安全之安全(security²)博客目录导读
覆盖率分析汇总
目录
一、代码示例
二、afl-cov工具下载
三、编译带覆盖率的版本并启动afl-cov
AFL%E7%BC%96%E8%AF%91%E6%8F%92%E6%A1%A9%E5%B9%B6%E8%BF%90%E8%A1%8Cafl-fuzz-toc" style="margin-left:0px;">四、AFL编译插桩并运行afl-fuzz
五、结果查看
现将两者结合,即进行fuzz模糊测试,又进行GCOV覆盖率分析。
一、代码示例
二、afl-cov工具下载
GitHub - mrash/afl-cov: Produce code coverage results with gcov from afl-fuzz test cases
三、编译带覆盖率的版本并启动afl-cov
cd vulnerable_cov/
gcc -fprofile-arcs -ftest-coverage -o vulnerable vulnerable.c
~/afl-cov-master/afl-cov -d ../vulnerable/outputs --live --coverage-cmd "cat AFL_FILE | ./vulnerable" --code-dir . --enable-branch-coverage
命令详解请参考:GitHub - mrash/afl-cov: Produce code coverage results with gcov from afl-fuzz test cases
中的README.md
AFL%E7%BC%96%E8%AF%91%E6%8F%92%E6%A1%A9%E5%B9%B6%E8%BF%90%E8%A1%8Cafl-fuzz">四、AFL编译插桩并运行afl-fuzz
cd vulnerable
afl-gcc -o vulnerable vulnerable.c
afl-fuzz -i testcases/ -o outputs ./vulnerable
五、结果查看
afl-fuzz运行过程中,afl-cov会收集结果,待"ctrl+c"退出afl-fuzz,最终覆盖率网页结果会出现。