diff --git a/.gitignore b/.gitignore index 40ac3c50853c2807fb4bb866ab7bbac7591bc8e6..bc1556f6df386b0f2f79d47cd363bb6ca42ec322 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,4 @@ # ignore all compiled C files in the whitelisted folders **/*.o **/*.a +/src/vuln-2.1/ diff --git a/fuzzer/Fuzzer.java b/fuzzer/Fuzzer.java index 1645354276ea61f70f061835551307209cf59536..8b91a1afc6442435f71f9a464cde3f3cd10c27fa 100644 --- a/fuzzer/Fuzzer.java +++ b/fuzzer/Fuzzer.java @@ -13,7 +13,7 @@ import java.util.Scanner; /* a stub for your team's fuzzer */ public class Fuzzer { - // Blah - Test 3 + // Blah - Test 2 private static final String OUTPUT_FILE = "fuzz.txt"; @@ -146,8 +146,12 @@ public class Fuzzer { */ private static void addCountProb(Instruction instruction) { int index = instruction.ordinal(); - counts[index] += 1; - addProb[index] += instruction.getProbability(); + for (int i = 0; i < 12; i++) { + if (i != index) { + counts[i] += 1; + addProb[i] += Instruction.values()[i].getProbability(); + } + } } diff --git a/runCount.txt b/runCount.txt index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..c227083464fb9af8955c90d2924774ee50abb547 100644 --- a/runCount.txt +++ b/runCount.txt @@ -0,0 +1 @@ +0 \ No newline at end of file diff --git a/src/vuln-1/dc.c b/src/vuln-1/dc.c index 61eb0de4a1b94ee9f09c39246e35d13fec1408db..5f766a1a34875b628fc894e6dc10d8093f11f2bc 100644 --- a/src/vuln-1/dc.c +++ b/src/vuln-1/dc.c @@ -80,9 +80,9 @@ static node_t *node_new(const char *varname, const value_t value){ return new; } -/* updates a node's value in place: +/* updates a node's value in place: replaces p's value with that from q and frees q */ -static void node_edit_value(node_t * p, node_t *q){ +static void node_edit_value(node_t * p, node_t *q){ p->value = q->value; free(q->varname); free(q); @@ -104,7 +104,7 @@ static node_t * node_insert(node_t *p, node_t *q){ if (q == NULL){ return p; } - /* we store a pointer to a node pointer that remembers where in the + /* we store a pointer to a node pointer that remembers where in the tree the new node needs to be added */ node_t ** new = NULL; node_t * const start = p; @@ -192,11 +192,11 @@ const char WHITESPACE[] = " \t\r\n"; unsigned int tokenise(char *str, char * toks[], unsigned int toksLen){ unsigned numToks = 0; while (numToks < toksLen){ - /* strip leading whitespace */ + /* strip leading whitespace */ size_t start = strspn(str,WHITESPACE); if (str[start] != '\0'){ - toks[numToks] = &(str[start]); - + toks[numToks] = &(str[start]); + /* compute the length of the token */ const size_t tokLen = strcspn(toks[numToks],WHITESPACE); if (tokLen > 0){ @@ -293,7 +293,7 @@ nodeptr_list_t list_push(nodeptr_list_t lst, const node_t *p){ assert(n != NULL && "push: malloc failed"); n->p = p; n->next = lst.head; - n->prev = NULL; + n->prev = NULL; if (lst.head != NULL){ assert(lst.last != NULL); lst.head->prev = n; @@ -302,7 +302,7 @@ nodeptr_list_t list_push(nodeptr_list_t lst, const node_t *p){ lst.last = n; } lst.head = n; - + return lst; } @@ -358,7 +358,7 @@ void print_inorder(const node_t *p){ lst = list_push(lst,p->left); p = p->left; } - + // pop from the stack to simulate the return const node_t *q; lst = list_pop(lst,&q); @@ -375,16 +375,16 @@ void print_inorder(const node_t *p){ } } -/* save a node to the given file. +/* save a node to the given file. We save to the file a "push/store" combination for each node that will cause the node to be placed back into the dc when the file is read. */ void node_save(const node_t *p, FILE *f){ fprintf(f,"%s",INSTRUCTION_PUSH); fprintf(f," "); - fprintf(f,"%d",p->value); + fprintf(f,"%d",p->value); fprintf(f,"\n"); - + fprintf(f,"%s",INSTRUCTION_STORE); fprintf(f," "); fprintf(f,"%s",p->varname); @@ -431,12 +431,12 @@ int save_levelorder(const node_t *p, static int execute(void){ char * toks[4]; /* these are pointers to start of different tokens */ const unsigned int numToks = tokenise(inst,toks,4); - + if (numToks == 0){ /* blank line */ return 0; } - + if (strcmp(toks[0],INSTRUCTION_LOAD) == 0){ if (numToks != 2){ debug_printf("Expected 1 argument to %s instruction but instead found %u\n",INSTRUCTION_LOAD,numToks-1); @@ -449,17 +449,17 @@ static int execute(void){ debug_printf("Trying to load onto full stack\n"); return -1; } - stack_push(p->value); + stack_push(p->value); }else{ printf("Not found.\n"); } - + } else if (strcmp(toks[0],INSTRUCTION_STORE) == 0){ if (numToks != 2){ debug_printf("Expected 1 argument to %s instruction but instead found %u\n",INSTRUCTION_STORE,numToks-1); return -1; } - + if (stack_empty()){ debug_printf("Store from empty stack\n"); return -1; @@ -472,7 +472,7 @@ static int execute(void){ debug_printf("Expected 0 arguments to %s instruction but instead found %u\n",INSTRUCTION_ADD,numToks-1); return -1; } - + if (stack_size() < 2){ debug_printf("Add from insufficient stack\n"); return -1; @@ -487,7 +487,7 @@ static int execute(void){ debug_printf("Expected 0 arguments to %s instruction but instead found %u\n",INSTRUCTION_SUB,numToks-1); return -1; } - + if (stack_size() < 2){ debug_printf("Sub from insufficient stack\n"); return -1; @@ -502,7 +502,7 @@ static int execute(void){ debug_printf("Expected 0 arguments to %s instruction but instead found %u\n",INSTRUCTION_MULT,numToks-1); return -1; } - + if (stack_size() < 2){ debug_printf("Mult from insufficient stack\n"); return -1; @@ -517,7 +517,7 @@ static int execute(void){ debug_printf("Expected 0 arguments to %s instruction but instead found %u\n",INSTRUCTION_DIV,numToks-1); return -1; } - + if (stack_size() < 2){ debug_printf("Add from insufficient stack\n"); return -1; @@ -529,13 +529,13 @@ static int execute(void){ return -1; } stack_push(a/b); - + } else if (strcmp(toks[0],INSTRUCTION_POP) == 0){ if (numToks != 1){ debug_printf("Expected 0 arguments to %s instruction but instead found %u\n",INSTRUCTION_POP,numToks-1); return -1; } - + if (stack_empty()){ debug_printf("Pop from empty stack\n"); return -1; @@ -559,8 +559,8 @@ static int execute(void){ return -1; } stack_push(value); - - + + } else if (strcmp(toks[0],INSTRUCTION_REM) == 0){ if (numToks != 2){ debug_printf("Expected 1 argument to %s instruction but instead found %u\n",INSTRUCTION_REM,numToks-1); @@ -568,7 +568,7 @@ static int execute(void){ } debug_printf("Removing: %s\n",toks[1]); map = rem(map,toks[1]); - + } else if (strcmp(toks[0],INSTRUCTION_SAVE) == 0){ if (numToks != 2){ debug_printf("Expected 1 arguments to %s instruction but instead found %u\n",INSTRUCTION_SAVE,numToks-1); @@ -593,12 +593,12 @@ static int execute(void){ return -1; } stack_print(); - + }else{ debug_printf("Unrecognised instruction %s\n",toks[0]); return -1; } - + return 0; } @@ -606,7 +606,7 @@ static int execute(void){ is returned. Returns < 0 on failure. */ static int run(FILE *f){ assert(f != NULL); - + int instructionCount = 0; while (instructionCount < MAX_INSTRUCTIONS){ memset(inst,0,sizeof(inst)); @@ -650,7 +650,7 @@ static int run(FILE *f){ return instructionCount; }else{ /* see if we are at end of file by trying to do one more read. - this is necessary if the final line of the file ends in a + this is necessary if the final line of the file ends in a newline '\n' character */ char c; int res = fread(&c,1,1,f); @@ -694,7 +694,7 @@ int main(const int argc, const char * argv[]){ fprintf(stderr," use - to read from standard input\n"); exit(0); } - + for (int i = 1; i<argc; i++){ printf("Running on input file %s\n",argv[i]); FILE *f;