int main(int argc, char **argv) { honggfuzz_t hfuzz; if (cmdlineParse(argc, argv, &hfuzz) == false) { LOG_F("Parsing of the cmd-line arguments failed"); } if (!files_init(&hfuzz)) { LOG_F("Couldn't load input files"); exit(EXIT_FAILURE); } if (hfuzz.dictionaryFile && (files_parseDictionary(&hfuzz) == false)) { LOG_F("Couldn't parse dictionary file ('%s')", hfuzz.dictionaryFile); } if (hfuzz.blacklistFile && (files_parseBlacklist(&hfuzz) == false)) { LOG_F("Couldn't parse stackhash blacklist file ('%s')", hfuzz.blacklistFile); } /* * So far so good */ fuzz_main(&hfuzz); abort(); /* NOTREACHED */ return EXIT_SUCCESS; }
int main(int argc, char **argv) { size_t size; global_init(); /* Disable logging by default to speed up fuzzing. */ int loglevel = LOG_ERR; for (int i = 1; i < argc; ++i) { if (!strcmp(argv[i], "--warn")) { loglevel = LOG_WARN; } else if (!strcmp(argv[i], "--notice")) { loglevel = LOG_NOTICE; } else if (!strcmp(argv[i], "--info")) { loglevel = LOG_INFO; } else if (!strcmp(argv[i], "--debug")) { loglevel = LOG_DEBUG; } } { log_severity_list_t s; memset(&s, 0, sizeof(s)); set_log_severity_config(loglevel, LOG_ERR, &s); /* ALWAYS log bug warnings. */ s.masks[LOG_WARN-LOG_ERR] |= LD_BUG; add_stream_log(&s, "", fileno(stdout)); } if (fuzz_init() < 0) abort(); #ifdef __AFL_HAVE_MANUAL_CONTROL /* Tell AFL to pause and fork here - ignored if not using AFL */ __AFL_INIT(); #endif #define MAX_FUZZ_SIZE (128*1024) char *input = read_file_to_str_until_eof(0, MAX_FUZZ_SIZE, &size); tor_assert(input); char *raw = tor_memdup(input, size); /* Because input is nul-terminated */ tor_free(input); fuzz_main((const uint8_t*)raw, size); tor_free(raw); if (fuzz_cleanup() < 0) abort(); tor_free(mock_options); UNMOCK(get_options); return 0; }
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { static int initialized = 0; if (!initialized) { global_init(); if (fuzz_init() < 0) abort(); initialized = 1; } return fuzz_main(Data, Size); }
int main(int argc, char **argv) { int c; int ll = l_INFO; honggfuzz_t hfuzz; hfuzz.inputFile = NULL; hfuzz.nullifyStdio = false; hfuzz.fuzzStdin = false; hfuzz.saveUnique = false; hfuzz.fileExtn = "fuzz"; hfuzz.flipRate = 0.001f; hfuzz.flipMode = 'B'; hfuzz.fuzzStart = 0; hfuzz.fuzzEnd = UINT_MAX; hfuzz.externalCommand = NULL; hfuzz.tmOut = 3; hfuzz.ignoreAddr = (void *)0UL; hfuzz.threadsMax = 5; hfuzz.asLimit = 0UL; hfuzz.cmdline = NULL; hfuzz.pid = 0; hfuzz.files = NULL; hfuzz.threadsCnt = 0; printf(AB PROG_NAME " version " PROG_VERSION "\n" PROG_AUTHORS AC "\n"); if (argc < 2) { usage(); exit(EXIT_SUCCESS); } for (;;) { c = getopt(argc, argv, "hqsuf:d:e:r:m:c:t:a:n:l:p:b:w:"); if (c < 0) break; switch (c) { case 'f': hfuzz.inputFile = optarg; break; case 'h': usage(); break; case 'q': hfuzz.nullifyStdio = true; break; case 's': hfuzz.fuzzStdin = true; break; case 'u': hfuzz.saveUnique = true; break; case 'd': ll = atoi(optarg); break; case 'e': hfuzz.fileExtn = optarg; break; case 'r': hfuzz.flipRate = atof(optarg); break; case 'm': hfuzz.flipMode = optarg[0]; break; case 'c': hfuzz.externalCommand = optarg; break; case 't': hfuzz.tmOut = atol(optarg); break; case 'a': hfuzz.ignoreAddr = (void *)atol(optarg); break; case 'n': hfuzz.threadsMax = atol(optarg); break; case 'l': hfuzz.asLimit = strtoul(optarg, NULL, 10); break; case 'p': hfuzz.pid = atoi(optarg); break; case 'b': hfuzz.fuzzStart = strtoul(optarg, NULL, 10); break; case 'w': hfuzz.fuzzEnd = strtoul(optarg, NULL, 10); break; default: break; } } hfuzz.cmdline = &argv[optind]; util_rndInit(); log_setMinLevel(ll); if (!hfuzz.cmdline[0]) { LOGMSG(l_FATAL, "Please specify binary to fuzz"); usage(); } if (!hfuzz.fuzzStdin && !checkFor_FILE_PLACEHOLDER(hfuzz.cmdline)) { LOGMSG(l_FATAL, "You must specify '" FILE_PLACEHOLDER "' when the -s (stdin fuzzing) option is not set"); usage(); } if (hfuzz.pid) { LOGMSG(l_INFO, "External PID specified, concurrency disabled"); hfuzz.threadsMax = 1; } if (strchr(hfuzz.fileExtn, '/')) { LOGMSG(l_FATAL, "The file extension contains the '/' character: '%s'", hfuzz.fileExtn); usage(); } if (hfuzz.fuzzStart > hfuzz.fuzzEnd || hfuzz.fuzzStart == hfuzz.fuzzEnd) { LOGMSG(l_FATAL, "Invalid mangle fuzz area file offsets"); usage(); } LOGMSG(l_INFO, "debugLevel: %d, inputFile '%s', nullifyStdio: %d, fuzzStdin: %d, saveUnique: %d, flipRate: %lf, " "flipMode: '%c', externalCommand: '%s', tmOut: %ld, threadsMax: %ld, fileExtn '%s', ignoreAddr: %p, " "memoryLimit: %lu (MiB), fuzzExe: '%s', fuzzedPid: %d", ll, hfuzz.inputFile, hfuzz.nullifyStdio ? 1 : 0, hfuzz.fuzzStdin ? 1 : 0, hfuzz.saveUnique ? 1 : 0, hfuzz.flipRate, hfuzz.flipMode, hfuzz.externalCommand == NULL ? "NULL" : hfuzz.externalCommand, hfuzz.tmOut, hfuzz.threadsMax, hfuzz.fileExtn, hfuzz.ignoreAddr, hfuzz.asLimit, hfuzz.cmdline[0], hfuzz.pid); if (!(hfuzz.fuzzers = malloc(sizeof(hfuzz.fuzzers[0]) * hfuzz.threadsMax))) { LOGMSG_P(l_FATAL, "Couldn't allocate memory"); exit(EXIT_FAILURE); } memset(hfuzz.fuzzers, '\0', sizeof(hfuzz.fuzzers[0]) * hfuzz.threadsMax); if (!files_init(&hfuzz)) { LOGMSG(l_FATAL, "Couldn't load input files"); exit(EXIT_FAILURE); } /* * So far so good */ fuzz_main(&hfuzz); abort(); /* NOTREACHED */ return EXIT_SUCCESS; }