mirrors
/
unicorn
mirror of https://github.com/unicorn-engine/unicorn
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

two more testcases

This commit is contained in:
coco 2016-02-11 15:02:14 +01:00
parent c7a97ac0be
commit bfbe91834e
2 changed files with 55 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
tests/regress/mem_fuzz.c
View File

@ -44,14 +44,14 @@ uint64_t get_aligned_len(){
void perform_map_step(uc_engine *uc){
uint64_t addr = get_aligned_addr();
uint64_t len = get_aligned_len();
printf("map(0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
printf("map(uc,0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
uc_mem_map(uc, addr, len, UC_PROT_READ | UC_PROT_WRITE);
}
void perform_unmap_step(uc_engine *uc){
uint64_t addr = get_aligned_addr();
uint64_t len = get_aligned_len();
printf("unmap(0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
printf("unmap(uc,0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
uc_mem_unmap(uc, addr, len);
}
@ -60,7 +60,7 @@ void perform_write_step(uc_engine *uc){
memset(buff, 0, 4096*4);
uint64_t addr = get_addr();
uint64_t len = get_len()%(4096*3);
printf("write(0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
printf("write(uc,0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
uc_mem_write(uc, addr, buff, len);
}
@ -68,16 +68,16 @@ void perform_read_step(uc_engine *uc){
char* buff[4096*4];
uint64_t addr = get_addr();
uint64_t len = get_len()%(4096*3);
printf("read(0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
printf("read(uc,0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
uc_mem_read(uc, addr, buff, len);
}
void perform_fuzz_step(uc_engine *uc){
switch( ((uint32_t)rand())%2 ){
switch( ((uint32_t)rand())%4 ){
case 0: perform_map_step(uc); break;
case 1: perform_unmap_step(uc); break;
//case 2: perform_read_step(uc); break;
//case 3: perform_write_step(uc); break;
case 2: perform_read_step(uc); break;
case 3: perform_write_step(uc); break;
}
}

48
tests/unit/test_mem_map.c
View File

@ -158,6 +158,52 @@ static void test_strange_map(void **state)
uc_mem_unmap(uc, 0x0,0x1000);
}
void write(uc_engine* uc, uint64_t addr, uint64_t len){
uint8_t* buff = alloca(len);
memset(buff,0,len);
uc_mem_write(uc, addr, buff, len);
}
void read(uc_engine* uc, uint64_t addr, uint64_t len){
uint8_t* buff = alloca(len);
uc_mem_read(uc, addr, buff, len);
}
void map(uc_engine* uc, uint64_t addr, uint64_t len){
uc_mem_map(uc, addr, len, UC_PROT_READ | UC_PROT_WRITE);
}
void unmap(uc_engine* uc, uint64_t addr, uint64_t len){
uc_mem_unmap(uc, addr, len);
}
//most likely same bug as in test_strange_map, but looked different in fuzzer (sefault instead of assertion fail)
static void test_assertion_fail(void **state){
uc_engine *uc = *state;
map(uc,0x2000,0x4000); //5
unmap(uc,0x3000,0x2000); //11
map(uc,0x0,0x2000); //23
map(uc,0x3000,0x2000); //24
map(uc,0x9000,0x4000); //32
map(uc,0x8000,0x1000); //34
unmap(uc,0x1000,0x4000); //35
}
static void test_bad_offset(void **state){
uc_engine *uc = *state;
map(uc,0x9000,0x4000); //17
map(uc,0x4000,0x2000); //32
unmap(uc,0x5000,0x1000); //35
map(uc,0x0,0x1000); //42
map(uc,0x5000,0x4000); //51
map(uc,0x2000,0x1000); //53
map(uc,0x1000,0x1000); //55
unmap(uc,0x7000,0x3000); //58
unmap(uc,0x5000,0x1000); //59
unmap(uc,0x4000,0x2000); //70
}
@ -167,6 +213,8 @@ int main(void) {
test(test_basic),
//test(test_bad_read),
//test(test_bad_write),
test(test_bad_offset),
test(test_assertion_fail),
test(test_bad_unmap),
test(test_rw_across_boundaries),
test(test_unmap_double_map),