"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "honggfuzz.c" between
honggfuzz-2.1.tar.gz and honggfuzz-2.2.tar.gz

About: honggfuzz is a security oriented, feedback-driven, evolutionary, easy-to-use fuzzer with powerful analysis options.

honggfuzz.c  (honggfuzz-2.1):honggfuzz.c  (honggfuzz-2.2)
skipping to change at line 197 skipping to change at line 197
} }
static void printSummary(honggfuzz_t* hfuzz) { static void printSummary(honggfuzz_t* hfuzz) {
uint64_t exec_per_sec = 0; uint64_t exec_per_sec = 0;
uint64_t elapsed_sec = time(NULL) - hfuzz->timing.timeStart; uint64_t elapsed_sec = time(NULL) - hfuzz->timing.timeStart;
if (elapsed_sec) { if (elapsed_sec) {
exec_per_sec = hfuzz->cnts.mutationsCnt / elapsed_sec; exec_per_sec = hfuzz->cnts.mutationsCnt / elapsed_sec;
} }
uint64_t guardNb = ATOMIC_GET(hfuzz->feedback.covFeedbackMap->guardNb); uint64_t guardNb = ATOMIC_GET(hfuzz->feedback.covFeedbackMap->guardNb);
uint64_t branch_percent_cov = uint64_t branch_percent_cov =
guardNb ? ((100 * ATOMIC_GET(hfuzz->linux.hwCnts.softCntEdge)) / guardNb ) : 0; guardNb ? ((100 * ATOMIC_GET(hfuzz->feedback.hwCnts.softCntEdge)) / guar dNb) : 0;
struct rusage usage; struct rusage usage;
if (getrusage(RUSAGE_CHILDREN, &usage)) { if (getrusage(RUSAGE_CHILDREN, &usage)) {
PLOG_W("getrusage failed"); PLOG_W("getrusage failed");
usage.ru_maxrss = 0; // 0 means something went wrong with rusage usage.ru_maxrss = 0; // 0 means something went wrong with rusage
} }
#ifdef _HF_ARCH_DARWIN #ifdef _HF_ARCH_DARWIN
usage.ru_maxrss >>= 20; usage.ru_maxrss >>= 20;
#else #else
usage.ru_maxrss >>= 10; usage.ru_maxrss >>= 10;
#endif #endif
LOG_I("Summary iterations:%zu time:%" PRIu64 " speed:%" PRIu64 " " LOG_I("Summary iterations:%zu time:%" PRIu64 " speed:%" PRIu64 " "
"crashes_count:%zu timeout_count:%zu new_units_added:%zu " "crashes_count:%zu timeout_count:%zu new_units_added:%zu "
"slowest_unit_ms:%" PRId64 " guard_nb:%" PRIu64 " branch_coverage_perc ent:%" PRIu64 " " "slowest_unit_ms:%" PRId64 " guard_nb:%" PRIu64 " branch_coverage_perc ent:%" PRIu64 " "
"peak_rss_mb:%lu", "peak_rss_mb:%lu",
hfuzz->cnts.mutationsCnt, elapsed_sec, exec_per_sec, hfuzz->cnts.crashes Cnt, hfuzz->cnts.mutationsCnt, elapsed_sec, exec_per_sec, hfuzz->cnts.crashes Cnt,
hfuzz->cnts.timeoutedCnt, hfuzz->io.newUnitsAdded, hfuzz->cnts.timeoutedCnt, hfuzz->io.newUnitsAdded,
hfuzz->timing.timeOfLongestUnitInMilliseconds, hfuzz->feedback.covFeedba ckMap->guardNb, hfuzz->timing.timeOfLongestUnitUSecs / 1000U, hfuzz->feedback.covFeedbac kMap->guardNb,
branch_percent_cov, usage.ru_maxrss); branch_percent_cov, usage.ru_maxrss);
} }
static void pingThreads(honggfuzz_t* hfuzz) { static void pingThreads(honggfuzz_t* hfuzz) {
for (size_t i = 0; i < hfuzz->threads.threadsMax; i++) { for (size_t i = 0; i < hfuzz->threads.threadsMax; i++) {
if (pthread_kill(hfuzz->threads.threads[i], SIGCHLD) != 0 && errno != EI NTR && errno != 0) { if (pthread_kill(hfuzz->threads.threads[i], SIGCHLD) != 0 && errno != EI NTR && errno != 0) {
PLOG_W("pthread_kill(thread=%zu, SIGCHLD)", i); PLOG_W("pthread_kill(thread=%zu, SIGCHLD)", i);
} }
} }
} }
skipping to change at line 298 skipping to change at line 298
for (;;) { for (;;) {
if (ATOMIC_GET(hfuzz->threads.threadsFinished) >= hfuzz->threads.threads Max) { if (ATOMIC_GET(hfuzz->threads.threadsFinished) >= hfuzz->threads.threads Max) {
break; break;
} }
pingThreads(hfuzz); pingThreads(hfuzz);
util_sleepForMSec(50); /* 50ms */ util_sleepForMSec(50); /* 50ms */
} }
} }
static const char* strYesNo(bool yes) {
return (yes ? "true" : "false");
}
static const char* getGitVersion() {
static char version[] = "$Id: 71c712fd2cc2c15e545ca447fc9219a246be82fb $";
if (strlen(version) == 47) {
version[45] = '\0';
return &version[5];
}
return "UNKNOWN";
}
int main(int argc, char** argv) { int main(int argc, char** argv) {
/* /*
* Work around CygWin/MinGW * Work around CygWin/MinGW
*/ */
char** myargs = (char**)util_Malloc(sizeof(char*) * (argc + 1)); char** myargs = (char**)util_Calloc(sizeof(char*) * (argc + 1));
defer { defer {
free(myargs); free(myargs);
}; };
int i; int i;
for (i = 0U; i < argc; i++) { for (i = 0U; i < argc; i++) {
myargs[i] = argv[i]; myargs[i] = argv[i];
} }
myargs[i] = NULL; myargs[i] = NULL;
skipping to change at line 327 skipping to change at line 340
PLOG_F("Input directory '%s' is not readable", hfuzz.io.inputDir); PLOG_F("Input directory '%s' is not readable", hfuzz.io.inputDir);
} }
if (hfuzz.io.outputDir && access(hfuzz.io.outputDir, W_OK) == -1) { if (hfuzz.io.outputDir && access(hfuzz.io.outputDir, W_OK) == -1) {
PLOG_F("Output directory '%s' is not writeable", hfuzz.io.outputDir); PLOG_F("Output directory '%s' is not writeable", hfuzz.io.outputDir);
} }
if (hfuzz.cfg.minimize) { if (hfuzz.cfg.minimize) {
LOG_I("Minimization mode enabled. Setting number of threads to 1"); LOG_I("Minimization mode enabled. Setting number of threads to 1");
hfuzz.threads.threadsMax = 1; hfuzz.threads.threadsMax = 1;
} }
char tmstr[64];
util_getLocalTime("%F.%H.%M.%S", tmstr, sizeof(tmstr), time(NULL));
LOG_I("Start time:'%s' bin:'%s', input:'%s', output:'%s', persistent:%s, std
in:%s, "
"mutation_rate:%u, timeout:%ld, max_runs:%zu, threads:%zu, minimize:%s
, git_commit:%s",
tmstr, hfuzz.exe.cmdline[0], hfuzz.io.inputDir,
hfuzz.io.outputDir ? hfuzz.io.outputDir : hfuzz.io.inputDir, strYesNo(hf
uzz.exe.persistent),
strYesNo(hfuzz.exe.fuzzStdin), hfuzz.mutate.mutationsPerRun, (long)hfuzz
.timing.tmOut,
hfuzz.mutate.mutationsMax, hfuzz.threads.threadsMax, strYesNo(hfuzz.cfg.
minimize),
getGitVersion());
sigemptyset(&hfuzz.exe.waitSigSet); sigemptyset(&hfuzz.exe.waitSigSet);
sigaddset(&hfuzz.exe.waitSigSet, SIGIO); /* Persistent socket data */ sigaddset(&hfuzz.exe.waitSigSet, SIGIO); /* Persistent socket data */
sigaddset(&hfuzz.exe.waitSigSet, SIGCHLD); /* Ping from the signal thread */ sigaddset(&hfuzz.exe.waitSigSet, SIGCHLD); /* Ping from the signal thread */
if (hfuzz.display.useScreen) { if (hfuzz.display.useScreen) {
display_init(); display_init();
} }
if (hfuzz.socketFuzzer.enabled) { if (hfuzz.socketFuzzer.enabled) {
LOG_I("No input file corpus loaded, the external socket_fuzzer is respon sible for " LOG_I("No input file corpus loaded, the external socket_fuzzer is respon sible for "
skipping to change at line 351 skipping to change at line 374
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
if (hfuzz.mutate.dictionaryFile && (input_parseDictionary(&hfuzz) == false)) { if (hfuzz.mutate.dictionaryFile && (input_parseDictionary(&hfuzz) == false)) {
LOG_F("Couldn't parse dictionary file ('%s')", hfuzz.mutate.dictionaryFi le); LOG_F("Couldn't parse dictionary file ('%s')", hfuzz.mutate.dictionaryFi le);
} }
if (hfuzz.feedback.blacklistFile && (input_parseBlacklist(&hfuzz) == false)) { if (hfuzz.feedback.blacklistFile && (input_parseBlacklist(&hfuzz) == false)) {
LOG_F("Couldn't parse stackhash blacklist file ('%s')", hfuzz.feedback.b lacklistFile); LOG_F("Couldn't parse stackhash blacklist file ('%s')", hfuzz.feedback.b lacklistFile);
} }
#define hfuzzl hfuzz.linux #define hfuzzl hfuzz.arch_linux
if (hfuzzl.symsBlFile && if (hfuzzl.symsBlFile &&
((hfuzzl.symsBlCnt = files_parseSymbolFilter(hfuzzl.symsBlFile, &hfuzzl. symsBl)) == 0)) { ((hfuzzl.symsBlCnt = files_parseSymbolFilter(hfuzzl.symsBlFile, &hfuzzl. symsBl)) == 0)) {
LOG_F("Couldn't parse symbols blacklist file ('%s')", hfuzzl.symsBlFile) ; LOG_F("Couldn't parse symbols blacklist file ('%s')", hfuzzl.symsBlFile) ;
} }
if (hfuzzl.symsWlFile && if (hfuzzl.symsWlFile &&
((hfuzzl.symsWlCnt = files_parseSymbolFilter(hfuzzl.symsWlFile, &hfuzzl. symsWl)) == 0)) { ((hfuzzl.symsWlCnt = files_parseSymbolFilter(hfuzzl.symsWlFile, &hfuzzl. symsWl)) == 0)) {
LOG_F("Couldn't parse symbols whitelist file ('%s')", hfuzzl.symsWlFile) ; LOG_F("Couldn't parse symbols whitelist file ('%s')", hfuzzl.symsWlFile) ;
} }
skipping to change at line 392 skipping to change at line 415
if (!subproc_runThread(&hfuzz, &sigthread, signalThread, /* joinable= */ fal se)) { if (!subproc_runThread(&hfuzz, &sigthread, signalThread, /* joinable= */ fal se)) {
LOG_F("Couldn't start the signal thread"); LOG_F("Couldn't start the signal thread");
} }
mainThreadLoop(&hfuzz); mainThreadLoop(&hfuzz);
/* Clean-up global buffers */ /* Clean-up global buffers */
if (hfuzz.feedback.blacklist) { if (hfuzz.feedback.blacklist) {
free(hfuzz.feedback.blacklist); free(hfuzz.feedback.blacklist);
} }
if (hfuzz.mutate.dictionaryCnt) {
input_freeDictionary(&hfuzz);
}
#if defined(_HF_ARCH_LINUX) #if defined(_HF_ARCH_LINUX)
if (hfuzz.linux.symsBl) { if (hfuzz.arch_linux.symsBl) {
free(hfuzz.linux.symsBl); free(hfuzz.arch_linux.symsBl);
} }
if (hfuzz.linux.symsWl) { if (hfuzz.arch_linux.symsWl) {
free(hfuzz.linux.symsWl); free(hfuzz.arch_linux.symsWl);
} }
#elif defined(_HF_ARCH_NETBSD) #elif defined(_HF_ARCH_NETBSD)
if (hfuzz.netbsd.symsBl) { if (hfuzz.arch_netbsd.symsBl) {
free(hfuzz.netbsd.symsBl); free(hfuzz.arch_netbsd.symsBl);
} }
if (hfuzz.netbsd.symsWl) { if (hfuzz.arch_netbsd.symsWl) {
free(hfuzz.netbsd.symsWl); free(hfuzz.arch_netbsd.symsWl);
} }
#endif #endif
if (hfuzz.socketFuzzer.enabled) { if (hfuzz.socketFuzzer.enabled) {
cleanupSocketFuzzer(); cleanupSocketFuzzer();
} }
printSummary(&hfuzz); printSummary(&hfuzz);
return EXIT_SUCCESS; return EXIT_SUCCESS;
} }
 End of changes. 11 change blocks. 
15 lines changed or deleted 40 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)