status-im
/
nim-eth
mirror of https://github.com/status-im/nim-eth.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add aflInit and aflLoop + add comments

This commit is contained in:
kdeme 2019-10-08 16:23:57 +02:00
parent c64a370fe7
commit 19930cc94d
No known key found for this signature in database
GPG Key ID: 4E8DD21420AF43F5
2 changed files with 32 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
tests/fuzzing/fuzz_helpers.nim
View File

@ -23,7 +23,8 @@ const
"--clang.linkerexe=afl-clang" "--clang.linkerexe=afl-clang"
aflClangFast = "--cc=clang " & aflClangFast = "--cc=clang " &
"--clang.exe=afl-clang-fast " & "--clang.exe=afl-clang-fast " &
"--clang.linkerexe=afl-clang-fast" "--clang.linkerexe=afl-clang-fast " &
"-d:clangfast"
libFuzzerClang = "--cc=clang " & libFuzzerClang = "--cc=clang " &
"--passC='-fsanitize=fuzzer,address' " & "--passC='-fsanitize=fuzzer,address' " &
"--passL='-fsanitize=fuzzer,address'" "--passL='-fsanitize=fuzzer,address'"

31
tests/fuzzing/fuzztest.nim
View File

@ -12,7 +12,7 @@ template fuzz(body) =
else: else:
body body
proc readStdin*(): seq[byte] = proc readStdin(): seq[byte] =
# Read input from stdin (fastest for AFL) # Read input from stdin (fastest for AFL)
let s = newFileStream(stdin) let s = newFileStream(stdin)
if s.isNil: if s.isNil:
@ -38,6 +38,14 @@ template initImpl(): untyped =
return 0 return 0
template init*(body: untyped) = template init*(body: untyped) =
## Init block to do any initialisation for the fuzzing test.
##
## For AFL this is currently only cosmetic and will be run each time, before
## the test block.
##
## For libFuzzer this will only be run once. So only put data which is
## stateless or make sure everything gets properply reset for each new run in
## the test block.
when defined(standalone): when defined(standalone):
template initImpl(): untyped = fuzz: `body` template initImpl(): untyped = fuzz: `body`
else: else:
@ -50,6 +58,10 @@ template init*(body: untyped) =
return 0 return 0
template test*(body: untyped): untyped = template test*(body: untyped): untyped =
## Test block to do the actual test that will be fuzzed in a loop.
##
## Within this test block there is access to the payload OpenArray which
## contains the payload provided by the fuzzer.
mixin initImpl mixin initImpl
initImpl() initImpl()
when defined(standalone): when defined(standalone):
@ -63,3 +75,20 @@ template test*(body: untyped): untyped =
makeOpenArray(data, len) makeOpenArray(data, len)
`body` `body`
# var aflClangFast {.importc: "__AFL_HAVE_MANUAL_CONTROL", noDecl.}: int
when defined(clangfast):
## Can be used for deferred instrumentation.
## Should be placed on a suitable location in the code where the delayed
## cloning can take place (e.g. NOT after creation of threads)
proc aflInit*() {.importc: "__AFL_INIT", noDecl.}
## Can be used for persistent mode.
## Should be used as value for controlling a loop around a test case.
## Test case should be able to handle repeated inputs. No repeated fork() will
## be done.
# TODO: Lets use this in the test block when afl-clang-fast is used?
proc aflLoop*(count: cuint): cint {.importc: "__AFL_LOOP", noDecl.}
else:
proc aflInit*() = discard
proc aflLoop*(count: cuint): cint = 0