-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathAFLDWordAddSubMutator.cpp
More file actions
137 lines (120 loc) · 4.42 KB
/
AFLDWordAddSubMutator.cpp
File metadata and controls
137 lines (120 loc) · 4.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
/* =============================================================================
* Vader Modular Fuzzer (VMF)
* Copyright (c) 2021-2023 The Charles Stark Draper Laboratory, Inc.
* <vader@draper.com>
*
* Effort sponsored by the U.S. Government under Other Transaction number
* W9124P-19-9-0001 between AMTC and the Government. The U.S. Government
* Is authorized to reproduce and distribute reprints for Governmental purposes
* notwithstanding any copyright notation thereon.
*
* The views and conclusions contained herein are those of the authors and
* should not be interpreted as necessarily representing the official policies
* or endorsements, either expressed or implied, of the U.S. Government.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 (only) as
* published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @license GPL-2.0-only <https://spdx.org/licenses/GPL-2.0-only.html>
* ===========================================================================*/
/*****
* The following includes code copied from the LibAFL_Legacy repository.
*
* american fuzzy lop++ - fuzzer header
* ------------------------------------
* Originally written by Michal Zalewski
* Now maintained by Marc Heuse <mh@mh-sec.de>,
* Heiko Eißfeldt <heiko.eissfeldt@hexco.de>,
* Andrea Fioraldi <andreafioraldi@gmail.com>,
* Dominik Maier <mail@dmnk.co>
* Copyright 2016, 2017 Google Inc. All rights reserved.
* Copyright 2019-2020 AFLplusplus Project. All rights reserved.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
* http://www.apache.org/licenses/LICENSE-2.0
* This is the Library based on AFL++ which can be used to build
* customized fuzzers for a specific target while taking advantage of
* a lot of features that AFL++ already provides.
*/
#include "AFLDWordAddSubMutator.hpp"
#include "RuntimeException.hpp"
#include <random>
#include <algorithm>
using namespace vmf;
using u32 = uint32_t;
#include "ModuleFactory.hpp"
REGISTER_MODULE(AFLDWordAddSubMutator);
/**
* @brief Builder method to support the ModuleFactory
* Constructs an instance of this class
* @return Module*
*/
Module* AFLDWordAddSubMutator::build(std::string name)
{
return new AFLDWordAddSubMutator(name);
}
/**
* @brief Initialization method
*
* @param config
*/
void AFLDWordAddSubMutator::init(ConfigInterface& config)
{
}
/**
* @brief Construct a new AFLDWordAddSubMutator::AFLDWordAddSubMutator object
*
* @param name the name of the module
*/
AFLDWordAddSubMutator::AFLDWordAddSubMutator(std::string name) :
MutatorModule(name)
{
// rand->randInit();
}
/**
* @brief Destroy the AFLDWordAddSubMutator::AFLDWordAddSubMutator object
*
*/
AFLDWordAddSubMutator::~AFLDWordAddSubMutator()
{
}
/**
* @brief Registers storage needs
* This class uses only the "TEST_CASE" key
*
* @param registry
*/
void AFLDWordAddSubMutator::registerStorageNeeds(StorageRegistry& registry)
{
testCaseKey = registry.registerKey("TEST_CASE", StorageRegistry::BUFFER, StorageRegistry::READ_WRITE);
}
void AFLDWordAddSubMutator::mutateTestCase(StorageModule& storage, StorageEntry* baseEntry, StorageEntry* newEntry, int testCaseKey)
{
int size = baseEntry->getBufferSize(testCaseKey);
char* buffer = baseEntry->getBufferPointer(testCaseKey);
if(size <= 0)
{
throw RuntimeException("AFLDWordAddSubMutator mutate called with zero sized buffer", RuntimeException::USAGE_ERROR);
}
// Copy base entry to new entry
char* newBuff = newEntry->allocateBuffer(testCaseKey, size);
memcpy((void*)newBuff, (void*)buffer, size);
if(size < 4)
{
return;
}
int byte = rand->randBelow(size - 3);
*(u32 *)(newBuff + byte) -= 1 + (u32)rand->randBelow(ARITH_MAX);
*(u32 *)(newBuff + byte) += 1 + (u32)rand->randBelow(ARITH_MAX);
return;
}