From 749edaab1f3f087fd959a175719da3b87bcc2161 Mon Sep 17 00:00:00 2001 From: Thuan Pham Date: Sun, 5 Mar 2023 23:06:41 +1100 Subject: [PATCH] [SBFT23] Update AFLSmart++ (#1774) --- fuzzers/aflsmart_plusplus/builder.Dockerfile | 11 +++++-- fuzzers/aflsmart_plusplus/fuzzer.py | 33 +++----------------- 2 files changed, 14 insertions(+), 30 deletions(-) diff --git a/fuzzers/aflsmart_plusplus/builder.Dockerfile b/fuzzers/aflsmart_plusplus/builder.Dockerfile index 3013be5b6..43bd48d92 100644 --- a/fuzzers/aflsmart_plusplus/builder.Dockerfile +++ b/fuzzers/aflsmart_plusplus/builder.Dockerfile @@ -41,13 +41,20 @@ RUN dpkg --add-architecture i386 && \ apt-utils \ libc6-dev-i386 \ g++-multilib \ - mono-complete \ software-properties-common +RUN apt install gnupg ca-certificates && \ + apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 \ + --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF && \ + echo "deb https://download.mono-project.com/repo/ubuntu stable-focal main" \ + | tee /etc/apt/sources.list.d/mono-official-stable.list && \ + apt update && \ + apt install -y monodoc-manual mono-complete + # Download and compile AFLSmart. RUN git clone https://github.com/thuanpv/aflsmart /afl && \ cd /afl && \ - git checkout bcc3f0e725cf5575968cf61c7000f2b6a95c480f && \ + git checkout de0b3855b0e688b3a9f52ccb241d2ebaf3d7f6b4 && \ AFL_NO_X86=1 make # Setup Peach. diff --git a/fuzzers/aflsmart_plusplus/fuzzer.py b/fuzzers/aflsmart_plusplus/fuzzer.py index 550240aef..7eaf6d05c 100755 --- a/fuzzers/aflsmart_plusplus/fuzzer.py +++ b/fuzzers/aflsmart_plusplus/fuzzer.py @@ -39,22 +39,7 @@ def fuzz(input_corpus, output_corpus, target_binary): afl_fuzzer.prepare_fuzz_environment(input_corpus) os.environ['PATH'] += os.pathsep + '/out/peach-3.0.202/' - composite_mode = False - input_model = '' - benchmark_name = os.environ['BENCHMARK'] - if benchmark_name == 'libpng-1.6.38': - input_model = 'png.xml' - if benchmark_name == 'libpcap_fuzz_both': - input_model = 'pcap.xml' - if benchmark_name == 'libjpeg-turbo-07-2017': - input_model = 'jpeg.xml' - if benchmark_name == 'freetype2-2017': - input_model = 'xtf.xml' - if benchmark_name == 'vorbis-2017-12-11': - input_model = 'ogg.xml' - if benchmark_name == 'bloaty_fuzz_target': - input_model = 'bloaty_composite.xml' - composite_mode = True + input_model = 'all_composite.xml' additional_flags = [ # Enable stacked mutations @@ -67,19 +52,11 @@ def fuzz(input_corpus, output_corpus, target_binary): input_model, # Choose FAVOR chunk type selection algo '-s', - 2, + '2', # Reduce the chance of doing "destructive" mutations '-D', - 50, + '50', ] - # Enable composite mode for targets - # taking multiple input formats like bloaty - if composite_mode: - additional_flags.append('-c') - - if input_model != '': - afl_fuzzer.run_afl_fuzz(input_corpus, output_corpus, target_binary, - additional_flags) - else: - afl_fuzzer.run_afl_fuzz(input_corpus, output_corpus, target_binary) + afl_fuzzer.run_afl_fuzz(input_corpus, output_corpus, target_binary, + additional_flags)