[https://github.com/eurecom-s3/invscov](https://github.com/eurecom-s3/invscov) ```bash git clone https://github.com/eurecom-s3/invscovBuild Ubuntu20.06下载llvm10
之前用的Ubuntu18.06下载llvm10预编译包装好了之后运行有问题,但是apt-get下载的时llvm6,于是换成Ubuntu20.06,能够直接下载llvm10
sudo apt-get install llvm sudo apt-get install clang
查看安装成功
make -C InvsCov/dump LLVM_CONFIG=llvm-config-10 make -C InvsCov/instrument LLVM_CONFIG=llvm-config-10 make -C AFLplusplus make -C AFLplusplus/llvm_mode LLVM_CONFIG=llvm-config-10
编译成功
(直接apt-get真的省事多了)
要编译 Daikon,请按照 Daikon 自述文件中的步骤操作,并将生成的 daikon.jar 复制到此项目的根文件夹中。
安装jdk,发现不能用opennjdk得用jdk
sudo apt install default-jre#不要用,用了就是白用
于是又用这个链接上的jdk
https://blog.csdn.net/qq_41535006/article/details/113929441
sudo mkdir /usr/lib/jvm sudo mv jdk1.8.0_221 /usr/lib/jvm
sudo gedit /etc/profile
export JAVA_HOME=/usr/lib/jvm/jdk1.8.0_221 export PATH=$JAVA_HOME/bin:$PATH export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
source /etc/profile
在daikon目录下生成daikon.jar然后放到根目录
make daikon.jar cp daikon.jar ../Usage
将 env var INVSCOV_OUTPUT_PATH 设置为现有的空文件夹
mkdir output_path export INVSCOV_OUTPUT_PATH=/home/yan/invscov/output_path/
用 dump-cc[c++] 编译 PUT
cd target_program_src/ ./configure make CC=/path/to/invscov/InvsCov/dump-cc CXX=/path/to/invscov/InvsCov/dump-c++ cp ./program ./program_dump # assuming that 'program' is the result of the compilation
下载 Xpdf 3.02:
wget https://dl.xpdfreader.com/old/xpdf-3.02.tar.gz tar -xvzf xpdf-3.02.tar.gz
问题:wget: unable to resolve host address ‘dl.xpdfreader.com’
解决:
sudo gedit /etc/resolv.conf nameserver 8.8.8.8 #google域名服务器 nameserver 8.8.4.4 #google域名服务器
构建:
cd xpdf-3.02/ ./configure make CC=/home/yan/invscov/InvsCov/dump-cc CXX=/home/yan/invscov/InvsCov/dump-c++
make环节报错:
error: clang frontend command failed due to signal (use -v to see invocation)
原因:每开一个新的窗口,环境变量都会自动清空,所以要在一个窗口make
make成功后将将xpdf文件夹的内容复制到xpdf_dump中
构造初始语料库,下载一些pdf示例
mkdir /home/yan/invscov/initial_corpus cd /home/yan/invscov/initial_corpus wget https://github.com/mozilla/pdf.js-sample-files/raw/master/helloworld.pdf wget http://www.africau.edu/images/default/sample.pdf wget https://www.melbpc.org.au/wp-content/uploads/2017/10/small-example-pdf-file.pdf
运行reconstruct-dump
/home/yan/invscov/InvsCov/reconstruct-dump
执行learn invariants
/path/to/invscov/InvsCov/learn-invariants /path/to/initial_corpus ./program_dump @@ /home/yan/invscov/InvsCov/learn-invariants /home/yan/invscov/initial_corpus ./xpdf_dump @@
生成daikon.txt
run generate-constraints
/home/yan/invscov/InvsCov/generate-constraints
compile with instrument-cc[c++]
make clean make CC=/home/yan/invscov/InvsCov/instrument-cc CXX=/home/yan/invscov/InvsCov/instrument-c++
将xpdf文件夹的内容复制到xpdf_fuzz中
/home/yan/invscov/AFLplusplus/afl-fuzz -i /home/yan/invscov/initial_corpus -o output -d -- ./xpdf_fuzz/pdfinfo @@
将导致将崩溃信息发送到Fuzzer之间的延迟增大,进而可能将崩溃被误报为超时,所以我们得临时修改core_pattern文件,如下所示:
su echo core >/proc/sys/kernel/core_pattern
