diff options
| author | Joey Jiao <quic_jiangenj@quicinc.com> | 2024-09-05 15:32:08 +0800 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2024-12-05 09:39:11 +0000 |
| commit | d49ca8747d8174f229b838649098d8eb684dc75b (patch) | |
| tree | f7030d77586856070cc82bf4aee8d41f8be9a12f /pkg/manager | |
| parent | 8c1f5dac5b6b83bfc06469cd97e059050cbee144 (diff) | |
all: add /addcandidate rest api to upload new prog as candidate
ex to upload prog to syzkaller:
curl -s --noproxy 0.0.0.0 -F "file=@prog" http://0.0.0.0:8888/addcandidate
Diffstat (limited to 'pkg/manager')
| -rw-r--r-- | pkg/manager/http.go | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/pkg/manager/http.go b/pkg/manager/http.go index cbde6d151..6d4e2ac40 100644 --- a/pkg/manager/http.go +++ b/pkg/manager/http.go @@ -81,6 +81,7 @@ func (serv *HTTPServer) Serve() { handle("/vms", serv.httpVMs) handle("/vm", serv.httpVM) handle("/metrics", promhttp.HandlerFor(prometheus.DefaultGatherer, promhttp.HandlerOpts{}).ServeHTTP) + handle("/addcandidate", serv.httpAddCandidate) handle("/syscalls", serv.httpSyscalls) handle("/corpus", serv.httpCorpus) handle("/corpus.db", serv.httpDownloadCorpus) @@ -734,6 +735,46 @@ func (serv *HTTPServer) modulesInfo(w http.ResponseWriter, r *http.Request) { serv.jsonPage(w, r, "modules", cover.Modules) } +func (serv *HTTPServer) httpAddCandidate(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodPost { + http.Error(w, "only POST method supported", http.StatusMethodNotAllowed) + return + } + err := r.ParseMultipartForm(20 << 20) + if err != nil { + http.Error(w, fmt.Sprintf("failed to parse form: %v", err), http.StatusBadRequest) + return + } + file, _, err := r.FormFile("file") + if err != nil { + http.Error(w, fmt.Sprintf("failed to retrieve file from form-data: %v", err), http.StatusBadRequest) + return + } + defer file.Close() + data, err := io.ReadAll(file) + if err != nil { + http.Error(w, fmt.Sprintf("failed to read file: %v", err), http.StatusBadRequest) + return + } + prog, err := ParseSeed(serv.Cfg.Target, data) + if err != nil { + http.Error(w, fmt.Sprintf("failed to parse seed: %v", err), http.StatusBadRequest) + return + } + if !prog.OnlyContains(serv.Fuzzer.Load().Config.EnabledCalls) { + http.Error(w, "contains disabled syscall", http.StatusBadRequest) + return + } + var flags fuzzer.ProgFlags + flags |= fuzzer.ProgMinimized + flags |= fuzzer.ProgSmashed + candidates := []fuzzer.Candidate{{ + Prog: prog, + Flags: flags, + }} + serv.Fuzzer.Load().AddCandidates(candidates) +} + var alphaNumRegExp = regexp.MustCompile(`^[a-zA-Z0-9]*$`) func isAlphanumeric(s string) bool { |