zakarya/puzzles
1
0
Fork 0
mirror of git://git.tartarus.org/simon/puzzles.git synced 2025-04-21 08:01:30 -07:00
Code Issues Packages Projects Releases Wiki Activity

Support Honggfuzz's persistent mode in fuzzpuzz

Browse Source 
Unlike AFL, Honggfuzz's compiler wrapper doesn't provide a convenient
preprocessor macro, so we have to have CMake detect the existence of
HF_ITER.  Also the resulting program can't run outside of Honggfuzz, so
maybe some additional cleverness is called for there as well.  Still, it
makes Honggfuzz go ten times faster, which is nice.
This commit is contained in:
Ben Harris
2023-02-18 11:59:08 +00:00
parent b107decdaf
commit 150c05a298
2 changed files with 35 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
CMakeLists.txt
View File

@ -275,10 +275,15 @@ cliprogram(penrose-vector-test penrose.c COMPILE_DEFINITIONS TEST_VECTORS)
cliprogram(sort-test sort.c COMPILE_DEFINITIONS SORT_TEST) cliprogram(sort-test sort.c COMPILE_DEFINITIONS SORT_TEST)
cliprogram(tree234-test tree234.c COMPILE_DEFINITIONS TEST) cliprogram(tree234-test tree234.c COMPILE_DEFINITIONS TEST)
if(build_cli_programs)
write_generated_games_header() write_generated_games_header()
include(CheckFunctionExists)
check_function_exists(HF_ITER HAVE_HF_ITER)
if(HAVE_HF_ITER)
add_definitions(-DHAVE_HF_ITER)
endif()
cliprogram(fuzzpuzz fuzzpuzz.c list.c ${puzzle_sources} cliprogram(fuzzpuzz fuzzpuzz.c list.c ${puzzle_sources}
COMPILE_DEFINITIONS COMBINED) COMPILE_DEFINITIONS COMBINED)
if(build_cli_programs)
target_include_directories(fuzzpuzz PRIVATE ${generated_include_dir}) target_include_directories(fuzzpuzz PRIVATE ${generated_include_dir})
endif() endif()

27
fuzzpuzz.c
View File

@ -16,6 +16,13 @@
* cmake --build build-afl --target fuzzpuzz * cmake --build build-afl --target fuzzpuzz
* mkdir fuzz-in && ln icons/''*.sav fuzz-in * mkdir fuzz-in && ln icons/''*.sav fuzz-in
* afl-fuzz -i fuzz-in -o fuzz-out -x fuzzpuzz.dict -- build-afl/fuzzpuzz * afl-fuzz -i fuzz-in -o fuzz-out -x fuzzpuzz.dict -- build-afl/fuzzpuzz
*
* Similarly with Honggfuzz:
*
* CC=hfuzz-cc cmake -B build-honggfuzz
* cmake --build build-honggfuzz --target fuzzpuzz
* mkdir fuzz-corpus && ln icons/''*.sav fuzz-corpus
* honggfuzz -s -i fuzz-corpus -w fuzzpuzz.dict -- build-honggfuzz/fuzzpuzz
*/ */
#include <stdbool.h> #include <stdbool.h>
@ -32,6 +39,10 @@
__AFL_FUZZ_INIT(); __AFL_FUZZ_INIT();
#endif #endif
#ifdef HAVE_HF_ITER
extern int HF_ITER(unsigned char **, size_t *);
#endif
static const char *fuzz_one(bool (*readfn)(void *, void *, int), void *rctx, static const char *fuzz_one(bool (*readfn)(void *, void *, int), void *rctx,
void (*rewindfn)(void *), void (*rewindfn)(void *),
void (*writefn)(void *, const void *, int), void (*writefn)(void *, const void *, int),
@ -123,6 +134,22 @@ int main(int argc, char **argv)
ret = 1; ret = 1;
continue; continue;
} }
#elif defined(HAVE_HF_ITER)
/*
* Honggfuzz persistent mode. Unlike AFL persistent mode, the
* resulting executable cannot be run outside of Honggfuzz.
*/
while (true) {
unsigned char *testcase_buf;
size_t testcase_len;
if (in != NULL) fclose(in);
HF_ITER(&testcase_buf, &testcase_len);
in = fmemopen(testcase_buf, testcase_len, "r");
if (in == NULL) {
fprintf(stderr, "fmemopen failed");
ret = 1;
continue;
}
#else #else
in = stdin; in = stdin;
while (ret == -1) { while (ret == -1) {