fwupd/contrib/afl-fuzz.py

#!/usr/bin/python3
# SPDX-License-Identifier: LGPL-2.1+

import argparse
import sys
import subprocess
import os

def main():
    parser = argparse.ArgumentParser(description='Run afl-fuzz on all cores')
    parser.add_argument('--input', '-i', help='fuzzing input directory')
    parser.add_argument('--output', '-o', help='findings output directory')
    parser.add_argument('--command', type=str, help='fuzzer tool command')
    parser.add_argument('path', type=str, help='the fuzzer tool')
    args = parser.parse_args()
    if not args.input and not args.output:
        print('-i and -o required')
        return 1
    if not args.path:
        print('tool name required')
        return 1

    # create if not already exists
    if not os.path.exists(args.output):
        os.makedirs(args.output)

    # run the main instance
    envp = None
    argv = ['afl-fuzz', '-m300', '-i', args.input, '-o', args.output,
            '-M', 'fuzzer00', args.path]
    if args.command:
        argv.append(args.command)
    argv.append('@@')
    print(argv)
    p = subprocess.Popen(argv, env=envp)

    # run the secondary instances
    cs = []
    for i in range(1, os.cpu_count()):
        argv = ['afl-fuzz', '-m300', '-i', args.input, '-o', args.output,
                '-S', 'fuzzer%02i' % i, args.path]
        if args.command:
            argv.append(args.command)
        argv.append('@@')
        print(argv)
        cs.append(subprocess.Popen(argv, env=envp, stdout=subprocess.DEVNULL))

    # wait for the main instance
    try:
        p.wait()
    except KeyboardInterrupt as _:
        pass
    for c in cs:
        c.terminate()
    return 0

if __name__ == '__main__':
    sys.exit(main())