From 32c3417a7200b1de43277eb7ec942b39c069e4bf Mon Sep 17 00:00:00 2001 From: toka Date: Fri, 22 Sep 2023 19:35:11 +0200 Subject: [PATCH 01/20] update --- fuzzers/libafl/builder.Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fuzzers/libafl/builder.Dockerfile b/fuzzers/libafl/builder.Dockerfile index f1d027780..81c73d0da 100644 --- a/fuzzers/libafl/builder.Dockerfile +++ b/fuzzers/libafl/builder.Dockerfile @@ -18,7 +18,7 @@ FROM $parent_image # Uninstall old Rust & Install the latest one. RUN if which rustup; then rustup self uninstall -y; fi && \ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /rustup.sh && \ - sh /rustup.sh --default-toolchain nightly-2023-03-29 -y && \ + sh /rustup.sh --default-toolchain nightly -y && \ rm /rustup.sh # Install dependencies. @@ -38,7 +38,7 @@ RUN apt-get update && \ RUN git clone https://github.com/AFLplusplus/LibAFL /libafl # Checkout a current commit -RUN cd /libafl && git checkout 8ff8ae41f1ed2956bb1e906c5c7bd0505ca110c0 || true +RUN cd /libafl && git checkout 6251ad00517e8d3964daae46bc1164a4f4660662 || true # Note that due a nightly bug it is currently fixed to a known version on top! # Compile libafl. From 27a796a19e8ffdf09ee6cac6c0cfa48a58673c2b Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Fri, 22 Sep 2023 23:52:00 +0200 Subject: [PATCH 02/20] Update builder.Dockerfile --- fuzzers/libafl/builder.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzers/libafl/builder.Dockerfile b/fuzzers/libafl/builder.Dockerfile index 81c73d0da..af9dbb286 100644 --- a/fuzzers/libafl/builder.Dockerfile +++ b/fuzzers/libafl/builder.Dockerfile @@ -38,7 +38,7 @@ RUN apt-get update && \ RUN git clone https://github.com/AFLplusplus/LibAFL /libafl # Checkout a current commit -RUN cd /libafl && git checkout 6251ad00517e8d3964daae46bc1164a4f4660662 || true +RUN cd /libafl && git checkout c103444396697af102dce2b936a00e93017057ba || true # Note that due a nightly bug it is currently fixed to a known version on top! # Compile libafl. From 9c402244b7a5e68bb161e4ed71b40b5fbe96253c Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Fri, 22 Sep 2023 23:54:20 +0200 Subject: [PATCH 03/20] Update builder.Dockerfile --- fuzzers/libafl/builder.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzers/libafl/builder.Dockerfile b/fuzzers/libafl/builder.Dockerfile index af9dbb286..37d9f1074 100644 --- a/fuzzers/libafl/builder.Dockerfile +++ b/fuzzers/libafl/builder.Dockerfile @@ -46,7 +46,7 @@ RUN cd /libafl && \ unset CFLAGS CXXFLAGS && \ export LIBAFL_EDGES_MAP_SIZE=2621440 && \ cd ./fuzzers/fuzzbench && \ - PATH="/root/.cargo/bin/:$PATH" cargo build --release --features no_link_main + PATH="/root/.cargo/bin/:$PATH" cargo build --profile release-fuzzbench --features no_link_main # Auxiliary weak references. RUN cd /libafl/fuzzers/fuzzbench && \ From e15c33bc42642ee6a75dde347b46304b7ede9183 Mon Sep 17 00:00:00 2001 From: toka Date: Sat, 23 Sep 2023 10:12:02 +0000 Subject: [PATCH 04/20] last fix --- fuzzers/libafl/fuzzer.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fuzzers/libafl/fuzzer.py b/fuzzers/libafl/fuzzer.py index d00bb1dd5..ebf4c01e6 100755 --- a/fuzzers/libafl/fuzzer.py +++ b/fuzzers/libafl/fuzzer.py @@ -40,8 +40,8 @@ def prepare_fuzz_environment(input_corpus): def build(): # pylint: disable=too-many-branches,too-many-statements """Build benchmark.""" - os.environ['CC'] = '/libafl/fuzzers/fuzzbench/target/release/libafl_cc' - os.environ['CXX'] = '/libafl/fuzzers/fuzzbench/target/release/libafl_cxx' + os.environ['CC'] = '/libafl/fuzzers/fuzzbench/target/release-fuzzbench/libafl_cc' + os.environ['CXX'] = '/libafl/fuzzers/fuzzbench/target/release-fuzzbench/libafl_cxx' os.environ['ASAN_OPTIONS'] = 'abort_on_error=0:allocator_may_return_null=1' os.environ['UBSAN_OPTIONS'] = 'abort_on_error=0' From 4dc7f9df19d14d5beb8d86c3f39268dbec2aae39 Mon Sep 17 00:00:00 2001 From: toka Date: Sat, 23 Sep 2023 11:13:17 +0000 Subject: [PATCH 05/20] rust version? --- fuzzers/libafl/builder.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzers/libafl/builder.Dockerfile b/fuzzers/libafl/builder.Dockerfile index 37d9f1074..0864a173a 100644 --- a/fuzzers/libafl/builder.Dockerfile +++ b/fuzzers/libafl/builder.Dockerfile @@ -18,7 +18,7 @@ FROM $parent_image # Uninstall old Rust & Install the latest one. RUN if which rustup; then rustup self uninstall -y; fi && \ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /rustup.sh && \ - sh /rustup.sh --default-toolchain nightly -y && \ + sh /rustup.sh --default-toolchain nightly-2023-09-21 -y && \ rm /rustup.sh # Install dependencies. From 11185081f47cfc0007e22528a5202f017ed8e16b Mon Sep 17 00:00:00 2001 From: toka Date: Sat, 23 Sep 2023 11:17:00 +0000 Subject: [PATCH 06/20] FMT --- fuzzers/libafl/fuzzer.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/fuzzers/libafl/fuzzer.py b/fuzzers/libafl/fuzzer.py index ebf4c01e6..9753e1fdb 100755 --- a/fuzzers/libafl/fuzzer.py +++ b/fuzzers/libafl/fuzzer.py @@ -40,8 +40,10 @@ def prepare_fuzz_environment(input_corpus): def build(): # pylint: disable=too-many-branches,too-many-statements """Build benchmark.""" - os.environ['CC'] = '/libafl/fuzzers/fuzzbench/target/release-fuzzbench/libafl_cc' - os.environ['CXX'] = '/libafl/fuzzers/fuzzbench/target/release-fuzzbench/libafl_cxx' + os.environ[ + 'CC'] = '/libafl/fuzzers/fuzzbench/target/release-fuzzbench/libafl_cc' + os.environ[ + 'CXX'] = '/libafl/fuzzers/fuzzbench/target/release-fuzzbench/libafl_cxx' os.environ['ASAN_OPTIONS'] = 'abort_on_error=0:allocator_may_return_null=1' os.environ['UBSAN_OPTIONS'] = 'abort_on_error=0' From 04d430ce0e3eb118e32b62fa507d03b0a7886c99 Mon Sep 17 00:00:00 2001 From: toka Date: Sat, 23 Sep 2023 14:08:10 +0000 Subject: [PATCH 07/20] Delete libafl_forkserver, update commit for aflrustrust --- fuzzers/aflrustrust/builder.Dockerfile | 6 +- fuzzers/aflrustrust/fuzzer.py | 2 +- fuzzers/libafl_forkserver/builder.Dockerfile | 56 ---------------- fuzzers/libafl_forkserver/description.md | 13 ---- fuzzers/libafl_forkserver/fuzzer.py | 67 -------------------- fuzzers/libafl_forkserver/runner.Dockerfile | 23 ------- 6 files changed, 4 insertions(+), 163 deletions(-) delete mode 100644 fuzzers/libafl_forkserver/builder.Dockerfile delete mode 100644 fuzzers/libafl_forkserver/description.md delete mode 100755 fuzzers/libafl_forkserver/fuzzer.py delete mode 100644 fuzzers/libafl_forkserver/runner.Dockerfile diff --git a/fuzzers/aflrustrust/builder.Dockerfile b/fuzzers/aflrustrust/builder.Dockerfile index 7835c03b7..ccc7afc4f 100644 --- a/fuzzers/aflrustrust/builder.Dockerfile +++ b/fuzzers/aflrustrust/builder.Dockerfile @@ -24,7 +24,7 @@ RUN apt-get update && \ # Uninstall old Rust & Install the latest one. RUN if which rustup; then rustup self uninstall -y; fi && \ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /rustup.sh && \ - sh /rustup.sh --default-toolchain nightly -y && \ + sh /rustup.sh --default-toolchain nightly-2023-09-21 -y && \ rm /rustup.sh # Download afl++. @@ -46,11 +46,11 @@ RUN cd /afl && \ RUN git clone https://github.com/AFLplusplus/LibAFL /libafl # Checkout a current commit -RUN cd /libafl && git checkout 8bffd28b4c357b315acb9cecd92cbf2b734a625a +RUN cd /libafl && git checkout c103444396697af102dce2b936a00e93017057ba # Compile libafl. RUN cd /libafl && \ unset CFLAGS CXXFLAGS && \ cd ./fuzzers/fuzzbench_forkserver && \ - PATH="/root/.cargo/bin/:$PATH" cargo build --release + PATH="/root/.cargo/bin/:$PATH" cargo build --profile release-fuzzbench diff --git a/fuzzers/aflrustrust/fuzzer.py b/fuzzers/aflrustrust/fuzzer.py index c8b66976f..81cc4b2f2 100755 --- a/fuzzers/aflrustrust/fuzzer.py +++ b/fuzzers/aflrustrust/fuzzer.py @@ -30,7 +30,7 @@ def build(): # Copy to fuzzer to OUT build_directory = os.environ['OUT'] fuzzer = '/libafl/fuzzers/fuzzbench_forkserver/' \ - 'target/release/fuzzbench_forkserver' + 'target/release-fuzzbench/fuzzbench_forkserver' shutil.copy(fuzzer, build_directory) diff --git a/fuzzers/libafl_forkserver/builder.Dockerfile b/fuzzers/libafl_forkserver/builder.Dockerfile deleted file mode 100644 index d0894e72f..000000000 --- a/fuzzers/libafl_forkserver/builder.Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ARG parent_image -FROM $parent_image - -# Install dependencies. -RUN apt-get update && \ - apt-get install -y build-essential libstdc++5 libtool-bin automake flex \ - bison libglib2.0-dev python3-setuptools unzip python3-dev joe curl \ - cmake git apt-utils apt-transport-https ca-certificates libdbus-1-dev - -# Uninstall old Rust & Install the latest one. -RUN if which rustup; then rustup self uninstall -y; fi && \ - curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /rustup.sh && \ - sh /rustup.sh --default-toolchain nightly -y && \ - rm /rustup.sh - -# Download afl++. -RUN git clone https://github.com/AFLplusplus/AFLplusplus /afl - -# Checkout a current commit -RUN cd /afl && git checkout 8cdc48f73a17ddd557897f2098937a8ba3bfe184 - -# Build without Python support as we don't need it. -# Set AFL_NO_X86 to skip flaky tests. -RUN cd /afl && \ - unset CFLAGS CXXFLAGS && \ - export CC=clang AFL_NO_X86=1 && \ - PYTHON_INCLUDE=/ make && \ - make install && \ - cp utils/aflpp_driver/libAFLDriver.a / - -# Download libafl. -RUN git clone https://github.com/AFLplusplus/LibAFL /libafl - -# Checkout a current commit -RUN cd /libafl && git checkout 664e87809e6005f1814df1b55a345e7b2247f15b - -# Compile libafl. -RUN cd /libafl && \ - unset CFLAGS CXXFLAGS && \ - cd ./fuzzers/fuzzbench_forkserver && \ - PATH="/root/.cargo/bin/:$PATH" cargo build --release - diff --git a/fuzzers/libafl_forkserver/description.md b/fuzzers/libafl_forkserver/description.md deleted file mode 100644 index 445a27663..000000000 --- a/fuzzers/libafl_forkserver/description.md +++ /dev/null @@ -1,13 +0,0 @@ -# aflplusplus - -AFL++ fuzzer instance that has the following config active for all benchmarks: - - PCGUARD instrumentation - - cmplog feature - - "fast" power schedule - - persistent mode + shared memory test cases - -Repository: [https://github.com/AFLplusplus/AFLplusplus/](https://github.com/AFLplusplus/AFLplusplus/) - -[builder.Dockerfile](builder.Dockerfile) -[fuzzer.py](fuzzer.py) -[runner.Dockerfile](runner.Dockerfile) diff --git a/fuzzers/libafl_forkserver/fuzzer.py b/fuzzers/libafl_forkserver/fuzzer.py deleted file mode 100755 index c8b66976f..000000000 --- a/fuzzers/libafl_forkserver/fuzzer.py +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -"""Integration code for a LibAFL fuzzer with an AFL++ forkserver.""" - -import os -import shutil -import subprocess - -from fuzzers import utils -from fuzzers.aflplusplus import fuzzer as aflplusplus_fuzzer -from fuzzers.libafl import fuzzer as libafl_fuzzer - - -def build(): - """Build benchmark.""" - # Build the target with AFL++ - aflplusplus_fuzzer.build('tracepc', 'cmplog', 'dict2file') - - # Copy to fuzzer to OUT - build_directory = os.environ['OUT'] - fuzzer = '/libafl/fuzzers/fuzzbench_forkserver/' \ - 'target/release/fuzzbench_forkserver' - shutil.copy(fuzzer, build_directory) - - -def fuzz(input_corpus, output_corpus, target_binary): - """Run fuzzer.""" - # Calculate CmpLog binary path from the instrumented target binary. - target_binary_directory = os.path.dirname(target_binary) - cmplog_target_binary_directory = \ - aflplusplus_fuzzer.get_cmplog_build_directory(target_binary_directory) - target_binary_name = os.path.basename(target_binary) - cmplog_target_binary = os.path.join(cmplog_target_binary_directory, - target_binary_name) - - # Setup env vars - libafl_fuzzer.prepare_fuzz_environment(input_corpus) - - # Merge dictionaries - dictionary_path = utils.get_dictionary_path(target_binary) - if os.path.exists('./afl++.dict'): - if dictionary_path: - with open('./afl++.dict', encoding='utf-8') as dictfile: - autodict = dictfile.read() - with open(dictionary_path, 'a', encoding='utf-8') as dictfile: - dictfile.write(autodict) - else: - dictionary_path = './afl++.dict' - - # Run the fuzzer - command = ['./fuzzbench_forkserver', '-c', cmplog_target_binary] - if dictionary_path: - command += (['-x', dictionary_path]) - command += (['-o', output_corpus, '-i', input_corpus, target_binary]) - print(command) - subprocess.check_call(command) diff --git a/fuzzers/libafl_forkserver/runner.Dockerfile b/fuzzers/libafl_forkserver/runner.Dockerfile deleted file mode 100644 index 7aa1da8e4..000000000 --- a/fuzzers/libafl_forkserver/runner.Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM gcr.io/fuzzbench/base-image - -# This makes interactive docker runs painless: -ENV LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/out" -#ENV AFL_MAP_SIZE=2621440 -ENV PATH="$PATH:/out" -ENV AFL_SKIP_CPUFREQ=1 -ENV AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES=1 -ENV AFL_TESTCACHE_SIZE=2 From 712a4fe167c9e9c74bf7da0fea34719122a59e6e Mon Sep 17 00:00:00 2001 From: toka Date: Mon, 25 Sep 2023 15:11:12 +0200 Subject: [PATCH 08/20] Add Old Libfuzzer --- fuzzers/libafl_27042023/builder.Dockerfile | 54 +++++++++++++++++ fuzzers/libafl_27042023/description.md | 11 ++++ fuzzers/libafl_27042023/fuzzer.py | 67 ++++++++++++++++++++++ fuzzers/libafl_27042023/runner.Dockerfile | 23 ++++++++ 4 files changed, 155 insertions(+) create mode 100644 fuzzers/libafl_27042023/builder.Dockerfile create mode 100644 fuzzers/libafl_27042023/description.md create mode 100755 fuzzers/libafl_27042023/fuzzer.py create mode 100644 fuzzers/libafl_27042023/runner.Dockerfile diff --git a/fuzzers/libafl_27042023/builder.Dockerfile b/fuzzers/libafl_27042023/builder.Dockerfile new file mode 100644 index 000000000..01141c74e --- /dev/null +++ b/fuzzers/libafl_27042023/builder.Dockerfile @@ -0,0 +1,54 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ARG parent_image +FROM $parent_image + +# Uninstall old Rust & Install the latest one. +RUN if which rustup; then rustup self uninstall -y; fi && \ + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /rustup.sh && \ + sh /rustup.sh --default-toolchain nightly-2023-03-29 -y && \ + rm /rustup.sh + +# Install dependencies. +RUN apt-get update && \ + apt-get remove -y llvm-10 && \ + apt-get install -y \ + build-essential \ + llvm-11 \ + clang-12 \ + cargo && \ + apt-get install -y wget libstdc++5 libtool-bin automake flex bison \ + libglib2.0-dev libpixman-1-dev python3-setuptools unzip \ + apt-utils apt-transport-https ca-certificates joe curl && \ + PATH="/root/.cargo/bin/:$PATH" cargo install cargo-make + +# Download libafl. +RUN git clone https://github.com/AFLplusplus/LibAFL /libafl + +# Checkout a current commit +RUN cd /libafl && git checkout 3ce0c102affeace754072368013422e97b9dce9c || true +# Note that due a nightly bug it is currently fixed to a known version on top! + +# Compile libafl. +RUN cd /libafl && \ + unset CFLAGS CXXFLAGS && \ + export LIBAFL_EDGES_MAP_SIZE=2621440 && \ + cd ./fuzzers/fuzzbench && \ + PATH="/root/.cargo/bin/:$PATH" cargo build --release --features no_link_main + +# Auxiliary weak references. +RUN cd /libafl/fuzzers/fuzzbench && \ + clang -c stub_rt.c && \ + ar r /stub_rt.a stub_rt.o diff --git a/fuzzers/libafl_27042023/description.md b/fuzzers/libafl_27042023/description.md new file mode 100644 index 000000000..ea9b947d6 --- /dev/null +++ b/fuzzers/libafl_27042023/description.md @@ -0,0 +1,11 @@ +# libafl + +libafl fuzzer instance + - cmplog feature + - persistent mode + +Repository: [https://github.com/AFLplusplus/libafl/](https://github.com/AFLplusplus/libafl/) + +[builder.Dockerfile](builder.Dockerfile) +[fuzzer.py](fuzzer.py) +[runner.Dockerfile](runner.Dockerfile) diff --git a/fuzzers/libafl_27042023/fuzzer.py b/fuzzers/libafl_27042023/fuzzer.py new file mode 100755 index 000000000..d00bb1dd5 --- /dev/null +++ b/fuzzers/libafl_27042023/fuzzer.py @@ -0,0 +1,67 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +"""Integration code for a LibAFL-based fuzzer.""" + +import os +import subprocess + +from fuzzers import utils + + +def prepare_fuzz_environment(input_corpus): + """Prepare to fuzz with a LibAFL-based fuzzer.""" + os.environ['ASAN_OPTIONS'] = 'abort_on_error=1:detect_leaks=0:'\ + 'malloc_context_size=0:symbolize=0:'\ + 'allocator_may_return_null=1:'\ + 'detect_odr_violation=0:handle_segv=0:'\ + 'handle_sigbus=0:handle_abort=0:'\ + 'handle_sigfpe=0:handle_sigill=0' + os.environ['UBSAN_OPTIONS'] = 'abort_on_error=1:'\ + 'allocator_release_to_os_interval_ms=500:'\ + 'handle_abort=0:handle_segv=0:'\ + 'handle_sigbus=0:handle_sigfpe=0:'\ + 'handle_sigill=0:print_stacktrace=0:'\ + 'symbolize=0:symbolize_inline_frames=0' + # Create at least one non-empty seed to start. + utils.create_seed_file_for_empty_corpus(input_corpus) + + +def build(): # pylint: disable=too-many-branches,too-many-statements + """Build benchmark.""" + os.environ['CC'] = '/libafl/fuzzers/fuzzbench/target/release/libafl_cc' + os.environ['CXX'] = '/libafl/fuzzers/fuzzbench/target/release/libafl_cxx' + + os.environ['ASAN_OPTIONS'] = 'abort_on_error=0:allocator_may_return_null=1' + os.environ['UBSAN_OPTIONS'] = 'abort_on_error=0' + + cflags = ['--libafl'] + utils.append_flags('CFLAGS', cflags) + utils.append_flags('CXXFLAGS', cflags) + utils.append_flags('LDFLAGS', cflags) + + os.environ['FUZZER_LIB'] = '/stub_rt.a' + utils.build_benchmark() + + +def fuzz(input_corpus, output_corpus, target_binary): + """Run fuzzer.""" + prepare_fuzz_environment(input_corpus) + dictionary_path = utils.get_dictionary_path(target_binary) + command = [target_binary] + if dictionary_path: + command += (['-x', dictionary_path]) + command += (['-o', output_corpus, '-i', input_corpus]) + print(command) + subprocess.check_call(command, cwd=os.environ['OUT']) diff --git a/fuzzers/libafl_27042023/runner.Dockerfile b/fuzzers/libafl_27042023/runner.Dockerfile new file mode 100644 index 000000000..7aa1da8e4 --- /dev/null +++ b/fuzzers/libafl_27042023/runner.Dockerfile @@ -0,0 +1,23 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM gcr.io/fuzzbench/base-image + +# This makes interactive docker runs painless: +ENV LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/out" +#ENV AFL_MAP_SIZE=2621440 +ENV PATH="$PATH:/out" +ENV AFL_SKIP_CPUFREQ=1 +ENV AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES=1 +ENV AFL_TESTCACHE_SIZE=2 From 63916ac26844d5898f9ff88fa61e7c7ad0c8fb3f Mon Sep 17 00:00:00 2001 From: toka Date: Mon, 25 Sep 2023 15:13:17 +0200 Subject: [PATCH 09/20] A DUMMY COMMENT --- service/gcbrun_experiment.py | 1 + 1 file changed, 1 insertion(+) diff --git a/service/gcbrun_experiment.py b/service/gcbrun_experiment.py index bbebcf1b9..f19ab493d 100644 --- a/service/gcbrun_experiment.py +++ b/service/gcbrun_experiment.py @@ -28,6 +28,7 @@ TRIGGER_COMMAND = '/gcbrun' RUN_EXPERIMENT_COMMAND_STR = f'{TRIGGER_COMMAND} run_experiment.py ' SKIP_COMMAND_STR = f'{TRIGGER_COMMAND} skip' +# A DUMMY COMMENT def get_comments(pull_request_number): From 9b5dd8a758fc25aadc070b7518328339ade00966 Mon Sep 17 00:00:00 2001 From: toka Date: Wed, 27 Sep 2023 09:46:13 +0000 Subject: [PATCH 10/20] fix it --- fuzzers/libafl/builder.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzers/libafl/builder.Dockerfile b/fuzzers/libafl/builder.Dockerfile index 0864a173a..92862242e 100644 --- a/fuzzers/libafl/builder.Dockerfile +++ b/fuzzers/libafl/builder.Dockerfile @@ -38,7 +38,7 @@ RUN apt-get update && \ RUN git clone https://github.com/AFLplusplus/LibAFL /libafl # Checkout a current commit -RUN cd /libafl && git checkout c103444396697af102dce2b936a00e93017057ba || true +RUN cd /libafl && git checkout 324db072a2f0a25f4e891d8a008a2feff240fb79 || true # Note that due a nightly bug it is currently fixed to a known version on top! # Compile libafl. From 2352d4ad61b590bc4930b80bce057847ff0490c1 Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 28 Sep 2023 11:19:03 +0200 Subject: [PATCH 11/20] git pull --- fuzzers/libafl/builder.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzers/libafl/builder.Dockerfile b/fuzzers/libafl/builder.Dockerfile index 92862242e..ff74ed055 100644 --- a/fuzzers/libafl/builder.Dockerfile +++ b/fuzzers/libafl/builder.Dockerfile @@ -38,7 +38,7 @@ RUN apt-get update && \ RUN git clone https://github.com/AFLplusplus/LibAFL /libafl # Checkout a current commit -RUN cd /libafl && git checkout 324db072a2f0a25f4e891d8a008a2feff240fb79 || true +RUN cd /libafl && git pull && git checkout 324db072a2f0a25f4e891d8a008a2feff240fb79 || true # Note that due a nightly bug it is currently fixed to a known version on top! # Compile libafl. From 3c53c68150d3cc5cb0dd12ecf34ec56587d3f70d Mon Sep 17 00:00:00 2001 From: toka Date: Mon, 2 Oct 2023 14:14:46 +0200 Subject: [PATCH 12/20] use JEMALLOC and update --- fuzzers/libafl/builder.Dockerfile | 2 +- fuzzers/libafl/fuzzer.py | 4 +++- fuzzers/libafl/runner.Dockerfile | 2 ++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/fuzzers/libafl/builder.Dockerfile b/fuzzers/libafl/builder.Dockerfile index ff74ed055..cef4659cc 100644 --- a/fuzzers/libafl/builder.Dockerfile +++ b/fuzzers/libafl/builder.Dockerfile @@ -38,7 +38,7 @@ RUN apt-get update && \ RUN git clone https://github.com/AFLplusplus/LibAFL /libafl # Checkout a current commit -RUN cd /libafl && git pull && git checkout 324db072a2f0a25f4e891d8a008a2feff240fb79 || true +RUN cd /libafl && git pull && git checkout b20fda2a4ada2a6462718dc661e139e6c7a29807 || true # Note that due a nightly bug it is currently fixed to a known version on top! # Compile libafl. diff --git a/fuzzers/libafl/fuzzer.py b/fuzzers/libafl/fuzzer.py index 9753e1fdb..52cb1a2e5 100755 --- a/fuzzers/libafl/fuzzer.py +++ b/fuzzers/libafl/fuzzer.py @@ -65,5 +65,7 @@ def fuzz(input_corpus, output_corpus, target_binary): if dictionary_path: command += (['-x', dictionary_path]) command += (['-o', output_corpus, '-i', input_corpus]) + fuzzer_env = os.environ.copy() + fuzzer_env['LD_PRELOAD']='/usr/lib/x86_64-linux-gnu/libjemalloc.so.2' print(command) - subprocess.check_call(command, cwd=os.environ['OUT']) + subprocess.check_call(command, cwd=os.environ['OUT'], env=fuzzer_env) diff --git a/fuzzers/libafl/runner.Dockerfile b/fuzzers/libafl/runner.Dockerfile index 7aa1da8e4..f0c5eb6cc 100644 --- a/fuzzers/libafl/runner.Dockerfile +++ b/fuzzers/libafl/runner.Dockerfile @@ -14,6 +14,8 @@ FROM gcr.io/fuzzbench/base-image +RUN apt install libjemalloc2 + # This makes interactive docker runs painless: ENV LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/out" #ENV AFL_MAP_SIZE=2621440 From 3d64992b7f89644f095caf9f5c946399b9dfcb3d Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 12 Oct 2023 20:22:43 +0200 Subject: [PATCH 13/20] FMT --- fuzzers/libafl/fuzzer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzers/libafl/fuzzer.py b/fuzzers/libafl/fuzzer.py index 52cb1a2e5..cfd2a64d7 100755 --- a/fuzzers/libafl/fuzzer.py +++ b/fuzzers/libafl/fuzzer.py @@ -66,6 +66,6 @@ def fuzz(input_corpus, output_corpus, target_binary): command += (['-x', dictionary_path]) command += (['-o', output_corpus, '-i', input_corpus]) fuzzer_env = os.environ.copy() - fuzzer_env['LD_PRELOAD']='/usr/lib/x86_64-linux-gnu/libjemalloc.so.2' + fuzzer_env['LD_PRELOAD'] = '/usr/lib/x86_64-linux-gnu/libjemalloc.so.2' print(command) subprocess.check_call(command, cwd=os.environ['OUT'], env=fuzzer_env) From aae252f25422ccf5ae1eddd083ffc54913375575 Mon Sep 17 00:00:00 2001 From: toka Date: Wed, 18 Oct 2023 13:24:02 +0200 Subject: [PATCH 14/20] add fuzzer --- fuzzers/libafl_cmplog_ctx/builder.Dockerfile | 57 ++++++++++++++++ fuzzers/libafl_cmplog_ctx/description.md | 11 +++ fuzzers/libafl_cmplog_ctx/fuzzer.py | 71 ++++++++++++++++++++ fuzzers/libafl_cmplog_ctx/runner.Dockerfile | 25 +++++++ 4 files changed, 164 insertions(+) create mode 100644 fuzzers/libafl_cmplog_ctx/builder.Dockerfile create mode 100644 fuzzers/libafl_cmplog_ctx/description.md create mode 100755 fuzzers/libafl_cmplog_ctx/fuzzer.py create mode 100644 fuzzers/libafl_cmplog_ctx/runner.Dockerfile diff --git a/fuzzers/libafl_cmplog_ctx/builder.Dockerfile b/fuzzers/libafl_cmplog_ctx/builder.Dockerfile new file mode 100644 index 000000000..39e559ff1 --- /dev/null +++ b/fuzzers/libafl_cmplog_ctx/builder.Dockerfile @@ -0,0 +1,57 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ARG parent_image +FROM $parent_image + +# Uninstall old Rust & Install the latest one. +RUN if which rustup; then rustup self uninstall -y; fi && \ + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > /rustup.sh && \ + sh /rustup.sh --default-toolchain nightly-2023-09-21 -y && \ + rm /rustup.sh + +# Install dependencies. +RUN apt-get update && \ + apt-get purge clang-15* llvm-15* && \ + apt-get install -y \ + build-essential \ + cargo && \ + apt-get install -y wget libstdc++5 libtool-bin automake flex bison lsb-release software-properties-common gnupg \ + libglib2.0-dev libpixman-1-dev python3-setuptools unzip \ + apt-utils apt-transport-https ca-certificates joe curl && \ + PATH="/root/.cargo/bin/:$PATH" cargo install cargo-make + +RUN wget https://apt.llvm.org/llvm.sh && chmod +x llvm.sh && ./llvm.sh 16 +ENV PATH="/usr/bin/:$PATH" + +RUN wget https://gist.githubusercontent.com/tokatoka/26f4ba95991c6e33139999976332aa8e/raw/670119f455ef4f75ca0b6cf835aae5ae8192331e/createAliases.sh && chmod u+x createAliases.sh && ./createAliases.sh + +# Download libafl. +RUN git clone https://github.com/AFLplusplus/LibAFL /libafl + +# Checkout a current commit +RUN cd /libafl && git pull && git checkout fd6e95ff0c6a3db914a0a7e13c145438cee53065 || true +# Note that due a nightly bug it is currently fixed to a known version on top! + +# Compile libafl. +RUN cd /libafl && \ + unset CFLAGS CXXFLAGS && \ + export LIBAFL_EDGES_MAP_SIZE=2621440 && \ + cd ./fuzzers/fuzzbench && \ + PATH="/root/.cargo/bin/:$PATH" cargo build --profile release-fuzzbench --features no_link_main + +# Auxiliary weak references. +RUN cd /libafl/fuzzers/fuzzbench && \ + clang -c stub_rt.c && \ + ar r /stub_rt.a stub_rt.o diff --git a/fuzzers/libafl_cmplog_ctx/description.md b/fuzzers/libafl_cmplog_ctx/description.md new file mode 100644 index 000000000..ea9b947d6 --- /dev/null +++ b/fuzzers/libafl_cmplog_ctx/description.md @@ -0,0 +1,11 @@ +# libafl + +libafl fuzzer instance + - cmplog feature + - persistent mode + +Repository: [https://github.com/AFLplusplus/libafl/](https://github.com/AFLplusplus/libafl/) + +[builder.Dockerfile](builder.Dockerfile) +[fuzzer.py](fuzzer.py) +[runner.Dockerfile](runner.Dockerfile) diff --git a/fuzzers/libafl_cmplog_ctx/fuzzer.py b/fuzzers/libafl_cmplog_ctx/fuzzer.py new file mode 100755 index 000000000..cfd2a64d7 --- /dev/null +++ b/fuzzers/libafl_cmplog_ctx/fuzzer.py @@ -0,0 +1,71 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +"""Integration code for a LibAFL-based fuzzer.""" + +import os +import subprocess + +from fuzzers import utils + + +def prepare_fuzz_environment(input_corpus): + """Prepare to fuzz with a LibAFL-based fuzzer.""" + os.environ['ASAN_OPTIONS'] = 'abort_on_error=1:detect_leaks=0:'\ + 'malloc_context_size=0:symbolize=0:'\ + 'allocator_may_return_null=1:'\ + 'detect_odr_violation=0:handle_segv=0:'\ + 'handle_sigbus=0:handle_abort=0:'\ + 'handle_sigfpe=0:handle_sigill=0' + os.environ['UBSAN_OPTIONS'] = 'abort_on_error=1:'\ + 'allocator_release_to_os_interval_ms=500:'\ + 'handle_abort=0:handle_segv=0:'\ + 'handle_sigbus=0:handle_sigfpe=0:'\ + 'handle_sigill=0:print_stacktrace=0:'\ + 'symbolize=0:symbolize_inline_frames=0' + # Create at least one non-empty seed to start. + utils.create_seed_file_for_empty_corpus(input_corpus) + + +def build(): # pylint: disable=too-many-branches,too-many-statements + """Build benchmark.""" + os.environ[ + 'CC'] = '/libafl/fuzzers/fuzzbench/target/release-fuzzbench/libafl_cc' + os.environ[ + 'CXX'] = '/libafl/fuzzers/fuzzbench/target/release-fuzzbench/libafl_cxx' + + os.environ['ASAN_OPTIONS'] = 'abort_on_error=0:allocator_may_return_null=1' + os.environ['UBSAN_OPTIONS'] = 'abort_on_error=0' + + cflags = ['--libafl'] + utils.append_flags('CFLAGS', cflags) + utils.append_flags('CXXFLAGS', cflags) + utils.append_flags('LDFLAGS', cflags) + + os.environ['FUZZER_LIB'] = '/stub_rt.a' + utils.build_benchmark() + + +def fuzz(input_corpus, output_corpus, target_binary): + """Run fuzzer.""" + prepare_fuzz_environment(input_corpus) + dictionary_path = utils.get_dictionary_path(target_binary) + command = [target_binary] + if dictionary_path: + command += (['-x', dictionary_path]) + command += (['-o', output_corpus, '-i', input_corpus]) + fuzzer_env = os.environ.copy() + fuzzer_env['LD_PRELOAD'] = '/usr/lib/x86_64-linux-gnu/libjemalloc.so.2' + print(command) + subprocess.check_call(command, cwd=os.environ['OUT'], env=fuzzer_env) diff --git a/fuzzers/libafl_cmplog_ctx/runner.Dockerfile b/fuzzers/libafl_cmplog_ctx/runner.Dockerfile new file mode 100644 index 000000000..f0c5eb6cc --- /dev/null +++ b/fuzzers/libafl_cmplog_ctx/runner.Dockerfile @@ -0,0 +1,25 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM gcr.io/fuzzbench/base-image + +RUN apt install libjemalloc2 + +# This makes interactive docker runs painless: +ENV LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/out" +#ENV AFL_MAP_SIZE=2621440 +ENV PATH="$PATH:/out" +ENV AFL_SKIP_CPUFREQ=1 +ENV AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES=1 +ENV AFL_TESTCACHE_SIZE=2 From 49a3d1f253b3caa2a18810a8d521e2d43c133bfe Mon Sep 17 00:00:00 2001 From: toka Date: Wed, 18 Oct 2023 14:40:39 +0200 Subject: [PATCH 15/20] UPD --- fuzzers/libafl_cmplog_ctx/builder.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzers/libafl_cmplog_ctx/builder.Dockerfile b/fuzzers/libafl_cmplog_ctx/builder.Dockerfile index 39e559ff1..c563ded41 100644 --- a/fuzzers/libafl_cmplog_ctx/builder.Dockerfile +++ b/fuzzers/libafl_cmplog_ctx/builder.Dockerfile @@ -41,7 +41,7 @@ RUN wget https://gist.githubusercontent.com/tokatoka/26f4ba95991c6e3313999997633 RUN git clone https://github.com/AFLplusplus/LibAFL /libafl # Checkout a current commit -RUN cd /libafl && git pull && git checkout fd6e95ff0c6a3db914a0a7e13c145438cee53065 || true +RUN cd /libafl && git pull && git checkout e6eeaf59ba600bd901e5b3c9dfbf4a71a9367cb3 || true # Note that due a nightly bug it is currently fixed to a known version on top! # Compile libafl. From 16abdd55ef0c6d66605f90d3c76744288f7b57bc Mon Sep 17 00:00:00 2001 From: toka Date: Wed, 18 Oct 2023 14:44:23 +0200 Subject: [PATCH 16/20] bruh --- fuzzers/libafl_cmplog_ctx/fuzzer.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fuzzers/libafl_cmplog_ctx/fuzzer.py b/fuzzers/libafl_cmplog_ctx/fuzzer.py index cfd2a64d7..0f191a744 100755 --- a/fuzzers/libafl_cmplog_ctx/fuzzer.py +++ b/fuzzers/libafl_cmplog_ctx/fuzzer.py @@ -49,8 +49,9 @@ def build(): # pylint: disable=too-many-branches,too-many-statements os.environ['UBSAN_OPTIONS'] = 'abort_on_error=0' cflags = ['--libafl'] + cxxflags = ['--libafl', '--std=c++14'] utils.append_flags('CFLAGS', cflags) - utils.append_flags('CXXFLAGS', cflags) + utils.append_flags('CXXFLAGS', cxxflags) utils.append_flags('LDFLAGS', cflags) os.environ['FUZZER_LIB'] = '/stub_rt.a' From c587e9b5a5cfe66d117682c467bcb8400fc1c769 Mon Sep 17 00:00:00 2001 From: toka Date: Wed, 18 Oct 2023 15:22:37 +0200 Subject: [PATCH 17/20] upd --- fuzzers/libafl_cmplog_ctx/builder.Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/fuzzers/libafl_cmplog_ctx/builder.Dockerfile b/fuzzers/libafl_cmplog_ctx/builder.Dockerfile index c563ded41..e6a58968e 100644 --- a/fuzzers/libafl_cmplog_ctx/builder.Dockerfile +++ b/fuzzers/libafl_cmplog_ctx/builder.Dockerfile @@ -33,9 +33,8 @@ RUN apt-get update && \ PATH="/root/.cargo/bin/:$PATH" cargo install cargo-make RUN wget https://apt.llvm.org/llvm.sh && chmod +x llvm.sh && ./llvm.sh 16 -ENV PATH="/usr/bin/:$PATH" -RUN wget https://gist.githubusercontent.com/tokatoka/26f4ba95991c6e33139999976332aa8e/raw/670119f455ef4f75ca0b6cf835aae5ae8192331e/createAliases.sh && chmod u+x createAliases.sh && ./createAliases.sh +RUN wget https://gist.githubusercontent.com/tokatoka/26f4ba95991c6e33139999976332aa8e/raw/20996c7348bcbab115b79c315cee964f1a19e5f3/createAliases.sh && chmod u+x createAliases.sh && ./createAliases.sh # Download libafl. RUN git clone https://github.com/AFLplusplus/LibAFL /libafl From df688fbb7e25205f4b756b1c9b0b80b438080f5b Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 19 Oct 2023 17:08:19 +0200 Subject: [PATCH 18/20] upd --- fuzzers/libafl_cmplog_ctx/builder.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzers/libafl_cmplog_ctx/builder.Dockerfile b/fuzzers/libafl_cmplog_ctx/builder.Dockerfile index e6a58968e..351a8c6ef 100644 --- a/fuzzers/libafl_cmplog_ctx/builder.Dockerfile +++ b/fuzzers/libafl_cmplog_ctx/builder.Dockerfile @@ -40,7 +40,7 @@ RUN wget https://gist.githubusercontent.com/tokatoka/26f4ba95991c6e3313999997633 RUN git clone https://github.com/AFLplusplus/LibAFL /libafl # Checkout a current commit -RUN cd /libafl && git pull && git checkout e6eeaf59ba600bd901e5b3c9dfbf4a71a9367cb3 || true +RUN cd /libafl && git pull && git checkout 6d7c1c3fa2b9c9a6953f28945fd06e3e6acc231d || true # Note that due a nightly bug it is currently fixed to a known version on top! # Compile libafl. From c8533cc69be2975f76b03ba16efcc40288c8eeb4 Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Thu, 19 Oct 2023 23:08:50 +0200 Subject: [PATCH 19/20] No more dummy comment --- service/gcbrun_experiment.py | 1 - 1 file changed, 1 deletion(-) diff --git a/service/gcbrun_experiment.py b/service/gcbrun_experiment.py index f19ab493d..bbebcf1b9 100644 --- a/service/gcbrun_experiment.py +++ b/service/gcbrun_experiment.py @@ -28,7 +28,6 @@ TRIGGER_COMMAND = '/gcbrun' RUN_EXPERIMENT_COMMAND_STR = f'{TRIGGER_COMMAND} run_experiment.py ' SKIP_COMMAND_STR = f'{TRIGGER_COMMAND} skip' -# A DUMMY COMMENT def get_comments(pull_request_number): From 8ca89fa1b815e4858878e61daedab565ce034bd1 Mon Sep 17 00:00:00 2001 From: toka Date: Fri, 3 Nov 2023 19:33:20 +0100 Subject: [PATCH 20/20] remove ctx --- fuzzers/libafl_cmplog_ctx/builder.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzzers/libafl_cmplog_ctx/builder.Dockerfile b/fuzzers/libafl_cmplog_ctx/builder.Dockerfile index 351a8c6ef..0ceafbfd4 100644 --- a/fuzzers/libafl_cmplog_ctx/builder.Dockerfile +++ b/fuzzers/libafl_cmplog_ctx/builder.Dockerfile @@ -40,7 +40,7 @@ RUN wget https://gist.githubusercontent.com/tokatoka/26f4ba95991c6e3313999997633 RUN git clone https://github.com/AFLplusplus/LibAFL /libafl # Checkout a current commit -RUN cd /libafl && git pull && git checkout 6d7c1c3fa2b9c9a6953f28945fd06e3e6acc231d || true +RUN cd /libafl && git pull && git checkout 03d0c9a617a32de8eae41ecef556402ae0ef6058 || true # Note that due a nightly bug it is currently fixed to a known version on top! # Compile libafl.