diff --git a/Sources/FuzzilliCli/Profiles/ArkProfile.swift b/Sources/FuzzilliCli/Profiles/ArkProfile.swift new file mode 100644 index 0000000000000000000000000000000000000000..1387cec157fad4d975767618bb9fa6a8c9fa2bac --- /dev/null +++ b/Sources/FuzzilliCli/Profiles/ArkProfile.swift @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import Fuzzilli + +fileprivate let PrintGenerator = CodeGenerator("PrintGenerator", inputs: .preferred(.object())) { b, o in + let f = b.loadBuiltin("arkPrint") + b.callFunction(f, withArgs: [o]) +} + +fileprivate let RunNearStackLimitGenerator = CodeGenerator("RunNearStackLimitGenerator", inputs: .required(.function())) { b, f in + let fun = b.loadBuiltin("runNearStackLimit") + b.callFunction(fun, withArgs: [f]) +} + +let arkProfile = Profile( + processArgs: { randomize in + var args = [ + "" + ] + guard randomize else { return args } + return args + }, + + processEnv: [:], + + maxExecsBeforeRespawn: 10000, + + timeout: 10_000, + + codePrefix: """ + function bgc() { + for(let i=0; i<0x10000; i+=1) {new String();} + let a = new Array(0x10000); + for(let i=0; i<0x10000; i+=1) {a[i] = new Array(0x100);} + } + function sgc() { for(let i=0; i<0x10000; i+=1) {new String();} } + + function runNearStackLimit(f) { function t() { try { t(); } catch(e) { f(); } }; try { t(); } catch(e) {} } + function arkPrint(d) { print(JSON.stringify(d)); } + """, + + codeSuffix: """ + """, + + ecmaVersion: ECMAScriptVersion.es6, + + crashTests: ["fuzzilli('FUZZILLI_CRASH', 0)", "fuzzilli('FUZZILLI_CRASH', 1)"], + + additionalCodeGenerators: [ + (PrintGenerator, 40), + (RunNearStackLimitGenerator, 5) + ], + + additionalProgramTemplates: WeightedList([]), + + disabledCodeGenerators: [ + "EvalGenerator", + ], + + disabledMutators: [ + "ExplorationMutator", + "ProbingMutator", + + ], + + additionalBuiltins: [ + "runNearStackLimit" : .function([.function()] => .boolean), + "print" : .function([] => .undefined), + "arkPrint" : .function([] => .undefined), + "sgc" : .function([] => .undefined), + "bgc" : .function([] => .undefined), + + ], + + optionalPostProcessor: nil +) diff --git a/Sources/FuzzilliCli/Profiles/Profile.swift b/Sources/FuzzilliCli/Profiles/Profile.swift index 1a02a6dacb2bca1eedd5f760fcbba7e1c92fae12..468cf48212d40ed858075707e531eef2f80e6d8b 100644 --- a/Sources/FuzzilliCli/Profiles/Profile.swift +++ b/Sources/FuzzilliCli/Profiles/Profile.swift @@ -50,4 +50,5 @@ let profiles = [ "jerryscript": jerryscriptProfile, "xs": xsProfile, "v8holefuzzing": v8HoleFuzzingProfile, + "ark": arkProfile, ]