* introduce feedbacks hit tracking for testcases
* make Testcase::hit_feedbacks into Cow<&str> instead of String
rename get_hit_feedbacks to append_hit_feedbacks
update documentation
* simplify ConstFeedback
* rename Feedback::last_result to prev_result
* impl TODO prev_result for NewHashFeedback, ListFeedback, TransferredFeedback, NautilusFeedback
* rename prev_result to last_result
* add docs
* introduce Objectives hit tracking
* update docs
* update Cargo.toml docs
* update docs
* track Feedbacks & Objectives hit in Fuzzer::add_input
* fmt
* clippy
* fix type error in OomFeedback::last_result
* impl last_result for AsanErrorsFeedback
* add track_hit_feedbacks as a feature to libafl_libfuzzer_runtime
* fix clippy
* change return type of Feedback::last_result to a Result
* remove expect in NewHashFeedback::is_interesting
* move Error::premature_last_result to libafl from libafl_bolts
* Make every builder ::builder()
* Fix no_std
* More
* Fix clippy, stuff
* More fun
* Make NopShMem do something
* Alloc
* more fmt
* Remove UB in tinyinst executor builder
* Make builder order not matter for tinyinst
* More better
* fix
* docs
* fmt
* more fmt
* clippy
* fix fixes
* tiny thing
* more betterg
* more more
* more builder
* more builder
* more nyx
* undo breaking clippy
* clip
* Factor out `StageStack` from `StdState`
Refactoring for the sake of abstraction and maintainability.
Previously, the `stage_idx_stack` and `stage_depth` fields of
`StdState` had an implicit relationship to one another. This commit
reifies this relationship into a new `struct`. Its fields are hidden
from everything else in `StdState`. It `impl`s `HasCurrentStage` and
`HasNestedStageStatus`, which `impl`s now no longer have mutable access
to the whole state. The `impl`s for `StdState` just forward to these
ones.
Hopefully, this refactoring would make it easier to `impl State` for
other types in the future.
* Create `StageIdx` newtype
Like `CorpusId`, this is just a thin wrapper around `usize`.
* unused import
* Rename a few functions to be more about indices
* Rename Index to Id, fmt
* Move StageId around
---------
Co-authored-by: Langston Barrett <langston.barrett@gmail.com>
* add peek function to Corpus
* send 0 as next peek in NopCorpus
* rename peek to peek_next_free_id
* fix clippy
* add peek_next_free_id to libafl_libfuzzer
* impl peek_next_free_id for ArtifactCorpus
* Add BytesSubMutator that allows us to mutate sub-parts of a bytes-backed input
* no_std
* fix string mutator
* make build
* Fix clippy on macOS
* Docs
* More docs
* Better docs
* --amend
* Renamed bsi to sub_input. Too much BSI
* More more
* balance backticks
* Make splicing usable with sub_input (not that it makes sense)
* More annotations
* more input annotations?
* Implement HasMutatorBytes for &mut Vec
* clippy
* Use a wrapper type instead
* Add wrapper type for Vec as well
* Remove the duplicate BytesInput... lol
* Fixed infinite loop on SyncDiskStage
* cargo fmt
* added debug messages
* Add left to sync to metadata. Replace HashSet with Vec
* added check on state metadata to not crash in case it's None (start fuzzing without files to sync)
* fmt & clippy
---------
Co-authored-by: Dominik Maier <domenukk@gmail.com>
* add AFL stage names for calibration, colorization, power and sync stages
* clippy
* add missing name field in sync stage
* use consts instead of hardcoding in functions.
change set_name to with_name for PowerMutationalStage
remove irrelevant fn transforming
* make AFL++ name default for all stages
* WIP: windows frida
* frida-windows: fix hooks not present on windows
* windows: allow building using cargo xwin
* frida-windows: fmrt
* frida-windows: cleanup and allow asan/drcov on windows
* frida-windows: fmt
* frida-windows: fix clippy
* frida-windows: handle unknown exceptions gracefully
* frida-windows: rework shadow mapping algo
* frida-windows: add hook functions
* frida-windows: hook functions; fix stack register
* minibsod: enable for windows
* check_shadow: fix edge casees
* asan_rt: rework and add hooks for windows
* inprocess: add minibsod on windows
* Fix warnings
* minibsod: disable test on windows
* WIP: HookRuntime
* Cleanup after merge
* Bump frida-gum version
* Fix conflict marker; update frida
* Make winsafe windows-specific
* Fmt
* Format
* Better detection of clang++ (using cc)
* Make AsanErrors crate public so we can use it in tests
* Add helper to get immediate of operand
* Use HookRuntime to hook asan functions
Tests now passing
* fmt
* Implement recurisve jmp resolve
* Fix reversed logic
* windows_hooks: Don't die if functions are already replaced
* Allow utils to work on windows
* Enable allocator hooking on windows
* Warnings; add trace to free
* Make ASAN tests run windows (with cargo xwin compilation)
* Fmt
* clang-format
* clang-format
* Add more tests
* Fix partial range access bug in unpoisoning/shadow_check
* Merge main
* Fix check_shadow and implement unit tests
* Fix hooking and PC retrieval
* WIP: Working gdiplus fuzzing with frida-ASAN, no false positives
* LibAFL Frida asan_rt and hook_rt fixes for frida_windows (#2095)
* Introduce aarch64
* MacOS fix - MemoryAreas is broken on MacOS and just loops
* Introduce working aarch64 ASAN check
* Implement large blob
* Fix hook_rt for arm64
* Fix poison/unpoison
* Fix shadow check
* Update x86-64
* Fix aarch64 unused import
* Remove extraneous println statement
* merge main
* Fixes
* alloc: add tests, pass the tests
* HookRuntime before AsanRuntime, and don't Asan if Hooked
* hook_rt: Fixes
* Frida windows check shadow fix (#2159)
* Fix check_shadow and add additional tests
* add some additional documentation
* Revert to Interceptor based hooks
* fixes
* format
* Get rid of hook_rt; fixes
* clang-format
* clang-format
* Fix with_threshold
* fixes
* fix build.rs
* fmt
* Fix offset to RDI on stack
* Fix clippy
* Fix build.rs
* clippy
* hook MapViewOfFile
* fmt
* fix
* clippy
* clippy
* Missing brace
* fix
* Clippy
* fomrrat
* fix i64 cast
* clippy exclude
* too many lines
* Undo merge fails
* fmt
* move debug print
* Fix some frida things
* Remove unused frida_to_cs fn for aarch64
* name
* Don't touch libafl_qemu
---------
Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com>
Co-authored-by: Sharad Khanna <sharad@mineo333.dev>
Co-authored-by: Dominik Maier <domenukk@gmail.com>
Co-authored-by: Dominik Maier <dmnk@google.com>
* QEMU generic memory iterator + Refactoring
* Generic Memory Iterator (systemmode only for now): It is now possible to iterator over memory ranges, independently of the address kind
* Refactoring or Emulator / Qemu structures: they are now handled separately in different files
* Refactoring of Exit Handlers: Result / Error structs have been clarified
* Simple handler for signals
* add new `check-cfg` calls for libafl qemu
