efcf-framework/scripts/fuzz-tests.sh at main · Octane-Security/efcf-framework · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/usr/bin/env bash

set -e -o pipefail

if [[ -z "$BUILD_DIR" ]]; then
    BUILD_DIR="$(realpath -m ./builds/tests)"
fi
if [[ -z "$FUZZING_REPETITIONS" ]]; then
    export FUZZING_REPETITIONS="5"
fi
if [[ -z "$FUZZING_TIME" ]]; then
    FUZZING_TIME="$(python -c 'print(60 * 60 * 2)')"
    export FUZZING_TIME
fi
echo "[+] setting default afl-fuzz timeout to $FUZZING_TIME sec with $FUZZING_REPETITIONS repetitions"

if [[ -z "$OUT_DIR" ]]; then
    OUT_DIR="$(realpath -m ./out/)"
fi

if [[ -z "$FUZZ_DIR" ]]; then
    FUZZ_DIR="/tmp/efcf-fuzz/"
fi

if [[ -z "$FUZZ_MODES" ]]; then
    FUZZ_MODES="2AT monly noabi"
fi


source scripts/common.sh

set -u

mkdir -p "$FUZZ_DIR" || true
CONTRACTS_DIR="$(realpath ./data/tests/)"
EVM_DIR="$(realpath ./src/eEVM/)"
COV_SUMMARY=""

export AFL_BENCH_UNTIL_CRASH=1
export RUST_BACKTRACE=1
#export AFL_DEBUG=1
export SCRIPT_NAME="$0 $*"
this_command=""
trap 'LAST_COMMAND=$this_command; this_command=$BASH_COMMAND' DEBUG
function on_exit {
    c="$LAST_COMMAND" r="$?"
    s="[$SCRIPT_NAME] exited after $CUR_ITER fuzzing jobs ($c -> $r)"
    echo "$s"
}
function on_err {
    c="$LAST_COMMAND" r="$?"
    s="[$SCRIPT_NAME] errored after $CUR_ITER fuzzing jobs ($c -> $r)"
    echo "$s"
}
set -E
trap on_exit EXIT
trap on_err ERR

echo "[+] starting up - searching for fuzzing jobs"

echo " -> fuzz_all_builds"

fuzz_all_builds \
    "$BUILD_DIR" \
    "$CONTRACTS_DIR" \
    "$OUT_DIR" \
    "$FUZZ_MODES" \
    "$FUZZING_REPETITIONS"

echo "[+] done - no more fuzzing jobs"

exit 0