2015-01-30 00:58:29 +08:00
|
|
|
//===- FuzzerUtil.cpp - Misc utils ----------------------------------------===//
|
|
|
|
//
|
|
|
|
// The LLVM Compiler Infrastructure
|
|
|
|
//
|
|
|
|
// This file is distributed under the University of Illinois Open Source
|
|
|
|
// License. See LICENSE.TXT for details.
|
|
|
|
//
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
// Misc utils.
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
|
|
|
#include "FuzzerInternal.h"
|
2015-05-15 06:41:49 +08:00
|
|
|
#include <sstream>
|
|
|
|
#include <iomanip>
|
2016-02-27 06:42:23 +08:00
|
|
|
#include <sys/resource.h>
|
2015-01-30 00:58:29 +08:00
|
|
|
#include <sys/time.h>
|
2016-05-07 07:38:07 +08:00
|
|
|
#include <sys/types.h>
|
|
|
|
#include <sys/syscall.h>
|
2015-01-30 00:58:29 +08:00
|
|
|
#include <cassert>
|
2016-05-07 07:38:07 +08:00
|
|
|
#include <chrono>
|
2015-01-30 00:58:29 +08:00
|
|
|
#include <cstring>
|
2016-10-19 08:12:03 +08:00
|
|
|
#include <stdio.h>
|
2015-01-30 00:58:29 +08:00
|
|
|
#include <signal.h>
|
2015-09-04 04:23:46 +08:00
|
|
|
#include <sstream>
|
2015-05-13 06:03:34 +08:00
|
|
|
#include <unistd.h>
|
2016-03-02 17:54:40 +08:00
|
|
|
#include <errno.h>
|
2016-05-07 07:38:07 +08:00
|
|
|
#include <thread>
|
2015-01-30 00:58:29 +08:00
|
|
|
|
|
|
|
namespace fuzzer {
|
|
|
|
|
2016-01-14 07:46:01 +08:00
|
|
|
void PrintHexArray(const uint8_t *Data, size_t Size,
|
|
|
|
const char *PrintAfter) {
|
|
|
|
for (size_t i = 0; i < Size; i++)
|
|
|
|
Printf("0x%x,", (unsigned)Data[i]);
|
2015-05-23 09:22:35 +08:00
|
|
|
Printf("%s", PrintAfter);
|
2015-01-30 00:58:29 +08:00
|
|
|
}
|
|
|
|
|
2016-01-14 07:46:01 +08:00
|
|
|
void Print(const Unit &v, const char *PrintAfter) {
|
|
|
|
PrintHexArray(v.data(), v.size(), PrintAfter);
|
|
|
|
}
|
|
|
|
|
2016-01-12 10:36:59 +08:00
|
|
|
void PrintASCIIByte(uint8_t Byte) {
|
|
|
|
if (Byte == '\\')
|
|
|
|
Printf("\\\\");
|
|
|
|
else if (Byte == '"')
|
|
|
|
Printf("\\\"");
|
|
|
|
else if (Byte >= 32 && Byte < 127)
|
|
|
|
Printf("%c", Byte);
|
|
|
|
else
|
|
|
|
Printf("\\x%02x", Byte);
|
|
|
|
}
|
|
|
|
|
|
|
|
void PrintASCII(const uint8_t *Data, size_t Size, const char *PrintAfter) {
|
|
|
|
for (size_t i = 0; i < Size; i++)
|
|
|
|
PrintASCIIByte(Data[i]);
|
|
|
|
Printf("%s", PrintAfter);
|
|
|
|
}
|
|
|
|
|
2015-01-30 00:58:29 +08:00
|
|
|
void PrintASCII(const Unit &U, const char *PrintAfter) {
|
2016-01-16 11:53:32 +08:00
|
|
|
PrintASCII(U.data(), U.size(), PrintAfter);
|
2015-01-30 00:58:29 +08:00
|
|
|
}
|
|
|
|
|
2016-09-22 06:42:17 +08:00
|
|
|
std::string Sha1ToString(const uint8_t Sha1[kSHA1NumBytes]) {
|
2015-05-15 06:41:49 +08:00
|
|
|
std::stringstream SS;
|
|
|
|
for (int i = 0; i < kSHA1NumBytes; i++)
|
2016-08-18 04:45:23 +08:00
|
|
|
SS << std::hex << std::setfill('0') << std::setw(2) << (unsigned)Sha1[i];
|
2015-05-15 06:41:49 +08:00
|
|
|
return SS.str();
|
2015-01-30 00:58:29 +08:00
|
|
|
}
|
|
|
|
|
2016-08-18 04:45:23 +08:00
|
|
|
std::string Hash(const Unit &U) {
|
|
|
|
uint8_t Hash[kSHA1NumBytes];
|
|
|
|
ComputeSHA1(U.data(), U.size(), Hash);
|
|
|
|
return Sha1ToString(Hash);
|
|
|
|
}
|
|
|
|
|
2015-01-30 00:58:29 +08:00
|
|
|
static void AlarmHandler(int, siginfo_t *, void *) {
|
2015-04-01 04:13:20 +08:00
|
|
|
Fuzzer::StaticAlarmCallback();
|
2015-01-30 00:58:29 +08:00
|
|
|
}
|
|
|
|
|
2016-03-02 06:19:21 +08:00
|
|
|
static void CrashHandler(int, siginfo_t *, void *) {
|
|
|
|
Fuzzer::StaticCrashSignalCallback();
|
|
|
|
}
|
|
|
|
|
|
|
|
static void InterruptHandler(int, siginfo_t *, void *) {
|
|
|
|
Fuzzer::StaticInterruptCallback();
|
|
|
|
}
|
|
|
|
|
|
|
|
static void SetSigaction(int signum,
|
|
|
|
void (*callback)(int, siginfo_t *, void *)) {
|
|
|
|
struct sigaction sigact;
|
|
|
|
memset(&sigact, 0, sizeof(sigact));
|
|
|
|
sigact.sa_sigaction = callback;
|
2016-03-02 17:54:40 +08:00
|
|
|
if (sigaction(signum, &sigact, 0)) {
|
|
|
|
Printf("libFuzzer: sigaction failed with %d\n", errno);
|
|
|
|
exit(1);
|
|
|
|
}
|
2016-03-02 06:19:21 +08:00
|
|
|
}
|
|
|
|
|
2015-01-30 00:58:29 +08:00
|
|
|
void SetTimer(int Seconds) {
|
|
|
|
struct itimerval T {{Seconds, 0}, {Seconds, 0}};
|
2016-03-02 17:54:40 +08:00
|
|
|
if (setitimer(ITIMER_REAL, &T, nullptr)) {
|
|
|
|
Printf("libFuzzer: setitimer failed with %d\n", errno);
|
|
|
|
exit(1);
|
|
|
|
}
|
2016-03-02 06:19:21 +08:00
|
|
|
SetSigaction(SIGALRM, AlarmHandler);
|
2015-01-30 00:58:29 +08:00
|
|
|
}
|
|
|
|
|
2016-03-02 06:19:21 +08:00
|
|
|
void SetSigSegvHandler() { SetSigaction(SIGSEGV, CrashHandler); }
|
|
|
|
void SetSigBusHandler() { SetSigaction(SIGBUS, CrashHandler); }
|
|
|
|
void SetSigAbrtHandler() { SetSigaction(SIGABRT, CrashHandler); }
|
|
|
|
void SetSigIllHandler() { SetSigaction(SIGILL, CrashHandler); }
|
|
|
|
void SetSigFpeHandler() { SetSigaction(SIGFPE, CrashHandler); }
|
|
|
|
void SetSigIntHandler() { SetSigaction(SIGINT, InterruptHandler); }
|
2016-03-25 05:03:58 +08:00
|
|
|
void SetSigTermHandler() { SetSigaction(SIGTERM, InterruptHandler); }
|
2016-03-02 06:19:21 +08:00
|
|
|
|
2015-05-13 02:51:57 +08:00
|
|
|
int NumberOfCpuCores() {
|
2016-05-20 09:30:36 +08:00
|
|
|
const char *CmdLine = nullptr;
|
|
|
|
if (LIBFUZZER_LINUX) {
|
|
|
|
CmdLine = "nproc";
|
|
|
|
} else if (LIBFUZZER_APPLE) {
|
|
|
|
CmdLine = "sysctl -n hw.ncpu";
|
|
|
|
} else {
|
|
|
|
assert(0 && "NumberOfCpuCores() is not implemented for your platform");
|
|
|
|
}
|
|
|
|
|
|
|
|
FILE *F = popen(CmdLine, "r");
|
|
|
|
int N = 1;
|
|
|
|
if (!F || fscanf(F, "%d", &N) != 1) {
|
|
|
|
Printf("WARNING: Failed to parse output of command \"%s\" in %s(). "
|
|
|
|
"Assuming CPU count of 1.\n",
|
|
|
|
CmdLine, __func__);
|
|
|
|
N = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (pclose(F)) {
|
|
|
|
Printf("WARNING: Executing command \"%s\" failed in %s(). "
|
|
|
|
"Assuming CPU count of 1.\n",
|
|
|
|
CmdLine, __func__);
|
|
|
|
N = 1;
|
|
|
|
}
|
|
|
|
if (N < 1) {
|
|
|
|
Printf("WARNING: Reported CPU count (%d) from command \"%s\" was invalid "
|
|
|
|
"in %s(). Assuming CPU count of 1.\n",
|
|
|
|
N, CmdLine, __func__);
|
2016-03-02 17:54:40 +08:00
|
|
|
N = 1;
|
2016-05-20 09:30:36 +08:00
|
|
|
}
|
2015-05-13 02:51:57 +08:00
|
|
|
return N;
|
|
|
|
}
|
|
|
|
|
2016-02-14 01:56:51 +08:00
|
|
|
bool ToASCII(uint8_t *Data, size_t Size) {
|
2015-08-11 09:44:42 +08:00
|
|
|
bool Changed = false;
|
2016-02-14 01:56:51 +08:00
|
|
|
for (size_t i = 0; i < Size; i++) {
|
|
|
|
uint8_t &X = Data[i];
|
2015-08-11 09:44:42 +08:00
|
|
|
auto NewX = X;
|
|
|
|
NewX &= 127;
|
|
|
|
if (!isspace(NewX) && !isprint(NewX))
|
|
|
|
NewX = ' ';
|
|
|
|
Changed |= NewX != X;
|
|
|
|
X = NewX;
|
|
|
|
}
|
|
|
|
return Changed;
|
|
|
|
}
|
|
|
|
|
2016-05-27 04:03:02 +08:00
|
|
|
bool IsASCII(const Unit &U) { return IsASCII(U.data(), U.size()); }
|
|
|
|
|
|
|
|
bool IsASCII(const uint8_t *Data, size_t Size) {
|
|
|
|
for (size_t i = 0; i < Size; i++)
|
|
|
|
if (!(isprint(Data[i]) || isspace(Data[i]))) return false;
|
2015-09-03 03:08:08 +08:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2015-09-04 04:23:46 +08:00
|
|
|
bool ParseOneDictionaryEntry(const std::string &Str, Unit *U) {
|
|
|
|
U->clear();
|
|
|
|
if (Str.empty()) return false;
|
|
|
|
size_t L = 0, R = Str.size() - 1; // We are parsing the range [L,R].
|
|
|
|
// Skip spaces from both sides.
|
|
|
|
while (L < R && isspace(Str[L])) L++;
|
|
|
|
while (R > L && isspace(Str[R])) R--;
|
|
|
|
if (R - L < 2) return false;
|
|
|
|
// Check the closing "
|
|
|
|
if (Str[R] != '"') return false;
|
|
|
|
R--;
|
|
|
|
// Find the opening "
|
|
|
|
while (L < R && Str[L] != '"') L++;
|
|
|
|
if (L >= R) return false;
|
|
|
|
assert(Str[L] == '\"');
|
|
|
|
L++;
|
|
|
|
assert(L <= R);
|
|
|
|
for (size_t Pos = L; Pos <= R; Pos++) {
|
|
|
|
uint8_t V = (uint8_t)Str[Pos];
|
|
|
|
if (!isprint(V) && !isspace(V)) return false;
|
|
|
|
if (V =='\\') {
|
|
|
|
// Handle '\\'
|
|
|
|
if (Pos + 1 <= R && (Str[Pos + 1] == '\\' || Str[Pos + 1] == '"')) {
|
|
|
|
U->push_back(Str[Pos + 1]);
|
|
|
|
Pos++;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
// Handle '\xAB'
|
|
|
|
if (Pos + 3 <= R && Str[Pos + 1] == 'x'
|
|
|
|
&& isxdigit(Str[Pos + 2]) && isxdigit(Str[Pos + 3])) {
|
|
|
|
char Hex[] = "0xAA";
|
|
|
|
Hex[2] = Str[Pos + 2];
|
|
|
|
Hex[3] = Str[Pos + 3];
|
|
|
|
U->push_back(strtol(Hex, nullptr, 16));
|
|
|
|
Pos += 3;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
return false; // Invalid escape.
|
|
|
|
} else {
|
|
|
|
// Any other character.
|
|
|
|
U->push_back(V);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool ParseDictionaryFile(const std::string &Text, std::vector<Unit> *Units) {
|
|
|
|
if (Text.empty()) {
|
|
|
|
Printf("ParseDictionaryFile: file does not exist or is empty\n");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
std::istringstream ISS(Text);
|
|
|
|
Units->clear();
|
|
|
|
Unit U;
|
|
|
|
int LineNo = 0;
|
|
|
|
std::string S;
|
|
|
|
while (std::getline(ISS, S, '\n')) {
|
|
|
|
LineNo++;
|
|
|
|
size_t Pos = 0;
|
|
|
|
while (Pos < S.size() && isspace(S[Pos])) Pos++; // Skip spaces.
|
|
|
|
if (Pos == S.size()) continue; // Empty line.
|
|
|
|
if (S[Pos] == '#') continue; // Comment line.
|
|
|
|
if (ParseOneDictionaryEntry(S, &U)) {
|
|
|
|
Units->push_back(U);
|
|
|
|
} else {
|
|
|
|
Printf("ParseDictionaryFile: error in line %d\n\t\t%s\n", LineNo,
|
|
|
|
S.c_str());
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2016-05-07 07:38:07 +08:00
|
|
|
void SleepSeconds(int Seconds) {
|
2016-09-20 04:32:34 +08:00
|
|
|
sleep(Seconds); // Use C API to avoid coverage from instrumented libc++.
|
2016-05-07 07:38:07 +08:00
|
|
|
}
|
2015-10-17 07:04:31 +08:00
|
|
|
|
2016-05-07 07:38:07 +08:00
|
|
|
int GetPid() { return getpid(); }
|
2015-12-05 06:29:39 +08:00
|
|
|
|
|
|
|
std::string Base64(const Unit &U) {
|
|
|
|
static const char Table[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
|
|
|
"abcdefghijklmnopqrstuvwxyz"
|
|
|
|
"0123456789+/";
|
|
|
|
std::string Res;
|
|
|
|
size_t i;
|
|
|
|
for (i = 0; i + 2 < U.size(); i += 3) {
|
|
|
|
uint32_t x = (U[i] << 16) + (U[i + 1] << 8) + U[i + 2];
|
|
|
|
Res += Table[(x >> 18) & 63];
|
|
|
|
Res += Table[(x >> 12) & 63];
|
|
|
|
Res += Table[(x >> 6) & 63];
|
|
|
|
Res += Table[x & 63];
|
|
|
|
}
|
|
|
|
if (i + 1 == U.size()) {
|
|
|
|
uint32_t x = (U[i] << 16);
|
|
|
|
Res += Table[(x >> 18) & 63];
|
|
|
|
Res += Table[(x >> 12) & 63];
|
|
|
|
Res += "==";
|
|
|
|
} else if (i + 2 == U.size()) {
|
|
|
|
uint32_t x = (U[i] << 16) + (U[i + 1] << 8);
|
|
|
|
Res += Table[(x >> 18) & 63];
|
|
|
|
Res += Table[(x >> 12) & 63];
|
|
|
|
Res += Table[(x >> 6) & 63];
|
|
|
|
Res += "=";
|
|
|
|
}
|
|
|
|
return Res;
|
|
|
|
}
|
|
|
|
|
2016-02-27 06:42:23 +08:00
|
|
|
size_t GetPeakRSSMb() {
|
|
|
|
struct rusage usage;
|
|
|
|
if (getrusage(RUSAGE_SELF, &usage))
|
|
|
|
return 0;
|
2016-05-20 09:37:54 +08:00
|
|
|
if (LIBFUZZER_LINUX) {
|
|
|
|
// ru_maxrss is in KiB
|
|
|
|
return usage.ru_maxrss >> 10;
|
|
|
|
} else if (LIBFUZZER_APPLE) {
|
|
|
|
// ru_maxrss is in bytes
|
|
|
|
return usage.ru_maxrss >> 20;
|
|
|
|
}
|
|
|
|
assert(0 && "GetPeakRSSMb() is not implemented for your platform");
|
|
|
|
return 0;
|
2016-02-27 06:42:23 +08:00
|
|
|
}
|
|
|
|
|
2016-09-27 08:10:20 +08:00
|
|
|
std::string DescribePC(const char *SymbolizedFMT, uintptr_t PC) {
|
|
|
|
if (!EF->__sanitizer_symbolize_pc) return "<can not symbolize>";
|
|
|
|
char PcDescr[1024];
|
|
|
|
EF->__sanitizer_symbolize_pc(reinterpret_cast<void*>(PC),
|
|
|
|
SymbolizedFMT, PcDescr, sizeof(PcDescr));
|
|
|
|
PcDescr[sizeof(PcDescr) - 1] = 0; // Just in case.
|
|
|
|
return PcDescr;
|
|
|
|
}
|
|
|
|
|
2016-09-19 05:47:08 +08:00
|
|
|
void PrintPC(const char *SymbolizedFMT, const char *FallbackFMT, uintptr_t PC) {
|
2016-09-27 08:10:20 +08:00
|
|
|
if (EF->__sanitizer_symbolize_pc)
|
|
|
|
Printf("%s", DescribePC(SymbolizedFMT, PC).c_str());
|
|
|
|
else
|
2016-09-19 05:47:08 +08:00
|
|
|
Printf(FallbackFMT, PC);
|
|
|
|
}
|
|
|
|
|
2016-10-19 08:12:03 +08:00
|
|
|
bool ExecuteCommandAndReadOutput(const std::string &Command, std::string *Out) {
|
|
|
|
FILE *Pipe = popen(Command.c_str(), "r");
|
|
|
|
if (!Pipe) return false;
|
|
|
|
char Buff[1024];
|
|
|
|
size_t N;
|
|
|
|
while ((N = fread(Buff, 1, sizeof(Buff), Pipe)) > 0)
|
|
|
|
Out->append(Buff, N);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2015-01-30 00:58:29 +08:00
|
|
|
} // namespace fuzzer
|