Add some test coverage code.

d33tah · Sep 29, 2015 · 26c6a16 · 26c6a16
1 parent 8926d18
commit 26c6a16
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 2 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -21,4 +21,9 @@ ADD ./setup-afl_cc /usr/bin/setup-afl_cc
 RUN setup-afl_cc
 
 RUN mkdir ~/pkg ~/pkgs ~/logs
+
+RUN mkdir ~/fuzz-results ~/pkgs-coverage
+RUN apt-get install lcov -y
+ADD ./testcases /root/testcases
+ADD ./fuzz-pkg.sh /root/
 CMD [ "aflize" ]
diff --git a/README.md b/README.md
@@ -11,8 +11,8 @@ USAGE
 Run the following commands:
 
 ```
-sudo docker build -t "d33tah/afl-sid" .
-sudo docker run --name="afl-sid-container" d33tah/afl-sid | tee log.txt
+sudo docker build -t "d33tah/afl-sid-coverage" .
+sudo docker run --name="afl-sid-container" d33tah/afl-sid-coverage /root/fuzz-pkg.sh bison
 sudo docker pull afl-sid-container:/root/pkgs .
 sudo chown -R $USER pkgs
 sudo docker rm afl-sid-container

diff --git a/fuzz-pkg.sh b/fuzz-pkg.sh
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+. /etc/profile.d/afl-sh-profile
+
+aflize $1
+dpkg -i ~/pkgs/*.deb
+apt-get -f install -y
+
+ASAN_OPTIONS=abort_on_error=1 timeout \
+    15s \
+    afl-fuzz \
+        -i ~/testcases \
+        -o ~/fuzz-results/$1 \
+        $1 @@
+
+export CC=`echo $AFL_CC`
+export CXX=`echo $AFL_CXX`
+cd ~/pkg
+rm -rf *
+apt-get source $1
+cd *
+export CFLAGS="-fprofile-arcs -ftest-coverage"
+export CXXFLAGS="-fprofile-arcs -ftest-coverage"
+export LDFLAGS="-lgcov"
+dpkg-buildpackage -uc -us -Jauto
+mv ~/pkg/*.deb ~/pkgs-coverage
+dpkg -i ~/pkgs-coverage/*.deb
+
+mkdir ~/fuzz-results/$1/coverage
+for file in ~/fuzz-results/$1/queue/*; do
+    #find ~/pkg | egrep '\.gc(da|no)$' | xargs rm
+    $1 $file
+    COVFILE=~/fuzz-results/$1/coverage/`basename $file`
+    lcov -o $COVFILE -c -d /root/pkg -q
+    lcov --summary $COVFILE
+done
+exit 0
diff --git a/testcases/one-byte b/testcases/one-byte
@@ -0,0 +1 @@
+a