[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 3/4] tools/fuzz: add AFL stub program for libefl fuzzer

And hook it up into build system.

Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx>
---
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Cc: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>
Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Cc: Jan Beulich <jbeulich@xxxxxxxx>
---
 .gitignore                            |  1 +
 tools/fuzz/libelf/Makefile            |  7 +++++-
 tools/fuzz/libelf/afl-libelf-fuzzer.c | 42 +++++++++++++++++++++++++++++++++++
 3 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100644 tools/fuzz/libelf/afl-libelf-fuzzer.c

diff --git a/.gitignore b/.gitignore
index 881e7cb..15344b0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -146,6 +146,7 @@ tools/flask/utils/flask-loadpolicy
 tools/flask/utils/flask-setenforce
 tools/flask/utils/flask-set-bool
 tools/flask/utils/flask-label-pci
+tools/fuzz/libelf/afl-libelf-fuzzer
 tools/fuzz/x86_instruction_emulator/x86_emulate*
 tools/fuzz/x86_instruction_emulator/afl-x86-insn-emulator-fuzzer
 tools/helpers/_paths.h
diff --git a/tools/fuzz/libelf/Makefile b/tools/fuzz/libelf/Makefile
index c73ce44..3118f3d 100644
--- a/tools/fuzz/libelf/Makefile
+++ b/tools/fuzz/libelf/Makefile
@@ -19,6 +19,8 @@ libelf.a: $(ELF_LIB_OBJS)
 .PHONY: libelf-fuzzer-all
 libelf-fuzzer-all: libelf.a libelf-fuzzer.o
 
+afl-libelf-fuzzer: afl-libelf-fuzzer.o libelf-fuzzer.o $(ELF_LIB_OBJS)
+
 # Common targets
 .PHONY: all
 all: libelf-fuzzer-all
@@ -28,7 +30,10 @@ distclean: clean
 
 .PHONY: clean
 clean:
-       rm -f *.o *.a
+       rm -f *.o *.a afl-libelf-fuzzer
 
 .PHONY: install
 install: all
+
+.PHONY: afl
+afl: afl-libelf-fuzzer
diff --git a/tools/fuzz/libelf/afl-libelf-fuzzer.c 
b/tools/fuzz/libelf/afl-libelf-fuzzer.c
new file mode 100644
index 0000000..ec5acfb
--- /dev/null
+++ b/tools/fuzz/libelf/afl-libelf-fuzzer.c
@@ -0,0 +1,42 @@
+#include <assert.h>
+#include <fcntl.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+extern int LLVMFuzzerTestOneInput(const uint8_t *data_p, size_t size);
+
+static uint8_t input[4096];
+
+int main(int argc, char **argv)
+{
+    size_t size;
+    int fd;
+
+    if ( argc != 2 )
+    {
+        printf("Expecting only one argument\n");
+        exit(1);
+    }
+
+    fd = open(argv[1], O_RDONLY, 0);
+    assert(fd != -1);
+    size = read(fd, input, sizeof(input));
+    close(fd);
+
+    LLVMFuzzerTestOneInput(input, size);
+
+    return 0;
+}
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
-- 
2.1.4


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.