Edits to Angora frontend (#220)
* Minor edits to Angora frontend * Update CMake and Dockerfile
This commit is contained in:
Alan
GitHub
parent
3c9e5c54d3
commit
a407b844fc
@ -15,19 +15,12 @@
|
||||
project(deepstate)
|
||||
cmake_minimum_required(VERSION 2.8)
|
||||
|
||||
if (NOT DEFINED BUILD_LIBFUZZER AND DEFINED ENV{BUILD_LIBFUZZER})
|
||||
set(BUILD_LIBFUZZER "$ENV{BUILD_LIBFUZZER}")
|
||||
endif()
|
||||
option(DEEPSTATE_LIBFUZZER, OFF)
|
||||
option(DEEPSTATE_AFL, OFF)
|
||||
option(DEEPSTATE_ANGORA, OFF)
|
||||
option(DEEPSTATE_NOSTATIC, OFF)
|
||||
|
||||
if (NOT DEFINED BUILD_AFL AND DEFINED ENV{BUILD_AFL})
|
||||
set(BUILD_AFL "$ENV{BUILD_AFL}")
|
||||
endif()
|
||||
|
||||
if (NOT DEFINED BUILD_NOSTATIC AND DEFINED ENV{BUILD_NOSTATIC})
|
||||
set(BUILD_NOSTATIC "$ENV{BUILD_NOSTATIC}")
|
||||
endif()
|
||||
|
||||
if (BUILD_LIBFUZZER)
|
||||
if (DEEPSTATE_LIBFUZZER)
|
||||
if(NOT DEFINED CMAKE_C_COMPILER)
|
||||
set(CMAKE_C_COMPILER clang)
|
||||
endif()
|
||||
@ -45,6 +38,20 @@ if (BUILD_LIBFUZZER)
|
||||
endif()
|
||||
endif()
|
||||
|
||||
if (DEEPSTATE_ANGORA)
|
||||
if (NOT DEFINED ENV{ANGORA})
|
||||
message(FATAL_ERROR "Compiling Angora requires setting $ANGORA to its project root.")
|
||||
endif()
|
||||
|
||||
if (NOT DEFINED CMAKE_C_COMPILER)
|
||||
set(CMAKE_C_COMPILER "$ENV{ANGORA}/bin/angora-clang")
|
||||
endif()
|
||||
|
||||
if (NOT DEFINED CMAKE_CXX_COMPILER)
|
||||
set(CMAKE_CXX_COMPILER "$ENV{ANGORA}/bin/angora-clang++")
|
||||
endif()
|
||||
endif()
|
||||
|
||||
enable_language(C)
|
||||
enable_language(CXX)
|
||||
|
||||
@ -89,7 +96,7 @@ target_compile_options(${PROJECT_NAME} PUBLIC -mno-avx)
|
||||
|
||||
target_compile_options(${PROJECT_NAME}32 PUBLIC -m32 -g3 -mno-avx)
|
||||
|
||||
if (NOT APPLE OR BUILD_NOSTATIC)
|
||||
if (NOT APPLE OR DEEPSTATE_NOSTATIC)
|
||||
target_link_libraries(${PROJECT_NAME} -static "-Wl,--allow-multiple-definition,--no-export-dynamic")
|
||||
target_link_libraries(${PROJECT_NAME}32 -static "-Wl,--allow-multiple-definition,--no-export-dynamic")
|
||||
endif()
|
||||
@ -115,20 +122,20 @@ install(
|
||||
ARCHIVE DESTINATION lib
|
||||
)
|
||||
|
||||
if (BUILD_LIBFUZZER)
|
||||
if (DEEPSTATE_LIBFUZZER)
|
||||
add_library(${PROJECT_NAME}_LF STATIC
|
||||
src/lib/DeepState.c
|
||||
src/lib/Log.c
|
||||
src/lib/Option.c
|
||||
src/lib/Stream.c
|
||||
)
|
||||
|
||||
|
||||
target_compile_options(${PROJECT_NAME}_LF PUBLIC -DLIBFUZZER -mno-avx -fsanitize=fuzzer-no-link,undefined)
|
||||
|
||||
|
||||
target_include_directories(${PROJECT_NAME}_LF
|
||||
PUBLIC SYSTEM "${CMAKE_SOURCE_DIR}/src/include"
|
||||
)
|
||||
|
||||
|
||||
install(
|
||||
TARGETS ${PROJECT_NAME} ${PROJECT_NAME}_LF
|
||||
LIBRARY DESTINATION lib
|
||||
@ -136,7 +143,7 @@ if (BUILD_LIBFUZZER)
|
||||
)
|
||||
endif()
|
||||
|
||||
if (BUILD_AFL)
|
||||
if (DEEPSTATE_AFL)
|
||||
add_library(${PROJECT_NAME}_AFL STATIC
|
||||
src/lib/DeepState.c
|
||||
src/lib/Log.c
|
||||
@ -157,6 +164,34 @@ if (BUILD_AFL)
|
||||
)
|
||||
endif()
|
||||
|
||||
if (DEEPSTATE_ANGORA)
|
||||
|
||||
if(DEFINED ENV{USE_TRACK})
|
||||
set(PROJECT_NAME ${PROJECT_NAME}_taint)
|
||||
else()
|
||||
set(PROJECT_NAME ${PROJECT_NAME}_fast)
|
||||
endif()
|
||||
|
||||
add_library(${PROJECT_NAME} STATIC
|
||||
src/lib/DeepState.c
|
||||
src/lib/Log.c
|
||||
src/lib/Option.c
|
||||
src/lib/Stream.c
|
||||
)
|
||||
|
||||
target_compile_options(${PROJECT_NAME} PUBLIC -mno-avx)
|
||||
|
||||
target_include_directories(${PROJECT_NAME}
|
||||
PUBLIC SYSTEM "${CMAKE_SOURCE_DIR}/src/include"
|
||||
)
|
||||
|
||||
install(
|
||||
TARGETS ${PROJECT_NAME}
|
||||
LIBRARY DESTINATION lib
|
||||
ARCHIVE DESTINATION lib
|
||||
)
|
||||
endif()
|
||||
|
||||
set(SETUP_PY_IN "${CMAKE_SOURCE_DIR}/bin/setup.py.in")
|
||||
set(SETUP_PY "${CMAKE_CURRENT_BINARY_DIR}/setup.py")
|
||||
configure_file(${SETUP_PY_IN} ${SETUP_PY})
|
||||
|
||||
@ -47,6 +47,13 @@ class Angora(DeepStateFrontend):
|
||||
|
||||
env = os.environ.copy()
|
||||
|
||||
# check if static libraries exist
|
||||
lib_path = "/usr/local/lib/"
|
||||
if not os.path.isfile(lib_path + "libdeepstate_fast.a"):
|
||||
raise RuntimeError("no Angora branch-instrumented DeepState static library found in {}".format(lib_path))
|
||||
if not os.path.isfile(lib_path + "libdeepstate_taint.a"):
|
||||
raise RuntimeError("no Angora taint-tracked DeepState static library found in {}".format(lib_path))
|
||||
|
||||
# set envvar to file with ignored lib functions for taint tracking
|
||||
if no_taints:
|
||||
if os.path.isfile(no_taints):
|
||||
@ -54,7 +61,7 @@ class Angora(DeepStateFrontend):
|
||||
|
||||
# generate instrumented binary
|
||||
fast_args = [args.compile_test] + args.compiler_args + \
|
||||
["-ldeepstate", "-o", args.out_test_name + ".fast"]
|
||||
["-ldeepstate_fast", "-o", args.out_test_name + ".fast"]
|
||||
super().compile(compiler_args=fast_args, env=env)
|
||||
|
||||
# make a binary with taint tracking information
|
||||
@ -64,7 +71,7 @@ class Angora(DeepStateFrontend):
|
||||
env["USE_TRACK"] = "1"
|
||||
|
||||
taint_args = [args.compile_test] + args.compiler_args + \
|
||||
["-ldeepstate", "-o", args.out_test_name + ".taint"]
|
||||
["-ldeepstate_taint", "-o", args.out_test_name + ".taint"]
|
||||
super().compile(compiler_args=taint_args, env=env)
|
||||
return 0
|
||||
|
||||
@ -114,7 +121,13 @@ def main():
|
||||
|
||||
cmd_dict['--'] = os.path.abspath(args.binary)
|
||||
|
||||
fuzzer.cli_command(cmd_dict, cli_other=args.args)
|
||||
# default args if none provided
|
||||
if len(args.args) == 0:
|
||||
cli_other = ["--input_test_file", "@@"]
|
||||
else:
|
||||
cli_other = args.args
|
||||
|
||||
fuzzer.cli_command(cmd_dict, cli_other=cli_other)
|
||||
|
||||
print("EXECUTING FUZZER...")
|
||||
fuzzer.execute_fuzzer()
|
||||
|
||||
@ -83,14 +83,18 @@ RUN cd deepstate \
|
||||
&& mkdir -p build \
|
||||
&& cd build \
|
||||
&& rm -rf CMakeFiles CMakeCache.txt \
|
||||
&& CXX=afl-clang++ CC=afl-clang BUILD_AFL=TRUE cmake ../ \
|
||||
&& CXX=afl-clang++ CC=afl-clang cmake -DDEEPSTATE_AFL=ON ../ \
|
||||
&& sudo make install \
|
||||
&& rm -rf CMakeFiles CMakeCache.txt \
|
||||
&& CXX=clang++ CC=clang BUILD_LIBFUZZER=TRUE cmake ../ \
|
||||
&& CXX=clang++ CC=clang cmake -DDEEPSTATE_LIBFUZZER=ON ../ \
|
||||
&& sudo make install \
|
||||
&& rm -rf CMakeFiles CMakeCache.txt \
|
||||
&& CXX=$ANGORA/bin/angora-clang++ CC=$ANGORA/bin/angora-clang cmake ../ \
|
||||
&& export USE_TRACK=1 && sudo -E bash -c 'make -i install' \
|
||||
&& USE_TRACK=1 CXX=$ANGORA/bin/angora-clang++ CC=$ANGORA/bin/angora-clang cmake -DDEEPSTATE_ANGORA=ON ../ \
|
||||
&& export USE_TRACK=1 && sudo -E sh -c 'make -i install' \
|
||||
&& make clean \
|
||||
&& rm -rf CMakeFiles CMakeCache.txt \
|
||||
&& CXX=$ANGORA/bin/angora-clang++ CC=$ANGORA/bin/angora-clang cmake -DDEEPSTATE_ANGORA=ON ../ \
|
||||
&& export USE_FAST=1 && sudo -E sh -c 'make install' \
|
||||
&& cd .. \
|
||||
&& sudo pip3 install 'z3-solver==4.5.1.0.post2' angr git+git://github.com/trailofbits/manticore.git \
|
||||
&& sudo python3 ./build/setup.py install
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user