alwin.berger/FRET-LibAFL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,658 Commits 19 Branches 28 Tags
Commit Graph

1658 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrea Fioraldi
181160d80b Clone only one specific commit on libafl_qemu build.rs 2022-01-07 11:53:34 +01:00
Dongjia Zhang
87cd44b762
Use UserStats for Stability (#451) 
* stability:serstats

* tostring

* fix no_std

* fix

* fmt

* clippy
 2022-01-07 11:07:39 +01:00
Evan Richter
250ec8d1e0
Reduce generics for various Has* traits (#456) 
Specifically for Has{Rand,Corpus,Solutions,FeedbackStates}

The Has* family of traits offer getters and get-mut-ers. The previous
implementation had a fully generic return type:

    trait HasX<X: TraitX> {
        get_x(&self) -> &Self::X;
        get_mut_x(&mut self) -> &mut Self::X;
    }

meaning a single type could implement both `HasRand<Romu>` and
`HasRand<XorShift>`. The advantage of having multiple implementations is
not clear at this time, so it vastly simplifies the trait (and its
impls) to bring the return type in the body as an associated type:

    trait HasX {
        type X: TraitX;
        get_x(&self) -> &Self::X;
        get_mut_x(&mut self) -> &mut Self::X;
    }

This comes with the limitation that any type that impls these traits can
only do so once, choosing only one associated type.

* HasRand's only generic parameter (Rand) is now an associated type
* HasCorpus and HasSolutions are now only generic over the Input type
  they store
* HasFeedbackStates generic parameter now associated type
 2022-01-06 10:41:02 +01:00
Dominik Maier
30eb1508de
Add OwnedSlice::RefRaw to keep track of raw pointers (#448) 
* add OwnedSlice::RefRaw to keep track of raw pointers

* clippy

* fmt

* new from ownedref

* clippy

* OwnedSliceInner

* fix,From

* as_slice()

* fmt

* fix doc

* OwnedSliceMut

* fixes

* clippy

* fix

* ownedmut -> owned

* to owned

* to_owned -> clone

* removed comment

Co-authored-by: tokatoka <tokazerkje@outlook.com>
 2022-01-05 01:15:23 +01:00
Dominik Maier
6d9763c51f
Move to clap 3.0 (#447) 
* move to clap 3.0

* fix cargo.toml

* update symcc to use clap3
 2022-01-04 23:53:12 +01:00
Dominik Maier
a1a6d5f478
Disable pita 🥙 compiler in debug mode (#454) 2022-01-04 16:20:52 +01:00
Dongjia Zhang
674005fa61
Reorder type parameters in the correct order (#449) 
* alphabetical order

* revert

* revert

* fix
 2022-01-04 00:20:29 +01:00
Yerkebulan Tulibergenov
2de729a779
Fix a typo in TODO.md (#450) 2022-01-04 00:14:46 +01:00
s1341
1608294d0b
Various fixes related to frida mode (#445) 
* Fix lint errors

* Fix incorrect address for unfreed allocations when reseting

* Use hash for edge ids

* Fmt
 2022-01-03 10:41:52 +01:00
Evan Richter
9f6872ac68
[libafl_qemu] fix i386 Regs values (#444) 
The `Regs` enum was defined out of order, leading to incorrect results from `emu.read_reg`. I found the correct ordering defined here: https://github.com/AFLplusplus/qemu-libafl-bridge/blob/master/target/i386/cpu.h#L46-L54
 2022-01-03 10:41:29 +01:00
Dominik Maier
b9acac46d9
Cpu atomics for LLMP (#438) 
* atomic read for unmap

* send and recv

* switching to Atomics

* atomics

* bring back compiler_fence (maybe needed for signals?)

* only acquire mem if new msg is available

* unused compiler fence

* caching for msg ids to not have to read atomics as much

* fix build

* speed++

* only in a spinloop for the second try

* cleanup logs

* docu, error log
 2022-01-03 00:47:31 +01:00
Dominik Maier
af3d321213
Derive debug for all structs in LibAFL (#442) 
* documentation, warnings

* fixed docs

* docs

* no_std

* test

* windows

* nautilus docs

* more fixes

* more docs

* nits

* windows clippy

* docs, windows

* nits

* debug all the things

* derive debug for all core library components

* Docu for libafl_targets

* nits

* reordered generics

* add docs to frida, debug

* nits

* fixes

* more docu for frida, nits

* more docu

* more docu

* Sugar docs

* debug for qemu

* more debug

* import debug

* fmt

* debug

* anyap_debug feature no longer needed

* tidy up unused fn

* indicate if we left out values for struct debug

* implement Debug for sugar

* debug allthethings

* ci
 2022-01-03 00:47:17 +01:00
Dominik Maier
efc804fe7d
Updated dependencies (#443) 
* updated dependencies

* updated info in toml

* Windows fixes

* fixed immport

* u32 -> i32

* ignore i32 overflows in constants

* removed unused double allow
 2022-01-02 17:52:44 +01:00
Evan Richter
9f76386668
[libafl_qemu] prevent unneeded build.rs runs (#441) 
`libqasan/libqasan.so` never exists during a normal `cargo build` because the .so is built in the target_dir, not in the source directory. This was triggering cargo to rerun the build script every time a user of this library made an incremental change to their code.

pointing `rerun-if-changed` to a directory will make cargo rerun build.rs if any file in that directory changes.
 2022-01-02 01:03:35 +01:00
Dominik Maier
cb3662da54
Enable errors for missing docs, add documentation (#440) 
* documentation, warnings

* fixed docs

* docs

* no_std

* test

* windows

* nautilus docs

* more fixes

* more docs

* nits

* windows clippy

* docs, windows

* nits
 2022-01-01 19:51:27 +01:00
Dominik Maier
d669b063f4 clippy 2021-12-30 18:38:28 +01:00
Dongjia Zhang
b537539b54
Use MiMalloc for in-process fuzzers (#439) 
* MiMalloc

* docu

* other fuzzers

* mention asan
 2021-12-30 16:33:23 +01:00
s1341
b5153cc525
Frida various fixes (#436) 
* Make drcov post_exec dependent on whether drcov is enabled

* Fix find_smallest_fit algorithm

* Fix missing ?

* fix warnings

* fix

* todo for non-linux/android shadow, clippy

* typo

* removed unsupposted eq

* cleanup, docu

* libafl::Error

* fixed import

Co-authored-by: tokatoka <tokazerkje@outlook.com>
Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-12-29 18:47:33 +01:00
Evan Richter
e47c3be3fd
[libafl_qemu] fix build.rs (#435) 
I noticed qemu was only building on one core, so I debugged the jobs environment variable. Evidently cargo passes `CARGO_BUILD_JOBS` is passed to build.rs scripts as `NUM_JOBS`. Other env vars for build.rs can be found [here](https://web.mit.edu/rust-lang_v1.25/arch/amd64_ubuntu1404/share/doc/rust/html/cargo/reference/environment-variables.html#environment-variables-cargo-sets-for-build-scripts)
 2021-12-29 01:30:14 +01:00
s1341
eeac0f4f06
Fix strncmp hook to only check the length of the string (#434) 2021-12-28 10:00:44 +01:00
s1341
6384f1da95
Merge pull request #433 from AFLplusplus/frida_asan_max_total_allocation 
Implement max total allocation size for frida asan
 2021-12-27 11:49:40 +02:00
s1341
129cd0fe66
Merge pull request #432 from AFLplusplus/drcov_runtime 
DrCov Runtime
 2021-12-26 16:21:15 +02:00
s1341
2e92a34494 Reset total allocations on reset 2021-12-26 11:17:27 +02:00
s1341
11ae49b7cd Implement max total allocation size for frida asan 2021-12-26 10:44:25 +02:00
tokatoka
97c169fe63 init ranges later 2021-12-24 16:34:53 +09:00
tokatoka
e6434d2ec2 fmt 2021-12-24 15:46:27 +09:00
tokatoka
9cd0d2228c drcov runtime 2021-12-24 15:45:08 +09:00
Dominik Maier
6b5181250c
Drcov remodelling (#415) 
* drcov remodelling

* fmt

* fix

Co-authored-by: tokatoka <tokazerkje@outlook.com>
 2021-12-23 17:13:18 +01:00
Andrea Fioraldi
6274ad4594
Refactor libafl_qemu creating the Emulator struct and post syscall hooks (#430) 
* working without asan.rs

* working asan

* update fuzzers

* mremap in snapshot

* sugar

* python

* fix python

* clippy

* fmt

* fuck you loader
 2021-12-23 09:10:13 +01:00
Dongjia Zhang
d697554810
Other/User defined WIndows Exceptions (#402) 
* other exceptions

* add

* 46th

* fix

* fmt
 2021-12-21 19:18:58 +01:00
s1341
b0019ae4a9
Fix frida-mode for debug builds, ensure it will continue to work on release builds (#427) 
* Fix cfg directives so that we actually build on all combinations of release/debug x86_64/aarch64

* Include fuzzer for stalker purposes

* Get rid of cfg on use
 2021-12-21 14:30:47 +01:00
Andrea Fioraldi
785cddc1f0 Fix meson.build issue updating QEMU git hash 2021-12-21 12:42:41 +01:00
Andrea Fioraldi
208d69342d Update QEMU git hash 2021-12-21 11:35:06 +01:00
Andrea Fioraldi
d2bc09a31b Format 2021-12-21 11:28:08 +01:00
Andrea Fioraldi
0cce1e2b91 Update fuzzbench and fuzzbench_qemu, delete fuzzbench_gsoc 2021-12-21 11:26:04 +01:00
Dongjia Zhang
2aa0ca5ef1
Frida shadow fix (#425) 
* map_to_shadow

* fix map_to_shadow

* aarch64 change?

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* use

* revert

* s1341's change

* Fix shadow calculation in instrumented code

* Fix asan error output to be more accurate

Co-authored-by: s1341 <github@shmarya.net>
 2021-12-20 10:51:45 +01:00
van Hauser
1f24ad0b65
Implement AflMap (#416) 
* aflmap

* nits

* nits

* switch implementation

* clippy

* set fuzzbench fuzzer to afl map

* fix monitor display

* Remove MapFindFilter and fix names

* AndReducer

* fixed testcase

* always inline

* remove inline(always)

Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-12-16 14:19:39 +01:00
Dongjia Zhang
6e59e5bdc7
Frida Refactor: Separate Frida other helper functions into each Runtime (#418) 
* separate asan

* fmt

* move asan out of helper.rs

* fmt

* move cmplog out of helper.rs

* fmt

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* final fix & fmt

* Fix unused imports

* Fmt

* rename files

* fix Makefile

* fmt

* clippy

Co-authored-by: s1341 <github@shmarya.net>
Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-12-16 14:16:01 +01:00
Dongjia Zhang
79f9bcd3e0
Use AddVectoredExceptionHandler to register exception handlers (#403) 
* add

* unix fix

* unsafe positions

* another unsafe!

* ignore

* ignore

* make changes back

* fix

* fix

* fmt

* exception fix

* fix

* bug fix

* fmt

* fix things messed up during merge

* stack overflow fix

* fix

* fix

* fix

Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-12-16 11:15:24 +01:00
s1341
d93f97309a
Open the stdout-file once (#419) 
Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-12-16 11:12:40 +01:00
Dominik Maier
abfdb619a8 Remove cpp from CodeQL 2021-12-15 23:43:56 +01:00
Dominik Maier
d1eaf07423
Create codeql-analysis.yml 2021-12-15 23:38:27 +01:00
Dominik Maier
88e07a8d37 CI galore 2021-12-15 23:34:42 +01:00
Dominik Maier
d3245de5bd Even more CI 2021-12-15 21:37:22 +01:00
Dominik Maier
e72c579ebc more CI fixes 2021-12-15 19:07:43 +01:00
Dominik Maier
304eda724f
Various fixes for CI (#423) 
* Various fixes

* fix try_from for cores

* no_std
 2021-12-15 18:11:40 +01:00
Dominik Maier
a8845ccbe7
Fix makefile for frida_libpng (#422) 
* fix Makefile

* revert unfinished changes from #418

Co-authored-by: tokatoka <tokazerkje@outlook.com>
 2021-12-15 12:30:33 +01:00
Dominik Maier
217a7dee1d
Use Structopt instead of yaml for example fuzzers, introduce Cores API (#420) 
* reworked generic_inmemory to structopt

* moved core parsing to a struct

* added Cores

* added structopt to libpng_ctx

* improved libafl, added structopt to libpng launcher

* fix deexit ub

* move more to structopt

* improve llvm-config detection

* move construct_automata to structopt

* clippy, fixes, ...

* no_std

* clippy

* frida core parsing

* fixed no-fork cores

* updated clap

* added missing import

* missing borrow

* reworked frida to structopt

* fixed build

* using Cores api for atheris

Co-authored-by: Dominik Maier <d.maier@avm.de>
 2021-12-15 03:58:35 +01:00
Andrea Fioraldi
b4c2551544
Debug output for forkserver (#413) 
* usability fixes for forkserver

* don't call target_bytes twice in TimeoutForkserverExecutor

* don't call target_bytes twice in ForkserverExecutor
 2021-12-10 14:52:23 +01:00
Dongjia Zhang
4aa6550bf2
Clap: use help instead of about (#417) 2021-12-10 05:04:32 +01:00