[PATCH] D21194: Enable libFuzzer's afl_driver to append stderr to a file.

Jonathan Metzman via llvm-commits llvm-commits at lists.llvm.org
Fri Jun 10 08:20:11 PDT 2016 

metzman updated this revision to Diff 60356.
metzman added a comment.

Remove afl_driver.h, move tests to afl-driver.test


http://reviews.llvm.org/D21194

Files:
  lib/Fuzzer/afl/afl_driver.cpp
  lib/Fuzzer/test/AFLDriverTest.cpp
  lib/Fuzzer/test/afl-driver.test

Index: lib/Fuzzer/test/afl-driver.test
===================================================================
--- /dev/null
+++ lib/Fuzzer/test/afl-driver.test
@@ -0,0 +1,13 @@
+RUN: clang++ %S/../afl/afl_driver.cpp %S/AFLDriverTest.cpp -o %T/test-afl-driver
+
+; Test that not specifying a file isn't broken.
+RUN: unset AFL_DRIVER_STDERR_DUPLICATE_FILENAME
+RUN: %T/test-afl-driver
+
+; Test that specifying an invalid file causes a crash.
+RUN: AFL_DRIVER_STDERR_DUPLICATE_FILENAME="%T" ~/llvm/build/bin/not --crash %T/test-afl-driver
+
+; Test that a file is created when specified as the duplicate stderr.
+RUN: AFL_DRIVER_STDERR_DUPLICATE_FILENAME=%t %T/test-afl-driver
+RUN: stat %t
+RUN: unset AFL_DRIVER_STDERR_DUPLICATE_FILENAME
Index: lib/Fuzzer/test/AFLDriverTest.cpp
===================================================================
--- /dev/null
+++ lib/Fuzzer/test/AFLDriverTest.cpp
@@ -0,0 +1,12 @@
+#include <stdint.h>
+#include <stdlib.h>
+
+extern "C" void __afl_manual_init() {}
+
+extern "C" int __afl_persistent_loop(unsigned int) {
+  return 0;
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  return 0;
+}
Index: lib/Fuzzer/afl/afl_driver.cpp
===================================================================
--- lib/Fuzzer/afl/afl_driver.cpp
+++ lib/Fuzzer/afl/afl_driver.cpp
@@ -60,6 +60,21 @@
 static const size_t kMaxAflInputSize = 1 << 20;
 static uint8_t AflInputBuf[kMaxAflInputSize];
 
+// If the user asks us to duplicate stderr, then do it.
+void duplicate_stderr() {
+  char* stderr_duplicate_filename =
+      getenv("AFL_DRIVER_STDERR_DUPLICATE_FILENAME");
+
+  if (!stderr_duplicate_filename)
+    return;
+
+  FILE* stderr_duplicate_stream =
+      freopen(stderr_duplicate_filename, "a+", stderr);
+
+  assert(stderr_duplicate_stream &&
+         "Failed to duplicate stderr to AFL_DRIVER_STDERR_DUPLICATE_FILENAME");
+}
+
 int main(int argc, char **argv) {
   fprintf(stderr, "Running in AFl-fuzz mode\nUsage:\n"
                   "afl-fuzz [afl-flags] %s [N] "
@@ -70,6 +85,8 @@
     LLVMFuzzerInitialize(&argc, &argv);
   // Do any other expensive one-time initialization here.
 
+  duplicate_stderr();
+
   __afl_manual_init();
 
   int N = 1000;


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D21194.60356.patch
Type: text/x-patch
Size: 2227 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20160610/7b317084/attachment.bin>

More information about the llvm-commits mailing list