how to compile the openssl with parameter of "-target"

[Mambaboy]

Hi:
when I use the
"./config -target=/path -outdir=/path" to compile the openssl,
the output is
"clang-6.0: error: unknown argument: '-target=/path".
How to compile the openssl with aflgo?

[thuanpv]

Hi
This -target option only works with afl-clang-fast/afl-clang-fast++. It is not supported by normal clang. So please set CC and CXX environment variables to the afl-clang-fast and afl-clang-fast++ binaries inside your AFLGo build directory before compiling your subject programs.

You may need to move -target=/path to CFLAGS and/or CXXFLAGS as well. Please check our tutorial for libxml2 for more information.
Regards,
Thuan

[Mambaboy]

Yes, I have set CC and CXX as the tutorial .
But when compiling openssl, there is a moment executing a sentence as
"clang -Xclang -load -Xclang afl-llvm-pass.so -mllvm -targets /path/ -mllvm -outdir /path/ ... -c aes-x86_64.s -o aes-x86_64.o",
the clang won't load the afl-llvm-pass.so when compiling the *.s file, so that it outputs
"clang-6.0: error: unknown argument: '-target=/path".
How could I deal with this problem?
Thank you very much!

[thuanpv]

Hi,
I see the problem. Please apply the following patch to disable these options while compiling *.s files

diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c
index 9fd8ea4..d35800a 100644
--- a/llvm_mode/afl-clang-fast.c
+++ b/llvm_mode/afl-clang-fast.c
@@ -99,6 +99,15 @@ static void edit_params(u32 argc, char** argv) {
   u8 fortify_set = 0, asan_set = 0, x_set = 0, maybe_linking = 1, bit_mode = 0;
   u8 *name;

+  u8 is_assembly_code=0;
+
+  for (int i =1; i < argc; i++) {
+    if (strstr(argv[i], ".s") || strstr(argv[i], ".S")) {
+      is_assembly_code = 1;
+      break;
+    }
+  }
+
   cc_params = ck_alloc((argc + 128) * sizeof(u8*));

   name = strrchr(argv[0], '/');
@@ -142,8 +151,14 @@ static void edit_params(u32 argc, char** argv) {

     if (!strncmp(cur, "-distance", 9)
         || !strncmp(cur, "-targets", 8)
-        || !strncmp(cur, "-outdir", 7))
-      cc_params[cc_par_cnt++] = "-mllvm";
+        || !strncmp(cur, "-outdir", 7)) {
+      if(!is_assembly_code) {
+        cc_params[cc_par_cnt++] = "-mllvm";
+      } else {
+        continue;
+      }
+    }
+    

     if (!strcmp(cur, "-m32")) bit_mode = 32;
     if (!strcmp(cur, "-m64")) bit_mode = 64;

Thuan

[Mambaboy]

Thanks for your patch.
I apply this patch and the compile is successful!
But after the compiling, the Ftargets.txt is just empty!

The process is as following:

1. git clone https://github.com/openssl/openssl.git
2. git checkcout OpenSSL_1_0_1f
3. set the BBtargets.txt is
   t1_lib.c:2586
   s3_pkt.c:1092
   s3_both.c:457
   s3_srvr.c:941
   s3_srvr.c:357
   these information comes from https://github.com/google/fuzzer-test-suite/blob/master/openssl-1.0.1f/README.md
4. export AFLGO SUBJECT TMP_DIR CC CXX CFLAGS CXXFLAGS
   e.g. the CFLAGS is "-targets=/path/BBtargets.txt -outdir=/path -flto -fuse-ld=gold -Wl,-plugin-opt=save-temps "
5. make clean && make

After these operations, the compile is successful and get the BBcalls.txt BBnames.txt BBtargets.txt dot-files Fnames.txt.
But the output of Ftargets.txt is empty, which impedes the subsequent distance calculation.
I am very sorry to disturb you, can you give me some advise? Thank you!

[thuanpv]

Hi,
Your BBtargets file looks short. In our experiment, we used the following information to extract BBtargets automatically (refer to Step 5 of the tutorial)

Introducing commit: https://git.openssl.org/gitweb/?p=openssl.git&a=commit&h=4817504d069b4c5082161b02a22116ad75f822b1
Fixing commit: https://github.com/openssl/openssl/commit/96db9023b881d7cd9f379b0c154650d6c108e9a3

See: https://www.quora.com/Which-OpenSSL-commit-introduced-the-Heartbleed-vulnerability

Moreover, we used the test driver following this blog post: https://blog.hboeck.de/archives/868-How-Heartbleed-couldve-been-found.html

You can also take a look at #11