Commit 74c311f4 authored by Jost Rossel's avatar Jost Rossel
Browse files

Add afl interface that uses the mutators

parent b11d652c
import os
import timeit
from .afl_interface import fuzz, init
# simple test run
if __name__ == "__main__":
os.environ["AFL_XML_MUTATOR_TYPE"] = "destructive"
in_1 = bytearray(
b"""<?xml version="1.0" encoding="utf-8"?><model xmlns="" unit="millimeter" xml:lang="en-US" xmlns:m=""><resources><object id="1" name="dummy" type="model"><mesh><vertices><vertex x="0" y="0" z="0" /><vertex x="0" y="0" z="1.000000" /><vertex x="0" y="1.000000" z="0" /><vertex x="0" y="1.000000" z="1.000000" /><vertex x="1.000000" y="0" z="0" /><vertex x="1.000000" y="0" z="1.000000" /><vertex x="1.000000" y="1.000000" z="0" /><vertex x="1.000000" y="1.000000" z="1.000000" /></vertices><triangles><triangle v1="0" v2="1" v3="3" /><triangle v1="0" v2="2" v3="6" /><triangle v1="0" v2="3" v3="2" /><triangle v1="0" v2="4" v3="5" /><triangle v1="0" v2="5" v3="1" /><triangle v1="0" v2="6" v3="4" /><triangle v1="1" v2="5" v3="3" /><triangle v1="2" v2="3" v3="6" /><triangle v1="3" v2="5" v3="7" /><triangle v1="3" v2="7" v3="6" /><triangle v1="4" v2="6" v3="5" /><triangle v1="5" v2="6" v3="7" /></triangles></mesh></object></resources><build><item objectid="1" /></build></model>"""
target_len = len(in_1)
in_2 = bytearray(b"<abc abc123='456' abcCBA='ppppppppppppppppppppppppppppp'/>")
starttime = timeit.default_timer()
for i in range(30000):
in_1 = fuzz(in_1, in_2, target_len)
assert len(in_1) <= target_len
# if i % 1000 == 0:
# print(len(in_1)) # , in_1)
print("The time difference is :", timeit.default_timer() - starttime)
"""Wrapper that uses the AFL++ mutator API to run different XML mutators."""
import logging
import os
from .mutators.destructive import DestructiveMutator
from .mutators.nondestructive import NonDestructiveMutator
logging.basicConfig(filename="error.log", filemode="w")
mutator = None
def init(seed: int):
"""Called at startup."""
global mutator
if os.getenv("AFL_XML_MUTATOR_TYPE") == "destructive":
mutator = DestructiveMutator(seed=seed, number_of_mutations_between=(1, 5))
elif os.getenv("AFL_XML_MUTATOR_TYPE") == "nondestructive":
mutator = NonDestructiveMutator(seed=seed, number_of_mutations=2)
def fuzz(buffer: bytearray, additional_buffer: bytearray, max_size: int) -> bytearray:
Called every interation.
buffer: the bytearray (buffer) that is to be mutated in this iteration
additional_buffer: an additional buffer containing data (might be used to, e.g., merge two bufs)
max_size: maximal size that the result might have
res = mutator.mutate(max_size)
except Exception as err:
return buffer
return res
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment