Giter Club home page Giter Club logo

optfuzz's Introduction

OptFuzz

OptFuzz: Optimization Path Guided Fuzzing for JavaScript JIT Compilers (Usenix Security 2024)

1.Compile Clang-14

Download LLVM-14 source code.

Replace llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp with llvm-14/SanitizerCoverage.cpp in this repository.

Modify the path of sancov.txt in llvm-14/SanitizerCoverage.cpp.

Compile LLVM, you can use the shell commands in llvm-14/run.sh.

2.Install hiredis

Optfuzz use redis to record the number of OptPath, so we need install hiredis before run OptFuzz.

# install redis-server
sudo apt install redis

# install hiredis
git clone [email protected]:redis/hiredis.git
cd hiredis
make 
make install
cp libhiredis.so /usr/lib64 /usr/lib 
/sbin/ldconfig

Redis is used in optfuzz/FuzzilliCli/TerminalUI.swift and optfuzz/libcoverage/coverage.c.

3.Build JavaScritCore

Build JSC with webkit_for_optfuzz/run.sh, specify the clang path to the path compiled in the first step.

JSC commit id: 7e485991f408cd0d38734297936fc449c260fc2f

4.Build OptFuzz

Build:

swift build -c debug -Xlinker='-lrt' -Xlinker='-lhiredis'

Please Modify the path of data/optfuzz_path in optfuzz/libcoverage/coverage.c and webkit_for_optfuzz/Source/JavaScriptCore/jsc.cpp

Run:

swift run -c debug -Xlinker='-lrt' -Xlinker='-lhiredis' FuzzilliCli --jobs=10 --profile=jsc --overwrite --storagePath=./out ../webkit_for_optfuzz/optfuzz_build/Debug/bin/jsc

optfuzz's People

Contributors

jimwongm avatar

Stargazers

Changheon LEE avatar 7resp4ss avatar Jack Ren avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.