update libaflfuzz

google · Nov 26, 2024 · b5c5c54 · b5c5c54
1 parent e1cc5e3
commit b5c5c54
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 19 deletions.
diff --git a/fuzzers/libafl_fuzz/builder.Dockerfile b/fuzzers/libafl_fuzz/builder.Dockerfile
@@ -24,14 +24,14 @@ RUN apt-get update && \
 # Uninstall old Rust & Install the latest one.
 RUN if which rustup; then rustup self uninstall -y; fi && \
     curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /rustup.sh && \
-    sh /rustup.sh --default-toolchain nightly-2024-07-04 -y && \
+    sh /rustup.sh --default-toolchain nightly-2024-11-25 -y && \
     rm /rustup.sh
 
 # Download afl++.
 RUN git clone https://github.com/AFLplusplus/AFLplusplus /afl
 
 # Checkout a current commit
-RUN cd /afl && git pull && git checkout ab5f95e17ac7d957e26f5c1789a8624a238ac0e0
+RUN cd /afl && git pull && git checkout 5777ceaf23f48ae4ceae60e4f3a79263802633c6
 
 # Build without Python support as we don't need it.
 # Set AFL_NO_X86 to skip flaky tests.
@@ -43,14 +43,14 @@ RUN cd /afl && \
     cp utils/aflpp_driver/libAFLDriver.a /
 
 # Download libafl.
-RUN git clone https://github.com/R9295/LibAFL /libafl
+RUN git clone https://github.com/AFLplusplus/LibAFL /libafl
 
 # Checkout a current commit
-RUN cd /libafl && git pull && \
-    git checkout libafl-fuzz/frida-mode-separate
+RUN cd /libafl && git pull
 
 # Compile libafl.
 RUN cd /libafl && \
     unset CFLAGS CXXFLAGS && \
     cd ./fuzzers/forkserver/libafl-fuzz && \
-    PATH="/root/.cargo/bin/:$PATH" cargo build --profile release
+    PATH="/root/.cargo/bin/:$PATH" cargo build --profile release --features fuzzbench
+
diff --git a/fuzzers/libafl_fuzz/fuzzer.py b/fuzzers/libafl_fuzz/fuzzer.py
@@ -25,8 +25,7 @@
 def build():
     """Build benchmark."""
     # Build the target with AFL++
-    #aflplusplus_fuzzer.build('tracepc', 'cmplog', 'dict2file')
-    aflplusplus_fuzzer.build('tracepc', 'dict2file')
+    aflplusplus_fuzzer.build('tracepc', 'cmplog', 'dict2file')
 
     # Copy to fuzzer to OUT
     build_directory = os.environ['OUT']
@@ -37,12 +36,12 @@ def build():
 def fuzz(input_corpus, output_corpus, target_binary):
     """Run fuzzer."""
     # Calculate CmpLog binary path from the instrumented target binary.
-    #target_binary_directory = os.path.dirname(target_binary)
-    #cmplog_target_binary_directory = \
-    #    aflplusplus_fuzzer.get_cmplog_build_directory(target_binary_directory)
-    #target_binary_name = os.path.basename(target_binary)
-    #cmplog_target_binary = os.path.join(cmplog_target_binary_directory,
-    #                                    target_binary_name)
+    target_binary_directory = os.path.dirname(target_binary)
+    cmplog_target_binary_directory = \
+        aflplusplus_fuzzer.get_cmplog_build_directory(target_binary_directory)
+    target_binary_name = os.path.basename(target_binary)
+    cmplog_target_binary = os.path.join(cmplog_target_binary_directory,
+                                        target_binary_name)
 
     # Setup env vars
     libafl_fuzzer.prepare_fuzz_environment(input_corpus)
@@ -59,17 +58,16 @@ def fuzz(input_corpus, output_corpus, target_binary):
             dictionary_path = './afl++.dict'
 
     # Run the fuzzer
-    #command = ['./libafl-fuzz', '-c', cmplog_target_binary]
-    command = ['./libafl-fuzz']
+    command = ['./libafl-fuzz', '-c', cmplog_target_binary]
     if dictionary_path:
         command += (['-x', dictionary_path])
     command += (['-o', output_corpus, '-i', input_corpus, target_binary])
-    #command += (['-t', '1000'])
+    command += (['-t', '1000'])
     print(command)
     env = {
         'AFL_CORES': '0',
         'AFL_IGNORE_TIMEOUT': '1',
-        'AFL_CMPLOG_ONLY_NEW': '1',
-        'AFL_MAP_SIZE': '2621440'
+        'AFL_MAP_SIZE': '2621440',
+        'AFL_CMPLOG_ONLY_NEW': '1'
     }
     subprocess.check_call(command, cwd=os.environ['OUT'], env=env)