Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature requestion: specify target for casr-afl #148

Closed
vanhauser-thc opened this issue Sep 19, 2023 · 5 comments · Fixed by #159
Closed

Feature requestion: specify target for casr-afl #148

vanhauser-thc opened this issue Sep 19, 2023 · 5 comments · Fixed by #159
Assignees
@Avgor46
Labels
enhancement New feature or request
Milestone
v2.9.0

Comments

@vanhauser-thc
Copy link

Hi guys,

little feature request by me that would help me in my projects:
a parameter to casr-afl that allows me to override the target being executed instead the one being gathered from fuzzer_setup.
thank you if you have time for that :)
@SweetVishnya SweetVishnya added the enhancement New feature or request label Sep 19, 2023
@SweetVishnya
Copy link
Collaborator

I suppose, we may reuse existing ARGS parameter and add option like --override that tells casr-afl to use ARGS instead of cmdline. Moreover, we should check whether we should call casr-san or casr-gdb in this case. Anyway, we should wait for refactoring in #128 to be done first.

@SweetVishnya SweetVishnya added the help wanted Extra attention is needed label Sep 19, 2023
@anfedotoff
Copy link
Collaborator

anfedotoff commented Sep 19, 2023
edited
Loading

I try to propose a simple solution. The usage of casr-afl is looked like this:

Usage: casr-afl [OPTIONS] --input <INPUT_DIR> --output <OUTPUT_DIR> [-- <ARGS>...]

Arguments:
  [ARGS]...  Add "-- ./gdb_fuzz_target <arguments>" to generate additional crash reports
             with casr-gdb (e.g., test whether program crashes without sanitizers)

ARGS are optional for casr-gdb run. What if we use have --ignore-cmdline option to ignore cmdline file? We could use ARGS to run casr-san as the main analyzer then. I think it's easy to implement and use. What do you think, @vanhauser-thc @SweetVishnya ?
This is like @SweetVishnya already proposed, but more detailed:).

@SweetVishnya
Copy link
Collaborator

@anfedotoff, I agree!

@vanhauser-thc
Copy link
Author

The reason for the feature request: I might have a fuzzing harness, but the verifier (that uses asan, ubsan, etc.) might not be the one used for that specific fuzzer. casr-afl is beautifully easy to use, for specific cases like I described it lacks options though.

but maybe I overcomplicate things and it is easier to use casr-gdb / casr-asan instead :-)

@anfedotoff
Copy link
Collaborator

The reason for the feature request: I might have a fuzzing harness, but the verifier (that uses asan, ubsan, etc.) might not be the one used for that specific fuzzer. casr-afl is beautifully easy to use, for specific cases like I described it lacks options though.

but maybe I overcomplicate things and it is easier to use casr-gdb / casr-asan instead :-)

It would be nice to support this feature in cars-afl! It will be more convenient than using casr-san, casr-gdb, casr-cluster directly. Will schedule it right after #128:).

@anfedotoff anfedotoff added this to the v2.9.0 milestone Sep 19, 2023
@Avgor46 Avgor46 self-assigned this Sep 22, 2023
@anfedotoff anfedotoff removed the help wanted Extra attention is needed label Sep 23, 2023
@Avgor46 Avgor46 linked a pull request Oct 3, 2023 that will close this issue
Specifying target for casr-afl #159
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Avgor46 Avgor46

Labels
enhancement New feature or request
Projects
None yet
Milestone
v2.9.0
Development

Successfully merging a pull request may close this issue.

Specifying target for casr-afl ispras/casr
4 participants
@vanhauser-thc @SweetVishnya @anfedotoff @Avgor46