I am trying to compile CUPS version 2.4.2 with AFL++ instrumentation, following the instructions in part (e) of the AFL++ documentation here: https://aflplus.plus/docs/fuzzing_in_depth/#e-instrumenting-the-target.
I will post the commands I used to build as well as the error I got.
Here is what I used to build the code:
$ export LLVM_CONFIG="llvm-config-11"
$ CC=afl-clang-fast CXX=afl-clang-fast++ ./configure --disable-shared
$ make
and here is the resulting error:
Linking ippevepcl...
afl-cc ++3.00c by Michal Zalewski, Laszlo Szekeres, Marc Heuse - mode: LLVM-PCGUARD
/usr/bin/ld: ippevepcl.o: relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(raster-stubs.o): relocation R_X86_64_32 against `.text.cups_write_fd' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(raster-stream.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(string.o): relocation R_X86_64_32 against `.bss' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(transcode.o): relocation R_X86_64_32 against `.bss' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(array.o): relocation R_X86_64_32S against symbol `strcmp@@GLIBC_2.2.5' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(globals.o): relocation R_X86_64_32 against `.bss' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(http.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(http-addr.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(http-addrlist.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(http-support.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(langprintf.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(language.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(options.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(request.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(tls.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(usersys.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(auth.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(file.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(hash.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(ipp.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(ipp-support.o): relocation R_X86_64_32S against `.rodata.ippAttributeString' can not be used when making a PIE object; recompile with -fPIE
/usr/bin/ld: ../cups/libcups.a(md5.o): relocation R_X86_64_32 against `.rodata' can not be used when making a PIE object; recompile with -fPIE
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make[1]: *** [Makefile:170: ippevepcl] Error 1
make: *** [Makefile:45: all] Error 1
These are the actual flags that are being used according to the output of the 'make' command:
DEBUG- MFLAGS=-s
Using ARCHFLAGS=
Using ALL_CFLAGS=-I.. -D_CUPS_SOURCE -D_FORTIFY_SOURCE=2 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_THREAD_SAFE -D_REENTRANT -Wall -Wunused -Wno-char-subscripts -W
no-deprecated-declarations -Wno-format-y2k -Wno-switch -Wno-unused-result
Using ALL_CXXFLAGS=-I.. -D_CUPS_SOURCE -D_FORTIFY_SOURCE=2 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_THREAD_SAFE -D_REENTRANT -Wall -Wunused -Wno-char-subscripts
-Wno-deprecated-declarations -Wno-format-y2k -Wno-switch -Wno-unused-result
Using CC=afl-clang-fast
Using CXX=afl-clang-fast
Using DSOFLAGS=
Using LDFLAGS=
Using LIBS= -lssl -lcrypto -lz -lpthread -lm -lcrypt -lz
I am new to AFL++ and, to be honest, not very familiar with building from source. I successfully compiled other programs with AFL++ instrumentation on the same system (6.6.9-arch1-1) in the last few days.
If anyone sees what I'm doing wrong, any help is appreciated. If I have left out any important information please let me know.
I have also tried to compile with the 'afl-clang-lto' compiler as shown in part (e) of the AFL++ documentation I linked above, as follows:
$ CC=afl-clang-lto CXX=afl-clang-fast++ ./configure --disable-shared
$ make
This failed too, but with a different error:
Linking ppdc...
afl-cc ++3.00c by Michal Zalewski, Laszlo Szekeres, Marc Heuse - mode: LLVM-PCGUARD
/usr/bin/ld: ../cups/libcups.a: error adding symbols: archive has no index; run ranlib to add one
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make[1]: *** [Makefile:199: ppdc] Error 1
make: *** [Makefile:45: all] Error 1
Additionally, the program compiles without issue using regular GCC.
I eventually answered my own question. My mistake was in trying to compile the code in a docker container with an old version of AFL++. I found out after more experimentation that my original commands I used to compile work just fine with afl-c++ 4.09. It seems to be an issue with the version of afl-c++ or possibly some other configuration in my docker container. Sorry to spam answers here- I tried to delete my original post but it wouldnt let me.
To clarify, this works fine on up-to-date AFL++ install:
$ CC=afl-clang-fast CXX=afl-clang-fast++ ./configure --disable-shared
$ AFL_USE_ASAN=1 make