songsong的垃圾堆

收废铜烂铁~

0%

动态覆盖率若干协议实战

发表于 更新于 阅读: Valine:
本文字数: 543 阅读时长 ≈ 2 分钟

插桩

都使用pcguard插桩:Create shared memory

1
2
3
4
5
6
7
cd /dev/shm
dd if=/dev/zero bs=10M count=1 of=song
export SHM_ENV_VAR=/dev/shm/song


dd if=/dev/zero bs=10M count=1 of=lucky
export LUCKY_GLOBAL_MMAP_FILE=/dev/shm/lucky

可以验证

1
2
nm fftp | grep pc_guard
strings ./fftp | grep asan

LightFTP

备忘:在4fea4969cec4 peach-ubuntu18这个容器

编译

1
2
3
AFL_USE_ASAN=1 make CC=/afl/compiler/afl-clang-fast      CXX=/afl/compiler/afl-clang-fast++      CFLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard"      CXXFLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard"

/pcguard_cov/afl-clang-fast

运行

1
2
./fftp ../../Bin/fftp.conf
./peach ftp-llm.xml -maxNoCoverage 10 -NthIteration 100

IEC104

备忘:在52a9f3a51351 peach-clang-ubuntu14这个容器

编译

1
AFL_USE_ASAN=1 make CC=/compiler/afl-clang-fast      CXX=/compiler/afl-clang-fast++

运行

1
2
./iec104_monitor -d 127.0.0.1 -m server -n 2 -p 10000
./peach iec104.xml -maxNoCoverage 10 -NthIteration 100

qpid

备忘:在这个容器32231fb0d7c1 amqp-qpid

编译

cmake需要更高版本,ubuntu18默认的版本不行

https://github.com/Kitware/CMake/releases/tag/v3.16.3

1
2
/cmake-3.16.3-Linux-x86_64/bin/cmake -DCMAKE_C_COMPILER=/compiler/afl-clang-fast -DCMAKE_CXX_COMPILER=/compiler/afl-clang-fast++ -DBUILD_PROBES=no ..
AFL_USE_ASAN=1 make -j$(nproc)

pcguard

1
2
/cmake-3.16.3-Linux-x86_64/bin/cmake -DCMAKE_C_COMPILER=/compiler/afl-clang-fast -DCMAKE_CXX_COMPILER=/compiler/afl-clang-fast++ -DCMAKE_C_FLAGS="-fsanitize-coverage=trace-pc-guard" -DCMAKE_CXX_FLAGS="-fsanitize-coverage=trace-pc-guard" -DBUILD_PROBES=no ..
AFL_USE_ASAN=1 make -j$(nproc)

aa

1
2
/cmake-3.16.3-Linux-x86_64/bin/cmake -DCMAKE_C_COMPILER=/pcguard-cov/afl-clang-fast -DCMAKE_CXX_COMPILER=/pcguard-cov/afl-clang-fast++ -DCMAKE_C_FLAGS="-fsanitize-coverage=trace-pc-guard" -DCMAKE_CXX_FLAGS="-fsanitize-coverage=trace-pc-guard" -DBUILD_PROBES=no ..
AFL_USE_ASAN=1 make -j$(nproc)

运行

1
2
3
cd /opt/qpid-cpp/build/src
./qpidd
./peach amqp-config.xml -maxNoCoverage 10 -NthIteration 100

mosquitto

备忘:016f1a20d27a mqtt-ubuntu18

编译

1
AFL_USE_ASAN=1 make WITH_DOCS=no CC=/compiler/afl-clang-fast      CXX=/compiler/afl-clang-fast++      CFLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard"      CXXFLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard"
1
AFL_USE_ASAN=1 make WITH_DOCS=no CC=/pcguard-cov/afl-clang-fast      CXX=/pcguard-cov/afl-clang-fast++      CFLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard"      CXXFLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard"

运行

1
2
3
4
5
6
/mosquitto/src/mosquitto
LD_LIBRARY_PATH=/mosquitto/lib ./mosquitto_pub -t 'test/topic' -m 'hello world' 
LD_LIBRARY_PATH=/mosquitto/lib ./mosquitto_sub -t 'test/topic' -v


./peach mqtt-llm.xml -maxNoCoverage 10 -NthIteration 1000

vsomeip

备忘:8b23ddce35d6 someip2

编译

1
2
cmake -DCMAKE_C_COMPILER=/pcguard-cov/afl-clang-fast -DCMAKE_CXX_COMPILER=/pcguard-cov/afl-clang-fast++ -DCMAKE_C_FLAGS="-fsanitize-coverage=trace-pc-guard" -DCMAKE_CXX_FLAGS="-fsanitize-coverage=trace-pc-guard" ..
AFL_USE_ASAN=1 make

运行

1
2
export LD_LIBRARY_PATH=/opt/vsomeip/build
VSOMEIP_CONFIGURATION=/opt/vsomeip/config/vsomeip.json ./hello_world_service

libcoap

备忘:d38e656d3e03 coap-ubuntu20

编译

1
2
# 配置 CMake
cmake -DCMAKE_C_COMPILER=/pcguard-cov/afl-clang-fast -DCMAKE_CXX_COMPILER=/pcguard-cov/afl-clang-fast++ -DCMAKE_C_FLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard -g -O1 -fno-omit-frame-pointer" -DCMAKE_CXX_FLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard -g -O1 -fno-omit-frame-pointer" -DENABLE_DTLS=0 -DENABLE_Q_BLOCK=ON -DENABLE_DOCS=OFF ..

运行

1
2
./coap-server
./peach coap.xml -maxNoCoverage 10 -NthIteration 1000
------------- Thank you for reading -------------
Title - Artist
0:00