Best Syzkaller code snippet using prog.MutateArg
init_iptables.go
Source:init_iptables.go
...25 } else {26 // TODO(dvyukov): try to restore original hook order after mutation27 // instead of assigning brand new offsets.28 arg = old29 calls = g.MutateArg(arg)30 }31 var tableArg *prog.GroupArg32 if hasUnion {33 tableArg = arg.(*prog.UnionArg).Option.(*prog.GroupArg)34 } else {35 tableArg = arg.(*prog.GroupArg)36 }37 numFileds := nonHookFields + 2*hookCount38 if len(tableArg.Inner) != numFileds {39 panic("wrong number of fields in netfilter table")40 }41 entriesArg := tableArg.Inner[numFileds-1].(*prog.GroupArg)42 if len(entriesArg.Inner) != 2 {43 panic("netfilter entries is expected to have 2 fields")44 }45 entriesArray := entriesArg.Inner[0].(*prog.GroupArg)46 // Collect offsets of entries.47 offsets := make([]uint64, len(entriesArray.Inner))48 var pos uint6449 for i, entryArg := range entriesArray.Inner {50 offsets[i] = pos51 pos += entryArg.Size()52 }53 if pos != entriesArray.Size() {54 panic("netfilter offsets are broken")55 }56 genOffset := func() uint64 {57 if g.Rand().Intn(100) == 0 {58 // Assign the underflow entry once in a while.59 // We have it in underflow hooks, so no point in using it frequently.60 return pos61 }62 return offsets[g.Rand().Intn(len(offsets))]63 }64 // Assign offsets to used hooks.65 for hook := hookStart; hook < hookStart+hookCount; hook++ {66 hookArg := tableArg.Inner[hook].(*prog.ConstArg)67 if hookArg.Type().(*prog.ConstType).Val == unused {68 continue // unused hook69 }70 hookArg.Val = genOffset()71 }72 // Assign offsets to used underflow entries.73 for hook := hookStart + hookCount; hook < hookStart+2*hookCount; hook++ {74 hookArg := tableArg.Inner[hook].(*prog.ConstArg)75 if hookArg.Type().(*prog.ConstType).Val == unused {76 continue // unused hook77 }78 hookArg.Val = pos79 }80 // Now update standard target jump offsets.81 prog.ForeachSubArg(arg, func(arg prog.Arg, _ *prog.ArgCtx) {82 if !strings.HasPrefix(arg.Type().Name(), `xt_target_t["", `) {83 return84 }85 targetArg := arg.(*prog.GroupArg)86 valArg := targetArg.Inner[3].(*prog.ConstArg)87 flagsType, ok := valArg.Type().(*prog.FlagsType)88 if !ok {89 return90 }91 if int64(valArg.Val) < 0 {92 for _, val := range flagsType.Vals {93 if val == valArg.Val {94 return // verdict95 }96 }97 }98 valArg.Val = genOffset()99 })100 return101}102func (arch *arch) generateEbtables(g *prog.Gen, typ prog.Type, dir prog.Dir, old prog.Arg) (103 arg prog.Arg, calls []*prog.Call) {104 if old == nil {105 arg = g.GenerateSpecialArg(typ, dir, &calls)106 } else {107 // TODO(dvyukov): try to restore original hook order after mutation108 // instead of assigning brand new offsets.109 arg = old110 calls = g.MutateArg(arg)111 }112 if g.Target().ArgContainsAny(arg) {113 return114 }115 hooksField, entriesField := 4, 7116 if g.Target().PtrSize == 8 {117 // Account for paddings.118 hooksField, entriesField = 5, 9119 }120 tableArg := arg.(*prog.UnionArg).Option.(*prog.GroupArg)121 entriesPtr := tableArg.Inner[entriesField].(*prog.PointerArg)122 if entriesPtr.Res == nil {123 return124 }...
init_vusb.go
Source:init_vusb.go
...47 if old == nil {48 arg = g.GenerateSpecialArg(typ0, dir, &calls)49 } else {50 arg = old51 calls = g.MutateArg(arg)52 }53 if g.Target().ArgContainsAny(arg) {54 return55 }56 id := randUsbDeviceID(g)57 bcdDevice := id.BcdDeviceLo + uint16(g.Rand().Intn(int(id.BcdDeviceHi-id.BcdDeviceLo)+1))58 devArg := arg.(*prog.GroupArg).Inner[0]59 patchGroupArg(devArg, 7, "idVendor", uint64(id.IDVendor))60 patchGroupArg(devArg, 8, "idProduct", uint64(id.IDProduct))61 patchGroupArg(devArg, 9, "bcdDevice", uint64(bcdDevice))62 patchGroupArg(devArg, 3, "bDeviceClass", uint64(id.BDeviceClass))63 patchGroupArg(devArg, 4, "bDeviceSubClass", uint64(id.BDeviceSubClass))64 patchGroupArg(devArg, 5, "bDeviceProtocol", uint64(id.BDeviceProtocol))65 configArg := devArg.(*prog.GroupArg).Inner[14].(*prog.GroupArg).Inner[0].(*prog.GroupArg).Inner[0]66 interfacesArg := configArg.(*prog.GroupArg).Inner[8]67 for i, interfaceArg := range interfacesArg.(*prog.GroupArg).Inner {68 interfaceArg = interfaceArg.(*prog.GroupArg).Inner[0]69 if i > 0 {70 // Generate new IDs for every interface after the first one.71 id = randUsbDeviceID(g)72 }73 patchGroupArg(interfaceArg, 5, "bInterfaceClass", uint64(id.BInterfaceClass))74 patchGroupArg(interfaceArg, 6, "bInterfaceSubClass", uint64(id.BInterfaceSubClass))75 patchGroupArg(interfaceArg, 7, "bInterfaceProtocol", uint64(id.BInterfaceProtocol))76 patchGroupArg(interfaceArg, 2, "bInterfaceNumber", uint64(id.BInterfaceNumber))77 }78 return79}80func randUsbDeviceID(g *prog.Gen) UsbDeviceID {81 totalIds := len(usbIds) / BytesPerUsbID82 idNum := g.Rand().Intn(totalIds)83 base := usbIds[idNum*BytesPerUsbID : (idNum+1)*BytesPerUsbID]84 p := strings.NewReader(base)85 var id UsbDeviceID86 if binary.Read(p, binary.LittleEndian, &id) != nil {87 panic("not enough data to read")88 }89 if (id.MatchFlags & USB_DEVICE_ID_MATCH_VENDOR) == 0 {90 id.IDVendor = uint16(g.Rand().Intn(0xffff + 1))91 }92 if (id.MatchFlags & USB_DEVICE_ID_MATCH_PRODUCT) == 0 {93 id.IDProduct = uint16(g.Rand().Intn(0xffff + 1))94 }95 if (id.MatchFlags & USB_DEVICE_ID_MATCH_DEV_LO) == 0 {96 id.BcdDeviceLo = 0x097 }98 if (id.MatchFlags & USB_DEVICE_ID_MATCH_DEV_HI) == 0 {99 id.BcdDeviceHi = 0xffff100 }101 if (id.MatchFlags & USB_DEVICE_ID_MATCH_DEV_CLASS) == 0 {102 id.BDeviceClass = uint8(g.Rand().Intn(0xff + 1))103 }104 if (id.MatchFlags & USB_DEVICE_ID_MATCH_DEV_SUBCLASS) == 0 {105 id.BDeviceSubClass = uint8(g.Rand().Intn(0xff + 1))106 }107 if (id.MatchFlags & USB_DEVICE_ID_MATCH_DEV_PROTOCOL) == 0 {108 id.BDeviceProtocol = uint8(g.Rand().Intn(0xff + 1))109 }110 if (id.MatchFlags & USB_DEVICE_ID_MATCH_INT_CLASS) == 0 {111 id.BInterfaceClass = uint8(g.Rand().Intn(0xff + 1))112 }113 if (id.MatchFlags & USB_DEVICE_ID_MATCH_INT_SUBCLASS) == 0 {114 id.BInterfaceSubClass = uint8(g.Rand().Intn(0xff + 1))115 }116 if (id.MatchFlags & USB_DEVICE_ID_MATCH_INT_PROTOCOL) == 0 {117 id.BInterfaceProtocol = uint8(g.Rand().Intn(0xff + 1))118 }119 if (id.MatchFlags & USB_DEVICE_ID_MATCH_INT_NUMBER) == 0 {120 id.BInterfaceNumber = uint8(g.Rand().Intn(0xff + 1))121 }122 return id123}124func (arch *arch) generateUsbHidDeviceDescriptor(g *prog.Gen, typ0 prog.Type, dir prog.Dir, old prog.Arg) (125 arg prog.Arg, calls []*prog.Call) {126 if old == nil {127 arg = g.GenerateSpecialArg(typ0, dir, &calls)128 } else {129 arg = old130 calls = g.MutateArg(arg)131 }132 if g.Target().ArgContainsAny(arg) {133 return134 }135 totalIds := len(hidIds) / BytesPerHidID136 idNum := g.Rand().Intn(totalIds)137 base := hidIds[idNum*BytesPerHidID : (idNum+1)*BytesPerHidID]138 p := strings.NewReader(base)139 var id HidDeviceID140 if binary.Read(p, binary.LittleEndian, &id) != nil {141 panic("not enough data to read")142 }143 devArg := arg.(*prog.GroupArg).Inner[0]144 patchGroupArg(devArg, 7, "idVendor", uint64(id.Vendor))...
MutateArg
Using AI Code Generation
1import (2func main() {3 target, err := prog.GetTarget("linux", "amd64")4 if err != nil {5 panic(err)6 }7 p := target.MakeProg()8 p1 := target.MakeProg()9 p2 := target.MakeProg()10 p3 := target.MakeProg()11 p4 := target.MakeProg()12 p5 := target.MakeProg()13 p6 := target.MakeProg()14 p7 := target.MakeProg()15 p8 := target.MakeProg()16 p9 := target.MakeProg()17 p10 := target.MakeProg()18 p11 := target.MakeProg()19 p12 := target.MakeProg()20 p13 := target.MakeProg()21 p14 := target.MakeProg()22 p15 := target.MakeProg()23 p16 := target.MakeProg()24 p17 := target.MakeProg()25 p18 := target.MakeProg()26 p19 := target.MakeProg()27 p20 := target.MakeProg()28 p21 := target.MakeProg()29 p22 := target.MakeProg()30 p23 := target.MakeProg()31 p24 := target.MakeProg()
MutateArg
Using AI Code Generation
1import (2func main() {3 target, err := sys.GetTarget("linux", "amd64")4 if err != nil {5 panic(err)6 }7 p := target.MakeProg()8 c := p.GenerateCall(call)9 p.Calls = append(p.Calls, c)10 fmt.Println(p.Serialize())11}12openat$fs(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)13mmap$fs(0x0, 0x0, 0x0, 0x0, 0xffffffffffffff9c, 0x0)
MutateArg
Using AI Code Generation
1import (2func main() {3 target, err := prog.GetTarget("linux", "amd64")4 if err != nil {5 panic(err)6 }7 p := target.MakeProg()8 c := target.MakeCall("open")9 a := target.MakeArg(ast.StringType)10 a.Data = []byte("/dev/null")11 c.MutateArg(a, 0)12 p.Calls = append(p.Calls, c)13 fmt.Println(p.Serialize())14}15open("/dev/null", 0x0, 0x0)16import (17func main() {18 target, err := prog.GetTarget("linux", "amd64")19 if err != nil {20 panic(err)21 }22 p := target.MakeProg()23 c := target.MakeCall("open")24 a := target.MakeArg(ast.StringType)25 a.Data = []byte("/dev/null")26 c.MutateArg(a, 0)27 p.Calls = append(p.Calls, c)28 p.MutateCall(c)29 fmt.Println(p.Serialize())30}31open("/dev/null", 0x0, 0x0)
MutateArg
Using AI Code Generation
1import (2func main() {3 target, err := ipc.DefaultTarget()4 if err != nil {5 panic(err)6 }7 p := target.MakeProg()8 fmt.Println("Initial program:")9 fmt.Println(p.Serialize())10 p.MutateArg(0, 1)11 fmt.Println("Mutated program:")12 fmt.Println(p.Serialize())13}14openat$fs(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0, 0x0)15openat$fs(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0, 0x1)16import (17func main() {18 target, err := ipc.DefaultTarget()19 if err != nil {20 panic(err)21 }22 p := target.MakeProg()23 fmt.Println("Initial program:")24 fmt.Println(p.Serialize())
MutateArg
Using AI Code Generation
1import (2func main() {3 target := prog.GetTarget("linux", "amd64")4 p := target.Generate(1, 0)5 fmt.Println(p.Serialize())6 p.Mutate()7 fmt.Println(p.Serialize())8}9#0: r0 = openat$dirfd$proc_self_fd(fd const[AT_FDCWD], file ptr[in, string["/proc/self/fd"]], flags flags[open_flags], mode const[0])10#1: r1 = openat$dirfd$proc_self_fd(fd const[AT_FDCWD], file ptr[in, string["/proc/self/fd"]], flags flags[open_flags], mode const[0])11#2: r2 = openat$dirfd$proc_self_fd(fd const[AT_FDCWD], file ptr[in, string["/proc/self/fd"]], flags flags[open_flags], mode const[0])12#3: r3 = openat$dirfd$proc_self_fd(fd const[AT_FDCWD], file ptr[in, string["/proc/self/fd"]], flags flags[open_flags], mode const[0])13#4: r4 = openat$dirfd$proc_self_fd(fd const[AT_FDCWD], file ptr[in, string["/proc/self/fd"]], flags flags[open_flags], mode const[0])14#5: r5 = openat$dirfd$proc_self_fd(fd const[AT_FDCWD], file ptr[in, string["/proc/self/fd"]], flags flags[open_flags], mode const[0])15#6: r6 = openat$dirfd$proc_self_fd(fd const[AT_FDCWD], file ptr[in, string["/proc/self/fd"]], flags flags[open_flags], mode const[0])16#7: r7 = openat$dirfd$proc_self_fd(fd const[AT_FDCWD], file ptr[in, string["/proc/self/fd"]], flags flags[open_flags], mode const[0])17#8: r8 = openat$dirfd$proc_self_fd(fd const[AT_FDCWD], file ptr[in, string["/proc/self/fd"]], flags flags[open_flags], mode const[0])
MutateArg
Using AI Code Generation
1import (2func main() {3 p := prog.InitTarget("linux", "amd64").Prog()4 call := p.MakeCall("open", []ast.Expr{5 &ast.UnaryExpr{6 X: &ast.BinaryExpr{7 X: &ast.BinaryExpr{8 X: &ast.BinaryExpr{9 X: &ast.BinaryExpr{Op: ast.BinOpSub, X: &ast.ConstExpr{Val: 0x10}, Y: &ast.ConstExpr{Val: 0x8}},10 Y: &ast.ConstExpr{Val: 0x2},11 },12 Y: &ast.ConstExpr{Val: 0x4},13 },14 Y: &ast.ConstExpr{Val: 0x2},15 },16 },17 &ast.UnaryExpr{18 X: &ast.BinaryExpr{19 X: &ast.BinaryExpr{20 X: &ast.BinaryExpr{21 X: &ast.BinaryExpr{Op: ast.BinOpSub, X: &ast.ConstExpr{Val: 0x10}, Y: &ast.ConstExpr{Val: 0x8}},22 Y: &ast.ConstExpr{Val: 0x2},23 },24 Y: &ast.ConstExpr{Val: 0x4},25 },26 Y: &ast.ConstExpr{Val: 0x2},27 },28 },29 })30 p.Calls = append(p.Calls, call)31 p.MutateArg(call, 1)32 fmt.Println(p.Serialize())33}34open(0x10
MutateArg
Using AI Code Generation
1import (2func main() {3 p := prog.InitTarget("linux/amd64", "test", "test")4 p.MutateArg(a, 1)5 fmt.Println(a)6}7import (8func main() {9 p := prog.InitTarget("linux/amd64", "test", "test")10 p.MutateCall(s, 1)11 fmt.Println(s)12}13import (14func main() {15 p := prog.InitTarget("linux/amd64", "test", "test")16 p.Mutate(1, 1)17 fmt.Println(p)18}19import (20func main() {21 p := prog.InitTarget("linux/amd64", "test", "test")22 s := p.Serialize()23 fmt.Println(s)24}25import (26func main() {27 p := prog.InitTarget("linux/amd64", "test", "test")28 s := p.Serialize()29 d := prog.Deserialize(s)
MutateArg
Using AI Code Generation
1import (2func main() {3p.MutateArg(1, 2)4fmt.Println("Result:", p.Result)5}6type Prog struct {7}8func (p *Prog) MutateArg(a, b int) {9}10The main function imports the prog package. The prog package is in a sub-directory of the main package. The prog package
Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.
You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.
Get 100 minutes of automation test minutes FREE!!