centipede/dso_example/dso_example_test.sh - third_party/github/google/fuzztest - Git at Google

 #!/bin/bash

 # Copyright 2022 The Centipede Authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      https://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 # Tests fuzzing of an uninstrumented main binary with instrumented DSO.

 set -eu

 source "$(dirname "$0")/../test_util.sh"

 CENTIPEDE_TEST_SRCDIR="$(centipede::get_centipede_test_srcdir)"

 centipede::maybe_set_var_to_executable_path \
   CENTIPEDE_BINARY "${CENTIPEDE_TEST_SRCDIR}/centipede"

 centipede::maybe_set_var_to_executable_path \
   CENTIPEDE_RUNNER_NO_MAIN_SO \
   "${CENTIPEDE_TEST_SRCDIR}/centipede_runner_no_main.so"

 centipede::maybe_set_var_to_executable_path \
   TARGET_BINARY "${CENTIPEDE_TEST_SRCDIR}/dso_example/main"

 centipede::maybe_set_var_to_executable_path \
   TARGET_BINARY_DLOPEN \
   "${CENTIPEDE_TEST_SRCDIR}/dso_example/main_with_dlopen"

 centipede::maybe_set_var_to_executable_path \
   TARGET_DSO "${CENTIPEDE_TEST_SRCDIR}/dso_example/fuzz_me.so"

 echo "Running the dso_example binary manually; expecting it to fail"

 LOG="${TEST_TMPDIR}/log1"
 "${TARGET_BINARY}" 2>&1 | tee "${LOG}"
 centipede::assert_regex_in_file \
   "error: DlIteratePhdrCallback: a sample code address is not in bounds" \
   "${LOG}"

 echo "Running the dso_example binary with dl_path_suffix; expecting it to pass"
 CENTIPEDE_RUNNER_FLAGS=":dl_path_suffix=/fuzz_me.so:" "${TARGET_BINARY}"

 echo "Running fuzzing for some number of iterations: ${TARGET_BINARY}"
 WD="${TEST_TMPDIR}/WD"
 LOG="${TEST_TMPDIR}/log2"
 centipede::ensure_empty_dir "${WD}"
 "${CENTIPEDE_BINARY}" --workdir "${WD}" --binary "${TARGET_BINARY} @@" \
   --runner_dl_path_suffix "/fuzz_me.so" --coverage_binary "${TARGET_DSO}" \
   --num_runs=100  2>&1 | tee "${LOG}"
 centipede::assert_fuzzing_success "${LOG}"

 # Check that we observe the edge coverage, not just random features.
 centipede::assert_regex_in_file "cov: [234] " "${LOG}"

 echo "Running fuzzing for some number of iterations: ${TARGET_BINARY_DLOPEN}"
 WD="${TEST_TMPDIR}/WD"
 LOG="${TEST_TMPDIR}/log3"
 export FUZZ_ME_PATH="${TARGET_DSO}"
 centipede::ensure_empty_dir "${WD}"
 "${CENTIPEDE_BINARY}" --workdir "${WD}" \
   --binary \
   "LD_PRELOAD=${CENTIPEDE_RUNNER_NO_MAIN_SO} ${TARGET_BINARY_DLOPEN} @@" \
   --runner_dl_path_suffix "/fuzz_me.so" --coverage_binary "${TARGET_DSO}" \
   --num_runs=100 --fork_server=0 2>&1 | tee "${LOG}"
 centipede::assert_fuzzing_success "${LOG}"

 # Check that we observe the edge coverage, not just random features.
 centipede::assert_regex_in_file "cov: [234] " "${LOG}"

 echo "PASS"
	#!/bin/bash

	# Copyright 2022 The Centipede Authors.
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# https://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	# Tests fuzzing of an uninstrumented main binary with instrumented DSO.

	set -eu

	source "$(dirname "$0")/../test_util.sh"

	CENTIPEDE_TEST_SRCDIR="$(centipede::get_centipede_test_srcdir)"

	centipede::maybe_set_var_to_executable_path \
	CENTIPEDE_BINARY "${CENTIPEDE_TEST_SRCDIR}/centipede"

	centipede::maybe_set_var_to_executable_path \
	CENTIPEDE_RUNNER_NO_MAIN_SO \
	"${CENTIPEDE_TEST_SRCDIR}/centipede_runner_no_main.so"

	centipede::maybe_set_var_to_executable_path \
	TARGET_BINARY "${CENTIPEDE_TEST_SRCDIR}/dso_example/main"

	centipede::maybe_set_var_to_executable_path \
	TARGET_BINARY_DLOPEN \
	"${CENTIPEDE_TEST_SRCDIR}/dso_example/main_with_dlopen"

	centipede::maybe_set_var_to_executable_path \
	TARGET_DSO "${CENTIPEDE_TEST_SRCDIR}/dso_example/fuzz_me.so"

	echo "Running the dso_example binary manually; expecting it to fail"

	LOG="${TEST_TMPDIR}/log1"
	"${TARGET_BINARY}" 2>&1 \| tee "${LOG}"
	centipede::assert_regex_in_file \
	"error: DlIteratePhdrCallback: a sample code address is not in bounds" \
	"${LOG}"

	echo "Running the dso_example binary with dl_path_suffix; expecting it to pass"
	CENTIPEDE_RUNNER_FLAGS=":dl_path_suffix=/fuzz_me.so:" "${TARGET_BINARY}"

	echo "Running fuzzing for some number of iterations: ${TARGET_BINARY}"
	WD="${TEST_TMPDIR}/WD"
	LOG="${TEST_TMPDIR}/log2"
	centipede::ensure_empty_dir "${WD}"
	"${CENTIPEDE_BINARY}" --workdir "${WD}" --binary "${TARGET_BINARY} @@" \
	--runner_dl_path_suffix "/fuzz_me.so" --coverage_binary "${TARGET_DSO}" \
	--num_runs=100 2>&1 \| tee "${LOG}"
	centipede::assert_fuzzing_success "${LOG}"

	# Check that we observe the edge coverage, not just random features.
	centipede::assert_regex_in_file "cov: [234] " "${LOG}"

	echo "Running fuzzing for some number of iterations: ${TARGET_BINARY_DLOPEN}"
	WD="${TEST_TMPDIR}/WD"
	LOG="${TEST_TMPDIR}/log3"
	export FUZZ_ME_PATH="${TARGET_DSO}"
	centipede::ensure_empty_dir "${WD}"
	"${CENTIPEDE_BINARY}" --workdir "${WD}" \
	--binary \
	"LD_PRELOAD=${CENTIPEDE_RUNNER_NO_MAIN_SO} ${TARGET_BINARY_DLOPEN} @@" \
	--runner_dl_path_suffix "/fuzz_me.so" --coverage_binary "${TARGET_DSO}" \
	--num_runs=100 --fork_server=0 2>&1 \| tee "${LOG}"
	centipede::assert_fuzzing_success "${LOG}"

	# Check that we observe the edge coverage, not just random features.
	centipede::assert_regex_in_file "cov: [234] " "${LOG}"

	echo "PASS"