DeforaNetworks/deepstate
3
0
Fork 0
Code Releases Activity

Edits to Angora frontend (#220)

Browse Source 
* Minor edits to Angora frontend

* Update CMake and Dockerfile
This commit is contained in:
Alan 2019-07-22 14:02:04 -04:00 committed by GitHub
parent 3c9e5c54d3
commit a407b844fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 77 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
CMakeLists.txt
View File

@ -15,19 +15,12 @@
project(deepstate) project(deepstate)
cmake_minimum_required(VERSION 2.8) cmake_minimum_required(VERSION 2.8)
if (NOT DEFINED BUILD_LIBFUZZER AND DEFINED ENV{BUILD_LIBFUZZER}) option(DEEPSTATE_LIBFUZZER, OFF)
set(BUILD_LIBFUZZER "$ENV{BUILD_LIBFUZZER}") option(DEEPSTATE_AFL, OFF)
endif() option(DEEPSTATE_ANGORA, OFF)
option(DEEPSTATE_NOSTATIC, OFF)
if (NOT DEFINED BUILD_AFL AND DEFINED ENV{BUILD_AFL}) if (DEEPSTATE_LIBFUZZER)
set(BUILD_AFL "$ENV{BUILD_AFL}")
endif()
if (NOT DEFINED BUILD_NOSTATIC AND DEFINED ENV{BUILD_NOSTATIC})
set(BUILD_NOSTATIC "$ENV{BUILD_NOSTATIC}")
endif()
if (BUILD_LIBFUZZER)
if(NOT DEFINED CMAKE_C_COMPILER) if(NOT DEFINED CMAKE_C_COMPILER)
set(CMAKE_C_COMPILER clang) set(CMAKE_C_COMPILER clang)
endif() endif()
@ -45,6 +38,20 @@ if (BUILD_LIBFUZZER)
endif() endif()
endif() endif()
if (DEEPSTATE_ANGORA)
if (NOT DEFINED ENV{ANGORA})
message(FATAL_ERROR "Compiling Angora requires setting $ANGORA to its project root.")
endif()
if (NOT DEFINED CMAKE_C_COMPILER)
set(CMAKE_C_COMPILER "$ENV{ANGORA}/bin/angora-clang")
endif()
if (NOT DEFINED CMAKE_CXX_COMPILER)
set(CMAKE_CXX_COMPILER "$ENV{ANGORA}/bin/angora-clang++")
endif()
endif()
enable_language(C) enable_language(C)
enable_language(CXX) enable_language(CXX)
@ -89,7 +96,7 @@ target_compile_options(${PROJECT_NAME} PUBLIC -mno-avx)
target_compile_options(${PROJECT_NAME}32 PUBLIC -m32 -g3 -mno-avx) target_compile_options(${PROJECT_NAME}32 PUBLIC -m32 -g3 -mno-avx)
if (NOT APPLE OR BUILD_NOSTATIC) if (NOT APPLE OR DEEPSTATE_NOSTATIC)
target_link_libraries(${PROJECT_NAME} -static "-Wl,--allow-multiple-definition,--no-export-dynamic") target_link_libraries(${PROJECT_NAME} -static "-Wl,--allow-multiple-definition,--no-export-dynamic")
target_link_libraries(${PROJECT_NAME}32 -static "-Wl,--allow-multiple-definition,--no-export-dynamic") target_link_libraries(${PROJECT_NAME}32 -static "-Wl,--allow-multiple-definition,--no-export-dynamic")
endif() endif()
@ -115,20 +122,20 @@ install(
ARCHIVE DESTINATION lib ARCHIVE DESTINATION lib
) )
if (BUILD_LIBFUZZER) if (DEEPSTATE_LIBFUZZER)
add_library(${PROJECT_NAME}_LF STATIC add_library(${PROJECT_NAME}_LF STATIC
src/lib/DeepState.c src/lib/DeepState.c
src/lib/Log.c src/lib/Log.c
src/lib/Option.c src/lib/Option.c
src/lib/Stream.c src/lib/Stream.c
) )
target_compile_options(${PROJECT_NAME}_LF PUBLIC -DLIBFUZZER -mno-avx -fsanitize=fuzzer-no-link,undefined) target_compile_options(${PROJECT_NAME}_LF PUBLIC -DLIBFUZZER -mno-avx -fsanitize=fuzzer-no-link,undefined)
target_include_directories(${PROJECT_NAME}_LF target_include_directories(${PROJECT_NAME}_LF
PUBLIC SYSTEM "${CMAKE_SOURCE_DIR}/src/include" PUBLIC SYSTEM "${CMAKE_SOURCE_DIR}/src/include"
) )
install( install(
TARGETS ${PROJECT_NAME} ${PROJECT_NAME}_LF TARGETS ${PROJECT_NAME} ${PROJECT_NAME}_LF
LIBRARY DESTINATION lib LIBRARY DESTINATION lib
@ -136,7 +143,7 @@ if (BUILD_LIBFUZZER)
) )
endif() endif()
if (BUILD_AFL) if (DEEPSTATE_AFL)
add_library(${PROJECT_NAME}_AFL STATIC add_library(${PROJECT_NAME}_AFL STATIC
src/lib/DeepState.c src/lib/DeepState.c
src/lib/Log.c src/lib/Log.c
@ -157,6 +164,34 @@ if (BUILD_AFL)
) )
endif() endif()
if (DEEPSTATE_ANGORA)
if(DEFINED ENV{USE_TRACK})
set(PROJECT_NAME ${PROJECT_NAME}_taint)
else()
set(PROJECT_NAME ${PROJECT_NAME}_fast)
endif()
add_library(${PROJECT_NAME} STATIC
src/lib/DeepState.c
src/lib/Log.c
src/lib/Option.c
src/lib/Stream.c
)
target_compile_options(${PROJECT_NAME} PUBLIC -mno-avx)
target_include_directories(${PROJECT_NAME}
PUBLIC SYSTEM "${CMAKE_SOURCE_DIR}/src/include"
)
install(
TARGETS ${PROJECT_NAME}
LIBRARY DESTINATION lib
ARCHIVE DESTINATION lib
)
endif()
set(SETUP_PY_IN "${CMAKE_SOURCE_DIR}/bin/setup.py.in") set(SETUP_PY_IN "${CMAKE_SOURCE_DIR}/bin/setup.py.in")
set(SETUP_PY "${CMAKE_CURRENT_BINARY_DIR}/setup.py") set(SETUP_PY "${CMAKE_CURRENT_BINARY_DIR}/setup.py")
configure_file(${SETUP_PY_IN} ${SETUP_PY}) configure_file(${SETUP_PY_IN} ${SETUP_PY})

19
bin/deepstate/frontend/angora.py
View File

@ -47,6 +47,13 @@ class Angora(DeepStateFrontend):
env = os.environ.copy() env = os.environ.copy()
# check if static libraries exist
lib_path = "/usr/local/lib/"
if not os.path.isfile(lib_path + "libdeepstate_fast.a"):
raise RuntimeError("no Angora branch-instrumented DeepState static library found in {}".format(lib_path))
if not os.path.isfile(lib_path + "libdeepstate_taint.a"):
raise RuntimeError("no Angora taint-tracked DeepState static library found in {}".format(lib_path))
# set envvar to file with ignored lib functions for taint tracking # set envvar to file with ignored lib functions for taint tracking
if no_taints: if no_taints:
if os.path.isfile(no_taints): if os.path.isfile(no_taints):
@ -54,7 +61,7 @@ class Angora(DeepStateFrontend):
# generate instrumented binary # generate instrumented binary
fast_args = [args.compile_test] + args.compiler_args + \ fast_args = [args.compile_test] + args.compiler_args + \
["-ldeepstate", "-o", args.out_test_name + ".fast"] ["-ldeepstate_fast", "-o", args.out_test_name + ".fast"]
super().compile(compiler_args=fast_args, env=env) super().compile(compiler_args=fast_args, env=env)
# make a binary with taint tracking information # make a binary with taint tracking information
@ -64,7 +71,7 @@ class Angora(DeepStateFrontend):
env["USE_TRACK"] = "1" env["USE_TRACK"] = "1"
taint_args = [args.compile_test] + args.compiler_args + \ taint_args = [args.compile_test] + args.compiler_args + \
["-ldeepstate", "-o", args.out_test_name + ".taint"] ["-ldeepstate_taint", "-o", args.out_test_name + ".taint"]
super().compile(compiler_args=taint_args, env=env) super().compile(compiler_args=taint_args, env=env)
return 0 return 0
@ -114,7 +121,13 @@ def main():
cmd_dict['--'] = os.path.abspath(args.binary) cmd_dict['--'] = os.path.abspath(args.binary)
fuzzer.cli_command(cmd_dict, cli_other=args.args) # default args if none provided
if len(args.args) == 0:
cli_other = ["--input_test_file", "@@"]
else:
cli_other = args.args
fuzzer.cli_command(cmd_dict, cli_other=cli_other)
print("EXECUTING FUZZER...") print("EXECUTING FUZZER...")
fuzzer.execute_fuzzer() fuzzer.execute_fuzzer()

12
docker/Dockerfile
View File

@ -83,14 +83,18 @@ RUN cd deepstate \
&& mkdir -p build \ && mkdir -p build \
&& cd build \ && cd build \
&& rm -rf CMakeFiles CMakeCache.txt \ && rm -rf CMakeFiles CMakeCache.txt \
&& CXX=afl-clang++ CC=afl-clang BUILD_AFL=TRUE cmake ../ \ && CXX=afl-clang++ CC=afl-clang cmake -DDEEPSTATE_AFL=ON ../ \
&& sudo make install \ && sudo make install \
&& rm -rf CMakeFiles CMakeCache.txt \ && rm -rf CMakeFiles CMakeCache.txt \
&& CXX=clang++ CC=clang BUILD_LIBFUZZER=TRUE cmake ../ \ && CXX=clang++ CC=clang cmake -DDEEPSTATE_LIBFUZZER=ON ../ \
&& sudo make install \ && sudo make install \
&& rm -rf CMakeFiles CMakeCache.txt \ && rm -rf CMakeFiles CMakeCache.txt \
&& CXX=$ANGORA/bin/angora-clang++ CC=$ANGORA/bin/angora-clang cmake ../ \ && USE_TRACK=1 CXX=$ANGORA/bin/angora-clang++ CC=$ANGORA/bin/angora-clang cmake -DDEEPSTATE_ANGORA=ON ../ \
&& export USE_TRACK=1 && sudo -E bash -c 'make -i install' \ && export USE_TRACK=1 && sudo -E sh -c 'make -i install' \
&& make clean \
&& rm -rf CMakeFiles CMakeCache.txt \
&& CXX=$ANGORA/bin/angora-clang++ CC=$ANGORA/bin/angora-clang cmake -DDEEPSTATE_ANGORA=ON ../ \
&& export USE_FAST=1 && sudo -E sh -c 'make install' \
&& cd .. \ && cd .. \
&& sudo pip3 install 'z3-solver==4.5.1.0.post2' angr git+git://github.com/trailofbits/manticore.git \ && sudo pip3 install 'z3-solver==4.5.1.0.post2' angr git+git://github.com/trailofbits/manticore.git \
&& sudo python3 ./build/setup.py install && sudo python3 ./build/setup.py install