Skip to content

Commit

Permalink
parameter to vd to trace modules + limit on events per function
Browse files Browse the repository at this point in the history
  • Loading branch information
gaa-cifasis committed Jan 20, 2016
1 parent 12d1339 commit d1ca288
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 12 deletions.
7 changes: 6 additions & 1 deletion vd
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,13 +48,16 @@ if __name__ == "__main__":
parser = argparse.ArgumentParser(description='')
parser.add_argument("-i", help="", type=str, default=None, required=True, dest="seeds")
parser.add_argument("-o", help="", type=str, default=None, required=True, dest="out")
parser.add_argument("-m", help="", type=str, nargs='+', dest="mods")

#parser.add_argument("-v", help="", type=str, default=None, required=False, dest="vectorizer")
#parser.add_argument("-m", help="", type=str, default="afl", dest="fuzzer")
parser.add_argument("cmd", help="", type=str, default=None)

options = parser.parse_args()
seeds = options.seeds
outfile = options.out
mods = options.mods
#fuzzer = options.fuzzer
cmd = options.cmd
#vectorizer = options.vectorizer
Expand All @@ -70,8 +73,10 @@ if __name__ == "__main__":
traces = traces_path
else:

#app = Process(program, envs, timeout, ["libpixman-1.so","libcairo.so.2","libpango"], [], True)
modules_to_trace = [main_module]
if mods is not None:
modules_to_trace = modules_to_trace + mods

if "LD_LIBRARY_PATH" in os.environ:
libs = os.environ["LD_LIBRARY_PATH"]
for _,_,files in os.walk(libs):
Expand Down
31 changes: 20 additions & 11 deletions vdiscover/Process.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ def __init__(self, program, envs, timeout, included_mods = [], ignored_mods = []
self.last_signal = {}
self.last_call = None
self.crashed = False
self.nevents = 0
self.nevents = dict()
self.events = []

self.binfo = dict()
Expand Down Expand Up @@ -125,6 +125,7 @@ def createEvents(self, signal):
for (range, mod, atts) in self.mm.items():
if '/' in mod and 'x' in atts and not ("libc-" in mod):

# FIXME: self.elf.path should be absolute
if mod == self.elf.path:
base = 0
else:
Expand Down Expand Up @@ -155,7 +156,15 @@ def createEvents(self, signal):
call_ip = ip
self.process.singleStep()
self.debugger.waitProcessEvent()
self.breakpoint(call_ip)

n = self.nevents.get(name, 0)
self.nevents[name] = n + 1

if n < self.max_events:
self.breakpoint(call_ip)
#else:
#print "disabled!"

#print "call detected!"
return [call]

Expand Down Expand Up @@ -264,7 +273,7 @@ def cont(self, signum=None):
#vulns = self.DetectVulnerabilities(self.events, events)
#print "vulns detected"
self.events = self.events + events #+ vulns
self.nevents = self.nevents + len(events)
#self.nevents = self.nevents + len(events)


def readInstrSize(self, address, default_size=None):
Expand Down Expand Up @@ -337,12 +346,12 @@ def runProcess(self, cmd):
while True:

#self.cont()
if self.nevents > self.max_events:

self.events.append(Timeout(timeout))
alarm(0)
return
elif not self.debugger or self.crashed:
#if self.nevents > self.max_events:
#
# self.events.append(Timeout(timeout))
# alarm(0)
# return
if not self.debugger or self.crashed:
# There is no more process: quit
alarm(0)
return
Expand Down Expand Up @@ -381,7 +390,7 @@ def runProcess(self, cmd):

def getData(self, inputs):
self.events = []
self.nevents = 0
self.nevents = dict()
self.debugger = PtraceDebugger()

self.runProcess([self.program]+inputs)
Expand All @@ -396,7 +405,7 @@ def getData(self, inputs):

self.process.terminate()
self.process.detach()
#print "terminated!"
#print self.nevents

self.process = None
return self.events

0 comments on commit d1ca288

Please sign in to comment.