000019
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/rtcweb-000020
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/rtcweb-000021
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/rtcweb-000022
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/rtcweb-000023
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/rtcweb-000024
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/rtcweb-000025
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/rtcweb-000026
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/rtcweb-000027
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/rtcweb-000028
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/tsctp-000000
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/tsctp-000001
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/tsctp-000002
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/tsctp-000004
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/tsctp-000005
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/tsctp-000006
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/tsctp-000007
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/tsctp-000008
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/tsctp-000009
View file
Binary file not shown.
Binary file modified fuzzer/CORPUS_CONNECT/tsctp-000010
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000011
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000012
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000013
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000014
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000015
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000016
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000017
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000020
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000021
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000022
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000024
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000025
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000026
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000027
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000028
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000029
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000030
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000031
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000032
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000033
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000034
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000035
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000036
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000037
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000038
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000039
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000040
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000041
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000042
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000043
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000044
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000045
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000046
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000047
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000048
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000049
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000050
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000051
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000052
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000053
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000054
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000055
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000056
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000057
View file
Binary file not shown.
Binary file removed fuzzer/CORPUS_CONNECT/tsctp-000058
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/tsctp-i-data-000000
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/tsctp-i-data-000001
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/tsctp-i-data-000002
View file
Binary file not shown.
0 fuzzer/CORPUS_CONNECT/tsctp-000023 → fuzzer/CORPUS_CONNECT/tsctp-i-data-000003
View file
File renamed without changes.
Binary file added fuzzer/CORPUS_CONNECT/tsctp-i-data-000004
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/tsctp-i-data-000005
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/tsctp-i-data-000006
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/tsctp-i-data-000007
View file
Binary file not shown.
Binary file added fuzzer/CORPUS_CONNECT/tsctp-i-data-000008
View file
Binary file not shown.
0 fuzzer/CORPUS_CONNECT/tsctp-000018 → fuzzer/CORPUS_CONNECT/tsctp-i-data-000009
View file
File renamed without changes.
0 fuzzer/CORPUS_CONNECT/tsctp-000019 → fuzzer/CORPUS_CONNECT/tsctp-i-data-000010
View file
File renamed without changes.
4 changes: 2 additions & 2 deletions fuzzer/build-fuzzer.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ pwd
find . -iwholename '*cmake*' -not -name CMakeLists.txt -delete

# Build with ASAN / MSAN
cmake -Dsctp_build_fuzzer=1 -Dsctp_build_programs=0 -Dsctp_invariants=1 -Dsctp_sanitizer_address=1 -DCMAKE_LINKER="$CC" -DCMAKE_C_COMPILER="$CC" -DCMAKE_BUILD_TYPE=Debug .
#cmake -Dsctp_build_fuzzer=1 -Dsctp_build_programs=0 -Dsctp_invariants=1 -Dsctp_sanitizer_memory=1 -DCMAKE_LINKER="$CC" -DCMAKE_C_COMPILER="$CC" -DCMAKE_BUILD_TYPE=RelWithDebInfo .
cmake -Dsctp_build_fuzzer=1 -Dsctp_build_programs=0 -Dsctp_invariants=1 -Dsctp_sanitizer_address=1 -DCMAKE_LINKER="$CC" -DCMAKE_C_COMPILER="$CC" .
#cmake -Dsctp_build_fuzzer=1 -Dsctp_build_programs=0 -Dsctp_invariants=1 -Dsctp_sanitizer_memory=1 -DCMAKE_LINKER="$CC" -DCMAKE_C_COMPILER="$CC" .

make -j"$NPROC"
2 changes: 1 addition & 1 deletion fuzzer/check-input.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ echo "########## Beginning Fuzzer Chain"
echo ""

set +e
./fuzzer_connect_multi_verbose -timeout=30 $1 > $1.log 2>&1
./fuzzer_connect_multi_verbose -timeout=10 $1 > $1.log 2>&1
FUZZER_RETVAL=$?
set -e

Expand Down
1 change: 0 additions & 1 deletion fuzzer/crashtest.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
import re

reportdir = "reports/"
fuzzer = "./fuzzer_connect_multi"

class bcolors:
HEADER = '\033[95m'
Expand Down
222 changes: 96 additions & 126 deletions fuzzer/fuzzer_connect.c
View file

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions fuzzer/fuzzer_connect_multi.sh
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/usr/bin/env bash

export ASAN_OPTIONS=abort_on_error=1:disable_core=0:unmap_shadow_on_exit=1:disable_coredump=0:detect_leaks=1
#export ASAN_OPTIONS=abort_on_error=1:disable_core=0:unmap_shadow_on_exit=1:disable_coredump=0:detect_leaks=1
ulimit -c unlimited
mkdir -p CORPUS_CONNECT

Expand All @@ -19,4 +19,4 @@ fi
echo "$NPROC"


./fuzzer_connect_multi -jobs=64 -timeout=10 -max_len=32000 CORPUS_CONNECT
./fuzzer_connect_multi -jobs=64 -timeout=10 -max_len=32000 -use_value_profile=1 CORPUS_CONNECT
16 changes: 15 additions & 1 deletion programs/programs_helper.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,10 +52,24 @@ void
debug_printf_stack(const char *format, ...)
{
va_list ap;
char charbuf[1024];
static struct timeval time_main;
struct timeval time_now;
struct timeval time_delta;

if (time_main.tv_sec == 0 && time_main.tv_usec == 0) {
gettimeofday(&time_main, NULL);
}

gettimeofday(&time_now, NULL);
timersub(&time_now, &time_main, &time_delta);

va_start(ap, format);
vprintf(format, ap);
//vfprintf(stderr, format, ap);
vsnprintf(charbuf, 1024, format, ap);
va_end(ap);

fprintf(stderr, "[S][%u.%03u] %s", (unsigned int) time_delta.tv_sec, (unsigned int) time_delta.tv_usec / 1000, charbuf);
}

static void
Expand Down
12 changes: 9 additions & 3 deletions usrsctplib/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ set(includedir ${prefix}/include/usrsctp)
set(CMAKE_REQUIRED_INCLUDES ${CMAKE_CURRENT_SOURCE_DIR})
set(CMAKE_MACOSX_RPATH 1)

include(CheckCCompilerFlag)

add_definitions(-D__Userspace__)
add_definitions(-D__Userspace_os_${CMAKE_SYSTEM_NAME})
add_definitions(-DSCTP_SIMPLE_ALLOCATOR)
Expand All @@ -53,11 +55,16 @@ add_definitions(-DSCTP_PROCESS_LEVEL_LOCKS)
# OS DEPENDENT
#################################################

check_c_compiler_flag(-Wno-address-of-packed-member has_wno_address_of_packet_member)
if (has_wno_address_of_packet_member)
check_c_compiler_flag(-Wno-address-of-packed-member has_wno_address_of_packed_member)
if (has_wno_address_of_packed_member)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-address-of-packed-member")
endif ()

check_c_compiler_flag(-Wno-deprecated-declarations has_wno_deprecated_declarations)
if (has_wno_deprecated_declarations)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-deprecated-declarations")
endif ()

if (CMAKE_SYSTEM_NAME MATCHES "Linux")
add_definitions(-D_GNU_SOURCE)
endif ()
Expand All @@ -69,7 +76,6 @@ endif ()
if (CMAKE_SYSTEM_NAME MATCHES "Darwin")
add_definitions(-U__APPLE__)
add_definitions(-D__APPLE_USE_RFC_2292)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-deprecated-declarations")
endif ()

if (CMAKE_SYSTEM_NAME MATCHES "DragonFly")
Expand Down

0 comments on commit 7b87cd4

Please sign in to comment.