Home | History | Annotate | Download | only in mutate 
      1 #!/usr/bin/env python
      2 # Copyright 2014 The Chromium Authors. All rights reserved.
      3 # Use of this source code is governed by a BSD-style license that can be
      4 # found in the LICENSE file.
      5 
      6 """Generational ClusterFuzz fuzzer. It generates IPC messages using
      7 GenerateTraits. Support of GenerateTraits for different types will be gradually
      8 added.
      9 """
     10 
     11 import argparse
     12 import os
     13 import random
     14 import string
     15 import subprocess
     16 import sys
     17 import tempfile
     18 import time
     19 
     20 # Number of IPC messages per ipcdump
     21 NUM_IPC_MESSAGES = 1500
     22 
     23 def random_id(size=16, chars=string.ascii_lowercase):
     24   return ''.join(random.choice(chars) for x in range(size))
     25 
     26 def random_ipcdump_path(ipcdump_dir):
     27   return os.path.join(ipcdump_dir, 'fuzz-' + random_id() + '.ipcdump')
     28 
     29 class GenerationalFuzzer:
     30   def parse_cf_args(self):
     31     parser = argparse.ArgumentParser()
     32     parser.add_argument('--input_dir')
     33     parser.add_argument('--output_dir')
     34     parser.add_argument('--no_of_files', type=int)
     35     self.args = args = parser.parse_args();
     36     if not args.input_dir or not args.output_dir or not args.no_of_files:
     37       parser.print_help()
     38       sys.exit(1)
     39 
     40   def get_paths(self):
     41     app_path_key = 'APP_PATH'
     42     self.util_binary = 'ipc_message_util'
     43     self.generate_binary = 'ipc_fuzzer_generate'
     44 
     45     if app_path_key not in os.environ:
     46       sys.exit('Env var %s should be set to chrome path' % app_path_key)
     47     chrome_path = os.environ[app_path_key]
     48     out_dir = os.path.dirname(chrome_path)
     49     self.util_path = os.path.join(out_dir, self.util_binary)
     50     self.generate_path = os.path.join(out_dir, self.generate_binary)
     51 
     52   def generate_ipcdump(self):
     53     generated_ipcdump = random_ipcdump_path(self.args.output_dir)
     54     cmd = [self.generate_path,
     55            '--count=' + str(NUM_IPC_MESSAGES),
     56            generated_ipcdump]
     57     if subprocess.call(cmd):
     58       sys.exit('%s failed' % self.generate_binary)
     59 
     60   def main(self):
     61     self.parse_cf_args()
     62     self.get_paths()
     63     for i in xrange(self.args.no_of_files):
     64       self.generate_ipcdump()
     65     return 0
     66 
     67 if __name__ == "__main__":
     68   fuzzer = GenerationalFuzzer()
     69   sys.exit(fuzzer.main())
     70