alwin.berger/FRET-LibAFL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,943 Commits 19 Branches 28 Tags
Commit Graph

123 Commits

Author SHA1 Message Date
Rowan Hart
5a6d683fed
Add an observer for COUNTERS_MAPS for 8-bit SanCov (#1283) 
* Add sancov multimap observer to sancov_8bit target

* Undo autofmt of Cargo.toml

* Fix formatting

* Fix import errors under no-default-features, add Safety to counters_maps_observer

* Make observer function no_mangle to allow it to easily be used in a staticlib crate

* Make clippy happy by using export_name instead of no_mangle

* Add observers feature flag and hide counters maps observer behind it

* Fix formatting
 2023-05-23 23:31:07 +02:00
Dongjia "toka" Zhang
6f21cb3848
Bump to 0.10.1 (#1280) 
* bmp

* remove DEBUG env var
 2023-05-22 12:42:36 +02:00
Dongjia "toka" Zhang
5b02fb420d
Fix CI (#1241) 2023-05-02 17:38:56 +02:00
Michael Rodler
95d1069393
Use sancov_8bit.rs for OwnedMutSlice (#1235) 
Co-authored-by: Michael Rodler <mrodler@amazon.de>
 2023-05-02 14:41:33 +02:00
Andrea Fioraldi
0f633962ff
Bump to 0.10.0 (#1156) 
* Bump to 0.10.0

* fix

* Fix CI

* Fix copyright

* fmt

---------

Co-authored-by: Dominik Maier <domenukk@gmail.com>
Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com>
 2023-04-05 17:49:53 +02:00
Dominik Maier
bbe4e85768
Removed new_ from constructors that don't need it (API consistency) (#1159) 
* Removed new_ from constructors that don't need it (API consistency)

* un-change python bindings
 2023-03-17 17:02:21 +01:00
Dongjia "toka" Zhang
4d778dd64d
Fix fuzz_level related thing, separate on_replace/on_remove from Scheduler & various fixes (#1119) 
* delete HasFuzzedCorpusId

* more

* fmt clp

* aa

* fixing

* delete

* a

* append parent id when Objective

* add HasCorpus inprocss executor

* ecofuzz, delete was_fuzzed, update fuzz_level

* fix

* RemovableScheduler for Tunable, Queue, Weighted

* clp

* no std

* import

* on_execution

* fix

* win

* fmt

* fix

* revert to on_evaluation and propogate in the accounting scheduler

* fix

---------

Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
 2023-03-08 19:43:32 +01:00
Dominik Maier
31357aa7e2
Track parent testcase id, tuneable stage probabilistic settings (#1081) 
* Added local event handlers

* clippy

* move tuned mutator to pow2

* Tunable updates

* parent ids

* no_std, etc

* windows

* remove local event manager handler

* maybe fix win

* win:

* win docs

* docs

* ASAN -> ASan
 2023-02-28 16:36:04 +01:00
Dongjia "toka" Zhang
59bf118a5a
Clippy (#1105) 2023-02-28 01:08:19 +09:00
Elsa Granger
44b69666da
Fix fuzzbench build (#1004) 
* Fix -z,defs handle

* Add libfuzzer_no_link_main option in libfuzzer

* Use libfuzzer_no_link_main for fuzzbench

* no_link_main feature

---------

Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
 2023-02-15 11:58:32 +01:00
Fabian Freyer
53dba5f49d
Use the log facade instead of println (#1060) 
* switched a couple of println / dbg statements to use log crate
* Use pyo3-log for logging in python bindings
 2023-02-14 10:01:51 +01:00
Dongjia "toka" Zhang
f9dd67b59b
Comment Fix 2023-01-31 19:40:58 +09:00
Andrea Fioraldi
fdf579bcd5
Bump to 0.9.0 (#946) 
* bump to 0.9.0

* fix libafl_tinyinst

* fix

---------

Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2023-01-31 10:42:01 +01:00
Dongjia "toka" Zhang
9458549fef
Remove declare -A (#976) 
* fix

* fix

* debug

* debug

* older version

* newer version

* fix

* unix?

* fix
 2022-12-30 02:02:38 +09:00
Erwan Grelet
3e38862837
Forkserver example with forkserver.c (#726) (#973) 
* forkserver: Add an API to setup the shared memory region for edge coverage

This is inspired from and meant to be similar to afl-cc's instrumentation.
Remove ! return type from __afl_start_forkserver as it returns in several cases.

* Add example fuzzer using LibAFL's forkserver

The fuzzer is instrumented with libafl_cc as well.

Co-authored-by: ergrelet <ergrelet@users.noreply.github.com>
 2022-12-28 22:16:27 +01:00
Dominik Maier
75f12bd0eb
Remodelling Observers/Examples that rely on UB, API cleanups (#950) 
* Tackling UB

* PtrMut -> MutPtr, moved mapobservers to non-UB

* QEMU fixes

* test fixes

* qemu

* Change all interfaces, fix all fuzzers

* fixes

* fix more fixes

* fmt

* fix qemu sugar

* fix some qemus

* atheris

* fmt

* more fmt

* most fmt

* more fix

* nyx fyx

* fix qemu

* clippy, fixes

* more fixes

* no unfix, only fix

* fix

* fix

* more clippy

* fixes

* ListObserver

* fmt, clippy

* fix qemu on arm

* update zlib target

* fix?

* fix

* added migration guide

* ignore doc

* fix symcc

* fix new win fuzzer

* Fixes, rename PTR_SIZE to PTR_NUM

* Try fix linking on win

* Trying to fix win linking

* more cov

* trying to fix win some more

* trying to fix mac

* trying to fix mac

* Fix tests

* Fix tests

* trying to fix win

* more mac

* giving up for windows

* fmt

* python3

* mac?

* undo windows tests
 2022-12-24 14:20:44 +01:00
Max Ammann
4d8b566a87
[Windows] Add libfuzzer example for windows with ASAN (#934) 
* Add libfuzzer example for window with ASAN

* Fix formatting

* Add link

* Fix cpp format

* Skip windows fuzzers

* Fix format

* Fix testing fuzzer

* Fix taks name

Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com>
Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2022-12-21 10:41:58 +01:00
Dominik Maier
68fbfc8914
Fix Clippy (#926) 
* Fix clippy

* undo comment fmt

* add unstracked nyx files to gitignore

* fix

* windows, no_std

* fix

* fix

* more

* macos

* remove doctest

Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com>
 2022-12-06 00:05:42 +09:00
Dongjia "toka" Zhang
93d99beecf
[Windows] Setup ASAN death callback (#908) 
* step 1

* i forgot to change this

* add handler

* doc

* fmt

* move to libafl_targets

* fix

* windows

* clp

* fix

* clp

* cfg

* fix

* clp

Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2022-12-04 18:56:56 +01:00
Andrea Fioraldi
c2776e117a
emu::current_cpu() is now the CPU that hitted the breakpoint in fullsystem (#910) 
* emu::current_cpu() is now kept after vm stop and it is the CPU that hitted the breakpoint

* clippy

* uninit

* clippy

* clippy

* clippy

* clippy

* nightly override in CI

* nightly override in CI

* components

* components

* targets

* targets

* clippy

* clippy

* clippy

* clippy

* clippy (again)

* MaybeUninit

Co-authored-by: Dominik Maier <dmnk@google.com>
 2022-11-25 11:57:08 +01:00
Addison Crump
0515eebbd2
Differential observers (#868) 
* reduce diffexecutor constraints for new (so it may be used in a manager-less environment)

* add differential observers

* finish differential observeration

* requirement for observers (weak), default impl for time observer

* make the map swapper, revisit how differentialobserver is implemented

* semi-specialise multimap, add example

* improve example slightly

* fix clippy lints

* fix last clippy issue

* better docs + example flow

* improve example: correct map sizing + multimap vs split slice

* correct some comments

* fix tests + slight bit more docs

* fix bindings

* fixups for the CI

* typo fix

Co-authored-by: Dominik Maier <domenukk@gmail.com>
Co-authored-by: Dominik Maier <dmnk@google.com>
 2022-11-20 23:56:23 +01:00
David CARLIER
f7f6392a4b
forkserver support attempt on freebsd (#898) 
Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com>
 2022-11-18 07:14:15 +09:00
Andrea Fioraldi
31077765de
Fix CI (#862) 
* Autofix with new clippy

* Clippy
 2022-10-26 09:41:08 +02:00
Dominik Maier
663a33168e
Associated types for Corpus, State (#767) 
* Associated types for Corpus, State

* cleanup

* fix no_std

* drop unused clauses

* Corpus

* cleanup

* adding things

* fixed fuzzer

* remove phantom data

* python

* progress?

* more more

* oof

* wow it builds?

* python fixes, tests

* fix python fun

* black fmt for python

* clippy, added Nop things

* fixes

* fix merge

* make it compile (#836)

* doc-test fixes, prelude-b-gone for cargo-hack compat

* fixes for windows, concolic

* really fix windows, maybe

* imagine using windows

* ...

* elide I generic when used with S: State

* Elide many, many generics, but at what cost?

* progress on push

* Constraint HasCorpus, HasSolutions at trait definition

* remove unused feature

* remove unstable usage since we constrained HasCorpus at definition

* compiled, but still no type inference for MaxMapFeedback

* cleanup inprocess

* resolve some std conflicts

* simplify map

* undo unnecessary cfg specification

* fix breaking test case for CI on no-std

* fix concolic build failures

* fix macos build

* fixes for windows build

* timeout fixes for windows build

* fix pybindings issues

* fixup qemu

* fix outstanding local build issues

* maybe fix windows inprocess

* doc fixes

* unbridled fury

* de-associate State from Feedback, replace with generic as AT inference is not sufficient to derive specialisation for MapFeedback

* merge update

* refactor + speed up fuzzer builds by sharing build work

* cleanup lingering compiler errors

* lol missed one

* revert QEMU-Nyx change, not sure how I did that

* move HasInput to inputs

* HasInput => KnowsInput

* update bounds to enforce via associated types

* disentangle observers with fuzzer

* revert --target; update some fuzzers to match new API

* resolve outstanding fuzzer build blockers (that I can run on my system)

* fixes for non-linux unixes

* fix for windows

* Knows => Uses, final fixes for windows

* <guttural screaming>

* fixes for concolic

* loosen bound for frida executor so windows builds correctly

* cleanup generics for eventmanager/eventprocessor to drop observers requirement

* improve inference over fuzz_one and friends

* update migration notes

* fixes for python bindings

* fixes for generic counts in event managers

* finish migration notes

* post-merge fix

Co-authored-by: Addison Crump <addison.crump@cispa.de>
 2022-10-24 03:22:26 +02:00
Andrea Fioraldi
089bc49d55
Bump to 0.8.2 and update versions script (#828) 2022-10-12 14:57:08 +02:00
Dominik Maier
94f0c7f56e
Moving to named parameters in format strings (#827) 
* autofix

* you're just asking for a clamping

* autofmt on linux

* fix nits

* change back nit

* unfixing as u64 for GuestAddr

* fix

* ignoring clippy for GuestAddress
 2022-10-11 13:45:01 +02:00
Dominik Maier
cc0c2f32ae
Additional errors only in test (#809) 2022-09-30 20:28:51 +02:00
Dongjia "toka" Zhang
d17269d3d5
Stability improve (#773) 
* initial

* add

* fmt & fix

* dbg remove

* clp

* clp

* more

* clippy

* del

* fix

* remove unused

* fix

* doc
 2022-09-12 18:08:07 +02:00
Dongjia "toka" Zhang
7257631ed5
Fix autotokens doc (#751) 
* fix

* remove wrong doc
 2022-08-28 17:14:41 +02:00
Dongjia Zhang
eac7307c5a
0.8.1 (#732) 2022-08-18 10:23:57 +02:00
Dongjia Zhang
5d9a19f955
Mac OS Autotokens (#723) 
* mac_tokens

* more

* win fix

* fmt

* fmt c
 2022-08-13 02:58:22 +02:00
syheliel
2504b6dae3
Add rustfmt.toml (#722) 
* add `rustfmt.toml`

* format fix

Co-authored-by: syheliel <syheliel@gmail.com>
 2022-08-12 02:28:32 +02:00
Dominik Maier
5a8bdae26f
Update requirements (#714) 
* Update requirements

* more updates

* nits

* more updates

* update nix for fuzzers

* use any regex 1 instead of 1.6
 2022-07-29 09:54:16 +02:00
Dongjia Zhang
667adf97ec
Fix Autotokens (#706) 
* fix

* del
 2022-07-20 21:01:11 +02:00
Dongjia Zhang
ffe8dbf6af
Bump to 0.8.0 (#696) 
* upd

* more
 2022-07-11 21:59:11 +02:00
Andrea Fioraldi
e7e82af52c
C forkserver logic in libafl_targets (#650) 
* C forkserver logic in libafl_targets

* fix, enabled apple

* disable apple

* fixes

Co-authored-by: Dominik Maier <dmnk@google.com>
 2022-05-31 14:56:59 +02:00
Dominik Maier
bfe69aea09
Format C/Cpp code in ./scripts/fmt_all.sh (#653) 
* format all (clang format 13)

* added clang-format check

* re-add missing newline

* cargo doc was missing

* more brackets

* fixed fmt workflow

* clang format

* shellcheck

* install clang-format-13

* update ubuntu for maximum clang-formattability

* yml whitespaces

* fmt

* shellcheck only for .sh

* oops path

* ignored shellcheck warning
 2022-05-29 03:23:02 +02:00
Dominik Maier
763ed9a3e5
Moved to no_std preamble (#643) 
* Moved to no_std preamble

* fixed use

* no_std targets

* derive no_std

* fix yml

* ci

* alf

* gitignore

* fix python build

* import cleanup

* nostd

* linux fix
 2022-05-27 01:04:29 +02:00
Dongjia Zhang
a02b90be44
Autotokens New PM (#605) 
* autotokens newpm

* typo

* fmt

* clp

* fix

* fix

* include &fmt

* include

* fmt

* llvm14 & clippy fix

* fix
 2022-05-09 18:41:53 +09:00
Andrea Fioraldi
e513b86df0
Backtrace in libafl::Error (#617) 
* backtrace errors

* qemu

* remove mopt-specific error

* fixes

* fixes

* duh

* clap

* clippy

* clippy

* clippy

Co-authored-by: Dominik Maier <dmnk@google.com>
 2022-05-05 15:52:37 +02:00
Andrea Fioraldi
bd23f7c916
Fix cmplog (#600) 2022-04-08 14:35:32 +02:00
Andrea Fioraldi
a03d733cf9
libafl_qemu decouple hooks from the executor and QemuForkExecutor (#528) 
* QemuHooks

* option state hooks

* QemuForkExecutor

* enforce no side effects in QemuForkExecutor

* child hooks fixes

* fixes

* qemu_launcher

* examples and fixes

* fix sugar

* clippy

* fmt

* no timeout for fuzzbench_fork_qemu

* Update libafl_qemu/src/hooks.rs

Co-authored-by: Alwin Berger <50980804+alwinber@users.noreply.github.com>

* clippy

Co-authored-by: Alwin Berger <50980804+alwinber@users.noreply.github.com>
 2022-02-15 22:11:24 +01:00
Dominik Maier
7dad2153e2
Clippy for Cargo (#532) 
* Clippy for Cargo

* clippy fixes

* clippy fixes

* edition

* fix

* wrong self hidden

* fix

* more clippy
 2022-02-11 14:34:01 +01:00
Andrea Fioraldi
f527aab15e
Non weak default sanitizers options functions (#519) 2022-02-03 10:44:23 +01:00
Andrea Fioraldi
dd002a081b
Implement coverage accounting (BB metric atm) (#507) 
* bb accounting llvm pass

* bb metric

* accoutning corpus scheduler

* fix warnings

* alloc

* clippy

* fix dockerfile

* clippy

* coverage accounting example

* finish CoverageAccountingCorpusScheduler

* fmt

* --libs in llvm-config

* merge
 2022-02-01 14:08:38 +01:00
Dominik Maier
6810e6085b
Builder for CommandExecutor & Tokens Refactoring (#508) 
* builder for CommandExecutor

* tokens api cleanup, clippy

* fix doctest

* cleanup

* added testcase, remodelled

* command executor builder fix

* fix fuzzer(?)

* implemented From for configurator

* nits

* clippy

* unused

* autotokens

* cleanup

* nits

* Err instead of empty tokens

* fix tokens fn

* fix err

* more error fixing

* tokens remodelling

* typo

* recoverable fail on missing autotokens

* clippy, nostd

* asslice, into_iter, etc. for tokens

* adapt fuzzers

* iter

* fixes, clippy

* fix

* more clippy

* no_std

* more fix

* fixed typo

* cmd_executor builds again

* bring back ASAN stuff to Command Executor

* forkserver speedup

* no need to static

* back to earlier
 2022-02-01 10:10:47 +01:00
Youssef
e307dfb16f
Implement backtrace observers for crash dedupe (#379) 
* create stacktrace observer

* create stacktrace feedback

* post-merge fixes

* address comments

* update Cargo.toml

* fix CI issue + dynamic naming

* duplicate baby_fizzer

* update stacktrace baby_fuzzer

* force unwinding tables

* ignore test dumps

* fix stacktrace baby_fuzzer logic

* upgrade Backtrace version

* trigger observers.post_exec in crash_handler

* implement NewHashFeedbackState and update logic

* digest symbols pointers

* cleanup

* minimal output

* fix backdated EventFirer generic param

* add baby_fuzzer example with a fork executor

* duplicate baby_fuzzer_stacktrace with forkexecutor

* backtrace collection implemented

* add c app fuzzer example with a fork executor

* group backtrace baby fuzzers

* added c code baby fuzzer with inprocess executor

* remove need for static COLLECT_BACKTRACE

* moved code to stacktrace.rs + fixed bug

* add comment

* add command executor fuzzer example

* post merge cleanup

* add missing doc

* address comment

* fix nit

* clean duplicate variable in timeout handler

* fix command executor bt collection

* clean code and use StdShMem

* cleanup

* add ObserverWithHashField + rename StacktraceObserver

* rename + refactor some code

* add CommandBacktraceObserver

* update command executor

* update baby fuzzers

* simplify BacktraceSharedMemoryWrapper

* use better names + static methods

* use std feature macro on BacktraceObserver + fix bug

* use Box in HashValueWrapper to minimize variants size diff

* use copy_from_slice

* std conditional backtrace collection

* fix std import

* fix comment

* add exit_kind to observer.post_exec

* added hash trait to Input

* collect backtrace in post_exec

* add crash handlers to InProcessForkExecutor

* fix panic message

* duplicate forkserver fuzzer example

minimal example

update

* proto bt collection working

* rename CommandBacktraceExecutor to ASANBacktraceExecutor

* refactor ASANBacktraceObserver

* support for forkserver working

* update fuzzer example

* less verbosity

* Post merge fixes

* implement hash for GeneralizedInput

* update forkserver example after merge

* clippy fixes

* fix inproc test

* fixes for cargo hack --feature-powerset

* fix baby_no_std

* implement Hash for NautilusInput

* update fork executor baby fuzzer

* fix doc

* implement Hash for PacketData

* fix windows build

* fix windows no_std

* fix backtrace baby fuzzers README

* add comments

* move setup_bt_panic to constructor

* pre/post child exec hooks in Observer

* setup_child_panic_hook

* fix ObserversOwnedMap on nightly

* add backtrace fuzzers to CI checks

* fix typo

* fix relative paths in test_all_fuzzers.sh

Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
 2022-01-31 15:58:15 +01:00
Andrea Fioraldi
408431ba5c
Fix libafl import features in libafl_targets (#495) 
* fix

* fix
 2022-01-26 22:29:25 +01:00
Dongjia Zhang
62614ce101
LLVM AutoTokens (#470) 
* posix dict2file llvm pass

* new PM

* working

* clean up

* fmt

* fix

* silence clippy

* bring the println back

* early return

* rename

* weak symbols

* linux onky

* fuzzbench change

* only linux

* linux only

* cfg

* cfg

* fix

* fix

* fix

* why

* fix

* bug fix

* rename

* rename

* macros & rename

* add_from_autotokens

* fix fuzzbench

* std -> core

* builder pattern?

* clippy

* wrong cfg

* cfgstd

* fuzzbench fmt

* no unsafe

* update fuzzbench_text

* use TokenSectiopn

Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
 2022-01-26 19:23:04 +01:00
Dominik Maier
77e5965e97
Add AsSlice, AsMutSlice traits, refactor MapObservers to be iterable, and have associated types (#477) 
* from warning

* fix latest clippy

* clippy fixes++

* renamed shmem parameters

* renamed map to shmem

* make forkserver executor work for any (non-system) shmem

* Mem -> ShMem

* rework windows

* fix nit

* fix symbolic

* refacctor map observers

* iterator for map observers

* removed unused ownedptr, added asslice trait to most functions

* make map entry type an associated type

* fix fuzzers

* fix docs

* typo fix

* fix windows, add try_from_slice to shmid

* missing import

* fix fuzzbench

* cleanup

* fmt

* more asslice

* fmt

* added doc link about token-level fuzzing

* cods
 2022-01-19 00:02:33 +01:00