xref: /aosp_15_r20/external/AFLplusplus/test/test-custom-mutators.sh (revision 08b48e0b10e97b33e7b60c5b6e2243bd915777f2) 
1#!/bin/sh
2
3. ./test-pre.sh
4
5$ECHO "$BLUE[*] Testing: custom mutator"
6# normalize path
7CUSTOM_MUTATOR_PATH=$(cd $(pwd)/../custom_mutators/examples;pwd)
8test -e test-custom-mutator.c -a -e ${CUSTOM_MUTATOR_PATH}/example.c -a -e ${CUSTOM_MUTATOR_PATH}/example.py && {
9  unset AFL_CC
10  # Compile the vulnerable program for single mutator
11  test -e ../afl-clang-fast && {
12    ../afl-clang-fast -o test-custom-mutator test-custom-mutator.c > /dev/null 2>&1
13  } || {
14    test -e ../afl-gcc-fast && {
15      ../afl-gcc-fast -o test-custom-mutator test-custom-mutator.c > /dev/null 2>&1
16    } || {
17      ../afl-gcc -o test-custom-mutator test-custom-mutator.c > /dev/null 2>&1
18    }
19  }
20  # Compile the vulnerable program for multiple mutators
21  test -e ../afl-clang-fast && {
22    ../afl-clang-fast -o test-multiple-mutators test-multiple-mutators.c > /dev/null 2>&1
23  } || {
24    test -e ../afl-gcc-fast && {
25      ../afl-gcc-fast -o test-multiple-mutators test-multiple-mutators.c > /dev/null 2>&1
26    } || {
27      ../afl-gcc -o test-multiple-mutators test-multiple-mutators.c > /dev/null 2>&1
28    }
29  }
30  # Compile the custom mutator
31  cc -D_FIXED_CHAR=0x41 -g -fPIC -shared -I../include ../custom_mutators/examples/simple_example.c -o libexamplemutator.so > /dev/null 2>&1
32  cc -D_FIXED_CHAR=0x42 -g -fPIC -shared -I../include ../custom_mutators/examples/simple_example.c -o libexamplemutator2.so > /dev/null 2>&1
33  test -e test-custom-mutator -a -e ./libexamplemutator.so && {
34    # Create input directory
35    mkdir -p in
36    echo "00000" > in/in
37
38    # Run afl-fuzz w/ the C mutator
39    $ECHO "$GREY[*] running afl-fuzz for the C mutator, this will take approx 10 seconds"
40    {
41      AFL_CUSTOM_MUTATOR_LIBRARY=./libexamplemutator.so AFL_CUSTOM_MUTATOR_ONLY=1 ../afl-fuzz -V07 -m ${MEM_LIMIT} -i in -o out -d -- ./test-custom-mutator >>errors 2>&1
42    } >>errors 2>&1
43
44    # Check results
45    test -n "$( ls out/default/crashes/id:000000* 2>/dev/null )" && {  # TODO: update here
46      $ECHO "$GREEN[+] afl-fuzz is working correctly with the C mutator"
47    } || {
48      echo CUT------------------------------------------------------------------CUT
49      cat errors
50      echo CUT------------------------------------------------------------------CUT
51      $ECHO "$RED[!] afl-fuzz is not working correctly with the C mutator"
52      CODE=1
53    }
54
55    # Clean
56    rm -rf out errors core.*
57
58    # Run afl-fuzz w/ multiple C mutators
59    $ECHO "$GREY[*] running afl-fuzz with multiple custom C mutators, this will take approx 10 seconds"
60    {
61      AFL_CUSTOM_MUTATOR_LIBRARY="./libexamplemutator.so;./libexamplemutator2.so" AFL_CUSTOM_MUTATOR_ONLY=1 ../afl-fuzz -V07 -m ${MEM_LIMIT} -i in -o out -d -- ./test-multiple-mutators >>errors 2>&1
62    } >>errors 2>&1
63
64    test -n "$( ls out/default/crashes/id:000000* 2>/dev/null )" && {  # TODO: update here
65      $ECHO "$GREEN[+] afl-fuzz is working correctly with multiple C mutators"
66    } || {
67      echo CUT------------------------------------------------------------------CUT
68      cat errors
69      echo CUT------------------------------------------------------------------CUT
70      $ECHO "$RED[!] afl-fuzz is not working correctly with multiple C mutators"
71      CODE=1
72    }
73
74    # Clean
75    rm -rf out errors core.*
76  } || {
77    ls .
78    ls ${CUSTOM_MUTATOR_PATH}
79    $ECHO "$RED[!] cannot compile the test program or the custom mutator"
80    CODE=1
81  }
82}
83
84test "1" = "`../afl-fuzz | grep -i 'without python' >/dev/null; echo $?`" && {
85  test -e test-custom-mutator && {
86      # Run afl-fuzz w/ the Python mutator
87      $ECHO "$GREY[*] running afl-fuzz for the Python mutator, this will take approx 10 seconds"
88      {
89        export PYTHONPATH=${CUSTOM_MUTATOR_PATH}
90        export AFL_PYTHON_MODULE=example
91        AFL_CUSTOM_MUTATOR_ONLY=1 ../afl-fuzz -V07 -m ${MEM_LIMIT} -i in -o out -- ./test-custom-mutator >>errors 2>&1
92        unset PYTHONPATH
93        unset AFL_PYTHON_MODULE
94      } >>errors 2>&1
95
96      # Check results
97      test -n "$( ls out/default/crashes/id:000000* 2>/dev/null )" && {  # TODO: update here
98        $ECHO "$GREEN[+] afl-fuzz is working correctly with the Python mutator"
99      } || {
100        echo CUT------------------------------------------------------------------CUT
101        cat errors
102        echo CUT------------------------------------------------------------------CUT
103        $ECHO "$RED[!] afl-fuzz is not working correctly with the Python mutator"
104        CODE=1
105      }
106
107      # Clean
108      rm -rf in out errors core.*
109      rm -rf ${CUSTOM_MUTATOR_PATH}/__pycache__/
110      rm -f test-multiple-mutators test-custom-mutator libexamplemutator.so libexamplemutator2.so
111    } || {
112      ls .
113      ls ${CUSTOM_MUTATOR_PATH}
114      $ECHO "$RED[!] cannot compile the test program or the custom mutator"
115      CODE=1
116    }
117} || {
118  $ECHO "$YELLOW[-] no python support in afl-fuzz, cannot test"
119  INCOMPLETE=1
120}
121
122make -C ../utils/custom_mutators clean > /dev/null 2>&1
123rm -f test-custom-mutator test-custom-mutators
124
125. ./test-post.sh
126