afl 相关逻辑

This commit is contained in:
even 2025-06-26 18:52:20 +08:00
parent a5e2e070a0
commit f87d5c6c4e
4 changed files with 19 additions and 6 deletions

View File

@ -96,6 +96,7 @@ public class AFLSlotCompileWorker extends DockerWorker {
String allCommand = "docker run -v "+ PipelineGlobalVariableConstant.AFL_VOLUME_WORK_DIR_PREFIX +":"+PipelineGlobalVariableConstant.AFL_DOCKER_BASE_DIR+" -it "+imageName+" bash\n" +
"cd "+PipelineGlobalVariableConstant.AFL_DOCKER_BASE_DIR+"\n"+// 进入到容器中的卷挂载目录
"mkdir -p "+workDir+"\n"+
"chmod -R o+rwx "+ workDir +"\n"+
"cd "+workDir+"\n"+handleZipFile(fileName);
Object commandScriptObj = taskProperties.get(AFLSlotCompileConstant.COMMAND_SCRIPT);
String commandScript = commandScriptObj instanceof String ? ((String) commandScriptObj) : null;
@ -135,8 +136,9 @@ public class AFLSlotCompileWorker extends DockerWorker {
private void putInCompileResult(TaskRunContext context,String path, PipResourceMachine machineInfo){
String host = machineInfo.getMachineHost();
String user = machineInfo.getPassword();
String password = machineInfo.getPassword();
String user = machineInfo.getUsername();
String password = CryptogramUtil.doDecrypt(machineInfo.getPassword());
append(context,"AFL编译完毕");
List<String> fileNameList = null;
try {
JSch jsch = new JSch();
@ -149,7 +151,7 @@ public class AFLSlotCompileWorker extends DockerWorker {
Vector<ChannelSftp.LsEntry> files = sftpChannel.ls(path);
fileNameList = new ArrayList<>(files.size());
for (ChannelSftp.LsEntry file : files) {
if (!file.getAttrs().isDir()) {
if (!file.getAttrs().isDir()&&!file.getFilename().contains(".")) {
fileNameList.add(file.getFilename());
}
}
@ -161,6 +163,7 @@ public class AFLSlotCompileWorker extends DockerWorker {
if (!CollectionUtils.isEmpty(fileNameList)&&context!=null) {
Map<String, Object> taskProperties = context.getGlobalVariables();
// 放入全局上下文中
append(context,"AFL编译完毕:"+JSON.toJSONString(fileNameList));
taskProperties.put(AFLSlotCompileConstant.COMPILE_RESULT,fileNameList);
}
}

View File

@ -36,8 +36,9 @@ public class AFLWorker extends DockerWorker {
//从taskProperties中获取资源id
String resourceType = taskProperties.get("resourceType").toString();
String resourceId = taskProperties.get("resourceId").toString();
String commandEnd = taskProperties.get("commandEnd").toString();
String imageName = taskProperties.get("imageName").toString();
String commandEnd = taskProperties.get("commandEnd") instanceof String ? ((String) taskProperties.get("commandEnd")) : null;
String imageName = taskProperties.get("imageName") instanceof String ? ((String) taskProperties.get("imageName")) : null;
String executableName = taskProperties.get("executableName") instanceof String ? ((String) taskProperties.get("executableName")) : null;
// 代码编译目录
String workDir = (String)globalVariables.get(PipelineGlobalVariableConstant.AFL_DOCKER_WORK_DIR_KEY);
// 入参目录
@ -45,6 +46,8 @@ public class AFLWorker extends DockerWorker {
if (StringUtils.isEmpty(seedPath) ||
StringUtils.isEmpty(workDir) ||
StringUtils.isEmpty(resourceId) ||
StringUtils.isEmpty(imageName) ||
StringUtils.isEmpty(executableName) ||
StringUtils.isEmpty(commandEnd) ||
StringUtils.isEmpty(resourceType)) {
// 缺少参数
@ -71,7 +74,7 @@ public class AFLWorker extends DockerWorker {
"cd " +PipelineGlobalVariableConstant.AFL_DOCKER_BASE_DIR+File.separator+workDir+ "\n"+
cdSourceName(fileName) +
"mkdir -p "+PipelineGlobalVariableConstant.AFL_DOCKER_BASE_DIR+File.separator+output+"\n" +
"afl-fuzz -i "+PipelineGlobalVariableConstant.AFL_DOCKER_BASE_DIR+File.separator+seedPath+" -o "+PipelineGlobalVariableConstant.AFL_DOCKER_BASE_DIR+File.separator+output+" "+commandEnd;
"afl-fuzz -i "+PipelineGlobalVariableConstant.AFL_DOCKER_BASE_DIR+File.separator+seedPath+" -o "+PipelineGlobalVariableConstant.AFL_DOCKER_BASE_DIR+File.separator+output+" "+ executableName + " " +commandEnd;
try {
//将节点的配置信息反编译成对象
log.info("AFL模糊测试执行脚本{}",commandScript);

View File

@ -5,11 +5,13 @@ import cd.casic.ci.process.engine.manager.RunContextManager;
import cd.casic.ci.process.engine.runContext.BaseRunContext;
import cd.casic.ci.process.process.service.variable.VariableService;
import jakarta.annotation.Resource;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
import java.util.Map;
@Service
@Slf4j
public class VariableServiceImpl implements VariableService {
@Resource
private RunContextManager contextManager;
@ -20,6 +22,7 @@ public class VariableServiceImpl implements VariableService {
return "";
}
Map<String, Object> globalVariables = context.getGlobalVariables();
log.info("当前全局变量:{}",globalVariables);
return globalVariables.get(varName);
}
}

View File

@ -36,6 +36,10 @@ public class SftpTest {
System.out.println(CryptogramUtil.doEncrypt("hnidc0327cn!@#xhh"));
}
@Test
public void ssh(){
System.out.println(CryptogramUtil.doDecrypt("cf917c4ff8463a54df75120e2ff802e8"));
}
@Test
public void getFileList(){
String host = "175.6.27.158";
String user = "ubuntu";