Virtualization
/
capstone
mirror of https://gitlab.com/qemu-project/capstone.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Make travis print the fuzzed input to be used with cstool 

Adds architectures and modes to cstool as well
This commit is contained in:
Philippe Antoine 2019-02-27 08:51:34 +01:00 committed by Nguyen Anh Quynh
parent 2defd57568
commit e3bcb06681
3 changed files with 89 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cstool/cstool.c
View File

@ -20,6 +20,8 @@ static struct {
{ "armbe", CS_ARCH_ARM, CS_MODE_ARM | CS_MODE_BIG_ENDIAN },
{ "arml", CS_ARCH_ARM, CS_MODE_ARM | CS_MODE_LITTLE_ENDIAN },
{ "armle", CS_ARCH_ARM, CS_MODE_ARM | CS_MODE_LITTLE_ENDIAN },
{ "armv8", CS_ARCH_ARM, CS_MODE_ARM | CS_MODE_V8 },
{ "thumbv8", CS_ARCH_ARM, CS_MODE_ARM | CS_MODE_THUMB | CS_MODE_V8 },
{ "cortexm", CS_ARCH_ARM, CS_MODE_ARM | CS_MODE_THUMB | CS_MODE_MCLASS },
{ "thumb", CS_ARCH_ARM, CS_MODE_ARM | CS_MODE_THUMB },
{ "thumbbe", CS_ARCH_ARM, CS_MODE_ARM | CS_MODE_THUMB | CS_MODE_BIG_ENDIAN },
@ -27,6 +29,12 @@ static struct {
{ "arm64", CS_ARCH_ARM64, CS_MODE_LITTLE_ENDIAN },
{ "arm64be", CS_ARCH_ARM64, CS_MODE_BIG_ENDIAN },
{ "mips", CS_ARCH_MIPS, CS_MODE_MIPS32 | CS_MODE_LITTLE_ENDIAN },
{ "mipsmicro", CS_ARCH_MIPS, CS_MODE_MIPS32 | CS_MODE_MICRO },
{ "mipsbemicro", CS_ARCH_MIPS, CS_MODE_MIPS32 | CS_MODE_MICRO | CS_MODE_BIG_ENDIAN },
{ "mipsbe32r6", CS_ARCH_MIPS, CS_MODE_MIPS32R6 | CS_MODE_BIG_ENDIAN},
{ "mipsbe32r6micro", CS_ARCH_MIPS, CS_MODE_MIPS32R6 | CS_MODE_BIG_ENDIAN | CS_MODE_MICRO },
{ "mips32r6", CS_ARCH_MIPS, CS_MODE_MIPS32R6 },
{ "mips32r6micro", CS_ARCH_MIPS, CS_MODE_MIPS32R6 | CS_MODE_MICRO },
{ "mipsbe", CS_ARCH_MIPS, CS_MODE_MIPS32 | CS_MODE_BIG_ENDIAN },
{ "mips64", CS_ARCH_MIPS, CS_MODE_MIPS64 | CS_MODE_LITTLE_ENDIAN },
{ "mips64be", CS_ARCH_MIPS, CS_MODE_MIPS64 | CS_MODE_BIG_ENDIAN },
@ -39,6 +47,7 @@ static struct {
{ "ppc64", CS_ARCH_PPC, CS_MODE_64 | CS_MODE_LITTLE_ENDIAN },
{ "ppc64be", CS_ARCH_PPC, CS_MODE_64 | CS_MODE_BIG_ENDIAN },
{ "sparc", CS_ARCH_SPARC, CS_MODE_BIG_ENDIAN },
{ "sparcv9", CS_ARCH_SPARC, CS_MODE_BIG_ENDIAN | CS_MODE_V9 },
{ "systemz", CS_ARCH_SYSZ, CS_MODE_BIG_ENDIAN },
{ "sysz", CS_ARCH_SYSZ, CS_MODE_BIG_ENDIAN },
{ "s390x", CS_ARCH_SYSZ, CS_MODE_BIG_ENDIAN },
@ -46,7 +55,6 @@ static struct {
{ "m68k", CS_ARCH_M68K, CS_MODE_BIG_ENDIAN },
{ "m68k40", CS_ARCH_M68K, CS_MODE_M68K_040 },
{ "tms320c64x", CS_ARCH_TMS320C64X, CS_MODE_BIG_ENDIAN },
{ "tms320c64x", CS_ARCH_TMS320C64X, CS_MODE_BIG_ENDIAN },
{ "m6800", CS_ARCH_M680X, CS_MODE_M680X_6800 },
{ "m6801", CS_ARCH_M680X, CS_MODE_M680X_6801 },
{ "m6805", CS_ARCH_M680X, CS_MODE_M680X_6805 },

11
suite/fuzz/driverbin.c
View File

@ -5,6 +5,7 @@
#include <unistd.h>
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
const char * cs_fuzz_arch(uint8_t arch);
int main(int argc, char** argv)
{
@ -14,6 +15,7 @@ int main(int argc, char** argv)
DIR *d;
struct dirent *dir;
int r = 0;
int i;
if (argc != 2) {
return 1;
@ -35,7 +37,7 @@ int main(int argc, char** argv)
if (dir->d_type != DT_REG) {
continue;
}
printf("Running %s\n", dir->d_name);
printf("Running file %s ", dir->d_name);
fflush(stdout);
fp = fopen(dir->d_name, "rb");
if (fp == NULL) {
@ -66,6 +68,13 @@ int main(int argc, char** argv)
r = 8;
break;
}
if (Size > 0) {
printf("command cstool %s\n", cs_fuzz_arch(Data[0]));
}
for (i=0; i<Size; i++) {
printf("%02x", Data[i]);
}
printf("\n");
//lauch fuzzer
LLVMFuzzerTestOneInput(Data, Size);

102
suite/fuzz/fuzz_disasm.c
View File

@ -16,6 +16,7 @@ struct platform {
cs_arch arch;
cs_mode mode;
const char *comment;
const char *cstoolname;
};
static FILE *outfile = NULL;
@ -25,202 +26,239 @@ static struct platform platforms[] = {
// item 0
CS_ARCH_X86,
CS_MODE_32,
"X86 32 (Intel syntax)"
"X86 32 (Intel syntax)",
"x32"
},
{
// item 1
CS_ARCH_X86,
CS_MODE_64,
"X86 64 (Intel syntax)"
"X86 64 (Intel syntax)",
"x64"
},
{
// item 2
CS_ARCH_ARM,
CS_MODE_ARM,
"ARM"
"ARM",
"arm"
},
{
// item 3
CS_ARCH_ARM,
CS_MODE_THUMB,
"THUMB"
"THUMB",
"thumb"
},
{
// item 4
CS_ARCH_ARM,
(cs_mode)(CS_MODE_ARM + CS_MODE_V8),
"Arm-V8"
"Arm-V8",
"armv8"
},
{
// item 5
CS_ARCH_ARM,
(cs_mode)(CS_MODE_THUMB+CS_MODE_V8),
"THUMB+V8"
"THUMB+V8",
"thumbv8"
},
{
// item 6
CS_ARCH_ARM,
(cs_mode)(CS_MODE_THUMB + CS_MODE_MCLASS),
"Thumb-MClass"
"Thumb-MClass",
"cortexm"
},
{
// item 7
CS_ARCH_ARM64,
(cs_mode)0,
"ARM-64"
"ARM-64",
"arm64"
},
{
// item 8
CS_ARCH_MIPS,
(cs_mode)(CS_MODE_MIPS32 + CS_MODE_BIG_ENDIAN),
"MIPS-32 (Big-endian)"
"MIPS-32 (Big-endian)",
"mipsbe"
},
{
// item 9
CS_ARCH_MIPS,
(cs_mode)(CS_MODE_MIPS32 + CS_MODE_MICRO),
"MIPS-32 (micro)"
"MIPS-32 (micro)",
"mipsmicro"
},
{
//item 10
CS_ARCH_MIPS,
CS_MODE_MIPS64,
"MIPS-64-EL (Little-endian)"
"MIPS-64-EL (Little-endian)",
"mips64"
},
{
//item 11
CS_ARCH_MIPS,
CS_MODE_MIPS32,
"MIPS-32-EL (Little-endian)"
"MIPS-32-EL (Little-endian)",
"mips"
},
{
//item 12
CS_ARCH_MIPS,
(cs_mode)(CS_MODE_MIPS64 + CS_MODE_BIG_ENDIAN),
"MIPS-64 (Big-endian)"
"MIPS-64 (Big-endian)",
"mips64be"
},
{
//item 13
CS_ARCH_MIPS,
(cs_mode)(CS_MODE_MIPS32 + CS_MODE_MICRO + CS_MODE_BIG_ENDIAN),
"MIPS-32 | Micro (Big-endian)"
"MIPS-32 | Micro (Big-endian)",
"mipsbemicro"
},
{
//item 14
CS_ARCH_PPC,
CS_MODE_BIG_ENDIAN,
"PPC-64"
"PPC-64",
"ppc64"
},
{
//item 15
CS_ARCH_SPARC,
CS_MODE_BIG_ENDIAN,
"Sparc"
"Sparc",
"sparc"
},
{
//item 16
CS_ARCH_SPARC,
(cs_mode)(CS_MODE_BIG_ENDIAN + CS_MODE_V9),
"SparcV9"
"SparcV9",
"sparcv9"
},
{
//item 17
CS_ARCH_SYSZ,
(cs_mode)0,
"SystemZ"
"SystemZ",
"systemz"
},
{
//item 18
CS_ARCH_XCORE,
(cs_mode)0,
"XCore"
"XCore",
"xcore"
},
{
//item 19
CS_ARCH_MIPS,
(cs_mode)(CS_MODE_MIPS32R6 + CS_MODE_BIG_ENDIAN),
"MIPS-32R6 (Big-endian)"
"MIPS-32R6 (Big-endian)",
"mipsbe32r6"
},
{
//item 20
CS_ARCH_MIPS,
(cs_mode)(CS_MODE_MIPS32R6 + CS_MODE_MICRO + CS_MODE_BIG_ENDIAN),
"MIPS-32R6 (Micro+Big-endian)"
"MIPS-32R6 (Micro+Big-endian)",
"mipsbe32r6micro"
},
{
//item 21
CS_ARCH_MIPS,
CS_MODE_MIPS32R6,
"MIPS-32R6 (Little-endian)"
"MIPS-32R6 (Little-endian)",
"mips32r6"
},
{
//item 22
CS_ARCH_MIPS,
(cs_mode)(CS_MODE_MIPS32R6 + CS_MODE_MICRO),
"MIPS-32R6 (Micro+Little-endian)"
"MIPS-32R6 (Micro+Little-endian)",
"mips32r6micro"
},
{
//item 23
CS_ARCH_M68K,
(cs_mode)0,
"M68K"
"M68K",
"m68k"
},
{
//item 24
CS_ARCH_M680X,
(cs_mode)CS_MODE_M680X_6809,
"M680X_M6809"
"M680X_M6809",
"m6809"
},
{
//item 25
CS_ARCH_EVM,
(cs_mode)0,
"EVM"
"EVM",
"evm"
},
{
//item 26
CS_ARCH_MOS65XX,
(cs_mode)0,
"MOS65XX"
"MOS65XX",
"mos65xx"
},
{
//item 27
CS_ARCH_TMS320C64X,
CS_MODE_BIG_ENDIAN,
"tms320c64x",
"tms320c64x"
},
{
//item 28
CS_ARCH_WASM,
(cs_mode)0,
"WASM"
"WASM",
"wasm"
},
{
//item 29
CS_ARCH_BPF,
CS_MODE_LITTLE_ENDIAN | CS_MODE_BPF_CLASSIC,
"cBPF"
"cBPF",
"bpf"
},
{
//item 30
CS_ARCH_BPF,
CS_MODE_LITTLE_ENDIAN | CS_MODE_BPF_EXTENDED,
"eBPF"
"eBPF",
"ebpf"
},
{
//item 31
CS_ARCH_BPF,
CS_MODE_BIG_ENDIAN | CS_MODE_BPF_CLASSIC,
"cBPF"
"cBPF",
"bpfbe"
},
{
//item 32
CS_ARCH_BPF,
CS_MODE_BIG_ENDIAN | CS_MODE_BPF_EXTENDED,
"eBPF"
"eBPF",
"ebpfbe"
},
};
const char * cs_fuzz_arch(uint8_t arch) {
return platforms[arch % sizeof(platforms)/sizeof(platforms[0])].cstoolname;
}
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
csh handle;
cs_insn *all_insn;