4a90b2a5e8Skip tests with no saved cases to run
Joe Ranweiler
2018-02-09 11:53:55 -08:00
f3d13e37b3Factor out initializing input from file
Joe Ranweiler
2018-02-09 10:27:38 -08:00
78cc5d46beAdd initial impl of running saved test cases
Joe Ranweiler
2018-02-08 15:03:21 -08:00
2c7334ab0dFix typo in error message
Joe Ranweiler
2018-02-08 21:50:25 -08:00
731876a7e6Fix typo in example CMakeLists.txt
Joe Ranweiler
2018-02-10 16:08:19 -08:00
dd8a1c6608Use external linkage for global input buffer
Joe Ranweiler
2018-02-08 14:33:00 -08:00
c6eca451c5Fix flag decl and defs
Joe Ranweiler
2018-02-08 14:16:16 -08:00
1f3a4a982dMerge pull request #25 from trailofbits/python-version
Joe Ranweiler
2018-02-06 15:37:33 -08:00
9df8d2b9fdMerge pull request #20 from trailofbits/readme
Joe Ranweiler
2018-02-06 15:34:54 -08:00
124c54194dExplicitly depend on Python 2.7
Joe Ranweiler
2018-02-06 13:35:16 -08:00
07b38bd73fAdd first pass at README
Joe Ranweiler
2018-02-06 12:38:49 -08:00
1aa468dabcMinor formatting changes.
Peter Goodman
2018-02-06 12:18:06 +08:00
d227cc7f34Enabled PIC.
Peter Goodman
2018-01-22 21:19:54 -05:00
ee80baa0eaMinor fix.
Peter Goodman
2018-01-18 14:24:08 -05:00
2eaeb7480cAdding Google Flags-like command-line option parsing, though implemented in C, to the main executable. The code is ported from Granary2.
Peter Goodman
2018-01-07 16:25:31 -05:00
49524e610dSymbol lookup refactor.
Peter Goodman
2017-12-14 14:56:09 -05:00
0d934d4facAttempt at OS X symbol lookup fix
Alex Groce
2017-12-14 11:39:37 -08:00
31838780c3Trim out trailing newlines and stuff
Peter Goodman
2017-12-14 00:56:22 -05:00
622afcdb98Made variadic argument lists work in 32 bit x86.
Peter Goodman
2017-12-13 23:53:48 -05:00
303da80e78Add OneOf for C-strings, vectors, and arrays.
Peter Goodman
2017-12-13 23:08:50 -05:00
1433f34960Makeing 100% sure that the format_bufs are NUL-terminated.
Peter Goodman
2017-12-13 22:46:20 -05:00
7c585f5c44Add 32-bit support, i.e. libdeepstate32
Peter Goodman
2017-12-13 21:53:33 -05:00
f4dd61f895Added overrides for assert_fail and stack_chk_fail.
Peter Goodman
2017-12-13 14:16:21 -05:00
308fe70eb6Hooked __assert_fail into the logging system.
Peter Goodman
2017-12-13 12:43:34 -05:00
5a84f665b6Minor tweak.
Peter Goodman
2017-12-13 01:31:29 -05:00
bdf9f97913Fixed OneOf example.
Peter Goodman
2017-12-12 22:22:31 -05:00
ada078368fRemoving testfs example, and moving it to pgoodman/testfs.
Peter Goodman
2017-12-12 22:09:31 -05:00
5b35c46fbasmall edits
alex
2017-12-12 12:24:09 -08:00
e9bd6dc177Fixes one or two subtle issues. But the more interesting fix is that I implemented puts in terms of DeepState_Log. Calls to printf that had no format arguments are transformed by the compiler into calls to puts, but that wasn't being wrapped by DeepState, so it was appearing as though those log messages never actually happened.
Peter Goodman
2017-12-12 14:01:41 -05:00
c65b0c7ba4better version
alex
2017-12-12 00:20:13 -08:00
70090bd712Version that works, test depth
alex
2017-12-11 23:17:18 -08:00
669f6cf3f9Made the OneOf example work.
Peter Goodman
2017-12-11 19:40:39 -05:00
76ff9ec5b3capture fixed
alex
2017-12-11 14:56:48 -08:00
26657954c7OneOf example (failing)
alex
2017-12-11 14:30:37 -08:00
f15e09520bMerge branch 'master' of github.com:trailofbits/deepstate
Peter Goodman
2017-12-10 20:09:36 -05:00
8248bbdcbcRemoved usage of old name, added in a Euler power of like primes example. When the pairwise ASSERT_NEs are absent, you get interesting results that show examples of integer overflows.
Peter Goodman
2017-12-10 14:39:05 -05:00
f28b285ac3Removed usage of old name, added in a Euler power of like primes example. When the pairwise ASSERT_NEs are absent, you get interesting results that show examples of integer overflows.
Peter Goodman
2017-12-10 14:39:05 -05:00
fcd000dc14Added a maximize objective API to DeepState.
Peter Goodman
2017-12-10 13:37:47 -05:00
188d4517d8Added prime polynomial example, new Pumping function to address scalability challenges with primality testing, and some improvements to the streaming interface, where if you don't stream in values, then the python side doesn't end up printing out some 'empty' stream infos.
Peter Goodman
2017-12-09 16:43:43 -05:00
3aaaf71b85Added support for c++ test fixtures.
Peter Goodman
2017-12-08 23:58:59 -05:00
f9fb7e81beInitial progress in Issue #7 with support for a Dr. Fuzz harness.
Peter Goodman
2017-12-08 21:07:52 -05:00
a411f0e032Adds ONE_OF. Breaks some lines at 80 columns.
Peter Goodman
2017-12-07 20:05:06 -05:00
a5ce3eaf31Fix issue where I passed cast_to to min.
Peter Goodman
2017-12-03 20:57:15 -05:00
29f2465ebfFixes issue with logger. Fixes issue where we weren't get the minimum value SATed.
Peter Goodman
2017-11-21 13:01:32 -05:00
5f36822021Made the report function concretize using the minimizer, so that eventually we'll be able to compare inputs generated across tools
Peter Goodman
2017-11-09 10:35:48 -05:00
02fce4cdf9Merge pull request #2 from trailofbits/squares_example
Peter Goodman
2017-11-02 13:39:09 -04:00
6ec7d71188Added error checking.
Peter Goodman
2017-11-02 01:05:15 -04:00
a093a82ef9Merge branch 'master' of github.com:trailofbits/deepstate
Peter Goodman
2017-11-02 00:54:22 -04:00
c4f74e2389Adds some error checking around finding important symbols and initializing Manticore/Angr. Adds the ability to save concretized bytes to an output directory. For the time being, I'm going with the approach of the user specifying a output dir, then within that I create directories for each file basename in the tests, and subdirectories for each test name, and in there I put binary test files.
Peter Goodman
2017-11-02 00:54:18 -04:00
fee42a7677Merge pull request #1 from trailofbits/user_install_clang4
Peter Goodman
2017-11-02 00:46:07 -04:00
2157f67dacAdd an example that modifies an existing C program for symbolic testing
Artem Dinaburg
2017-11-02 00:33:35 -04:00
07fb0fb4c8build using clang 4.0
Artem Dinaburg
2017-11-01 22:59:17 -04:00
373441fb9fAllow for a user only install if CMAKE_INSTALL_PREFIX is set
Artem Dinaburg
2017-11-01 22:59:04 -04:00
bc208dbd4dFixes issue where the angr script printed out the wrong symbol bytes.
Peter Goodman
2017-11-01 21:27:08 -04:00
4f914e4eeeFixes to stream formatting of doubles, they weren't being streamed before. Implemented the chk versions of printf and such, so that they all route through the logging interface as well. Implemented the concretization APIs.
Peter Goodman
2017-11-01 17:56:54 -04:00
d2bc82fc35Renaming from McTest to DeepState.
Peter Goodman
2017-11-01 13:38:32 -04:00
f7f029965bWhatever I had before renaming.
Peter Goodman
2017-11-01 12:14:22 -04:00
a46e06b03bRefactored to split common code between Manticore and Angr out into common.py. Implemented the new deferred streaming stuff, it seems to work semi-well for this simple cases I've tested, but there's still work to do. The latest code has some remaining issues. Printing out the final input bytes in Angr shows the wrong thing, although what gets streamed out is right. This is visible when running mctest-angr examples/ArtihmeticProperties. With Manticore, the big issue is that it doesn't properly pickle smt expressions (or something to this effect), so I'm ending up with multiple definitions of the same stuff and that throws exceptions. This is tricky to deal with because the streaming of output needs to be able to save symbolic data.
Peter Goodman
2017-11-01 02:42:31 -04:00
8ec44074adMake sure to make new lists of messages so that messages from one test don't get put into another.
Peter Goodman
2017-10-30 14:39:15 -04:00
3702bfcb81Changed how the logging works to log to a static buffer, then the hooks pull info out from there.
Peter Goodman
2017-10-30 14:16:02 -04:00
e4f4cfe0dbKind of feature parity between Manticore and Angr on these tests.
Peter Goodman
2017-10-30 00:45:59 -04:00
4b786adc70Got Manticore (with some minor unpublished fixes) working for McTest, based on Yan's initial work. Most of the angr code directly ports over, which is convenient. Haven't yet implemented McTest_Log (which isn't working for angr, curiously).
Peter Goodman
2017-10-29 20:35:50 -04:00
0ec7047b0fMerge branch 'master' of github.com:trailofbits/mctest
Peter Goodman
2017-10-29 18:54:48 -04:00
e0f104aaefAdding logger support, and other things.
Peter Goodman
2017-10-29 18:54:41 -04:00
e3d8ab9b61Expand Manticore support
yan
2017-10-29 18:17:15 -04:00
7c9710cd05Remove IsSymbolic preficate for pointers.
Peter Goodman
2017-10-28 20:26:43 -04:00
b8560c553fUSe a C++ style case in McTest.hpp
Peter Goodman
2017-10-28 20:23:23 -04:00
89da3e8e94Made it so that tests can be run on their own, independent of a symbolic executor. This will open up libFuzzer support, and concrete execution of solved-for test case inputs. Removed all stuff related to sections. Made tests get registered via initializers. Working on exposing the API functions to be hooked by Manticore via a special system call with addres 0x41414141. Split the Angr version out into the mctest-angr binary, and going to try to make the mctest binary use Manticore.
Peter Goodman
2017-10-28 19:13:59 -04:00
0d336bd4d6Fixed build errors for c++ test basics. Added a ForAll thingy to abstract around making symbols. Shortened section name lengths. Added a simple arithmetic properties test case.
Peter Goodman
2017-10-28 01:11:59 -04:00
76585f095bImprovements. Now hooking fewer functions, and instead making on big array symbolic. This will make it easier to run the inputs concretely (by eventually filling in the array with the concrete bytes), and will also make possible fuzzer integration (where the fuzzer mutates the bytes of the array) possible.
Peter Goodman
2017-10-28 00:09:33 -04:00
6249ec6208Initial commit.
Peter Goodman
2017-10-27 16:34:58 -04:00
Joe Ranweiler
Peter Goodman
Alex Groce
Artem Dinaburg
yan