Update libafl-based fuzzers (from AFL++ fork) (#2027)

Changing forks so @tokatoka can collab with me on this. Supercedes #2021. As requested in #2020.
google · Aug 16, 2024 · e72f5bb · e72f5bb
1 parent b2f87ff
commit e72f5bb
Show file tree

Hide file tree

Showing 12 changed files with 13 additions and 335 deletions.
diff --git a/benchmarks/harfbuzz_hb-shape-fuzzer_17863b/build.sh b/benchmarks/harfbuzz_hb-shape-fuzzer_17863b/build.sh
@@ -25,8 +25,8 @@ python3.8 -m pip install ninja meson==0.56.0
 
 # Disable:
 # 1. UBSan vptr since target built with -fno-rtti.
-export CFLAGS="$CFLAGS -fno-sanitize=vptr -DHB_NO_VISIBILITY"
-export CXXFLAGS="$CXXFLAGS -fno-sanitize=vptr -DHB_NO_VISIBILITY"
+export CFLAGS="$CFLAGS -fno-sanitize=vptr -DHB_NO_VISIBILITY -DHB_NO_PRAGMA_GCC_DIAGNOSTIC -Wno-cast-function-type-strict -Wno-incompatible-function-pointer-types-strict"
+export CXXFLAGS="$CXXFLAGS -fno-sanitize=vptr -DHB_NO_VISIBILITY -DHB_NO_PRAGMA_GCC_DIAGNOSTIC -Wno-cast-function-type-strict -Wno-incompatible-function-pointer-types-strict"
 
 # setup
 build=$WORK/build

diff --git a/fuzzers/aflrustrust/builder.Dockerfile b/fuzzers/aflrustrust/builder.Dockerfile
diff --git a/fuzzers/aflrustrust/description.md b/fuzzers/aflrustrust/description.md
diff --git a/fuzzers/aflrustrust/fuzzer.py b/fuzzers/aflrustrust/fuzzer.py
diff --git a/fuzzers/aflrustrust/runner.Dockerfile b/fuzzers/aflrustrust/runner.Dockerfile
diff --git a/fuzzers/libafl/builder.Dockerfile b/fuzzers/libafl/builder.Dockerfile
@@ -18,7 +18,7 @@ FROM $parent_image
 # Uninstall old Rust & Install the latest one.
 RUN if which rustup; then rustup self uninstall -y; fi && \
     curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /rustup.sh && \
-    sh /rustup.sh --default-toolchain nightly-2023-09-21 -y && \
+    sh /rustup.sh --default-toolchain nightly-2024-08-12 -y && \
     rm /rustup.sh
 
 # Install dependencies.
@@ -34,27 +34,21 @@ RUN apt-get update && \
 
 RUN wget https://gist.githubusercontent.com/tokatoka/26f4ba95991c6e33139999976332aa8e/raw/698ac2087d58ce5c7a6ad59adce58dbfdc32bd46/createAliases.sh && chmod u+x ./createAliases.sh && ./createAliases.sh 
 
-# Uninstall old Rust & Install the latest one.
-RUN if which rustup; then rustup self uninstall -y; fi && \
-    curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /rustup.sh && \
-    sh /rustup.sh --default-toolchain nightly-2024-03-12 -y && \
-    rm /rustup.sh
-
 # Download libafl.
 RUN git clone https://github.com/AFLplusplus/LibAFL /libafl
 
 # Checkout a current commit
-RUN cd /libafl && git pull && git checkout b4efb6151550a37f61a869acf2957a1b07894a93 || true
+RUN cd /libafl && git pull && git checkout f3433767bea0cc3d7ee3b4c08be138e61d20c468 || true
 # Note that due a nightly bug it is currently fixed to a known version on top!
 
 # Compile libafl.
 RUN cd /libafl && \
     unset CFLAGS CXXFLAGS && \
     export LIBAFL_EDGES_MAP_SIZE=2621440 && \
-    cd ./fuzzers/fuzzbench && \
+    cd ./fuzzers/fuzzbench/fuzzbench && \
     PATH="/root/.cargo/bin/:$PATH" cargo build --profile release-fuzzbench --features no_link_main
 
 # Auxiliary weak references.
-RUN cd /libafl/fuzzers/fuzzbench && \
+RUN cd /libafl/fuzzers/fuzzbench/fuzzbench && \
     clang -c stub_rt.c && \
     ar r /stub_rt.a stub_rt.o
diff --git a/fuzzers/libafl/fuzzer.py b/fuzzers/libafl/fuzzer.py
@@ -40,10 +40,10 @@ def prepare_fuzz_environment(input_corpus):
 
 def build():  # pylint: disable=too-many-branches,too-many-statements
     """Build benchmark."""
-    os.environ[
-        'CC'] = '/libafl/fuzzers/fuzzbench/target/release-fuzzbench/libafl_cc'
-    os.environ[
-        'CXX'] = '/libafl/fuzzers/fuzzbench/target/release-fuzzbench/libafl_cxx'
+    os.environ['CC'] = ('/libafl/fuzzers/fuzzbench/fuzzbench'
+                        '/target/release-fuzzbench/libafl_cc')
+    os.environ['CXX'] = ('/libafl/fuzzers/fuzzbench/fuzzbench'
+                         '/target/release-fuzzbench/libafl_cxx')
 
     os.environ['ASAN_OPTIONS'] = 'abort_on_error=0:allocator_may_return_null=1'
     os.environ['UBSAN_OPTIONS'] = 'abort_on_error=0'

diff --git a/fuzzers/libafl_libfuzzer/builder.Dockerfile b/fuzzers/libafl_libfuzzer/builder.Dockerfile
@@ -28,15 +28,15 @@ RUN apt-get update && \
 # Uninstall old Rust & Install the latest one.
 RUN if which rustup; then rustup self uninstall -y; fi && \
     curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /rustup.sh && \
-    sh /rustup.sh --default-toolchain nightly-2023-08-23 -y && \
+    sh /rustup.sh --default-toolchain nightly-2024-08-12 -y && \
     rm /rustup.sh
 
 # Download libafl.
 RUN git clone https://github.com/AFLplusplus/libafl /libafl && \
     cd /libafl && \
-    git checkout defe9084aed5a80ac32fe9a1f3ff00baf97738c6 && \
+    git checkout f3433767bea0cc3d7ee3b4c08be138e61d20c468 && \
     unset CFLAGS CXXFLAGS && \
     export LIBAFL_EDGES_MAP_SIZE=2621440 && \
-    cd ./libafl_libfuzzer/libafl_libfuzzer_runtime && \
+    cd ./libafl_libfuzzer_runtime && \
     env -i CXX=$CXX CC=$CC PATH="/root/.cargo/bin/:$PATH" cargo build --profile release-fuzzbench && \
     cp ./target/release-fuzzbench/libafl_libfuzzer_runtime.a /usr/lib/libFuzzer.a
diff --git a/fuzzers/libafl_text/builder.Dockerfile b/fuzzers/libafl_text/builder.Dockerfile
diff --git a/fuzzers/libafl_text/description.md b/fuzzers/libafl_text/description.md
diff --git a/fuzzers/libafl_text/fuzzer.py b/fuzzers/libafl_text/fuzzer.py