alwin.berger/FRET-LibAFL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,541 Commits 19 Branches 28 Tags
Commit Graph

464 Commits

Author SHA1 Message Date
Dominik Maier
efc804fe7d
Updated dependencies (#443) 
* updated dependencies

* updated info in toml

* Windows fixes

* fixed immport

* u32 -> i32

* ignore i32 overflows in constants

* removed unused double allow
 2022-01-02 17:52:44 +01:00
Dongjia Zhang
b537539b54
Use MiMalloc for in-process fuzzers (#439) 
* MiMalloc

* docu

* other fuzzers

* mention asan
 2021-12-30 16:33:23 +01:00
s1341
b5153cc525
Frida various fixes (#436) 
* Make drcov post_exec dependent on whether drcov is enabled

* Fix find_smallest_fit algorithm

* Fix missing ?

* fix warnings

* fix

* todo for non-linux/android shadow, clippy

* typo

* removed unsupposted eq

* cleanup, docu

* libafl::Error

* fixed import

Co-authored-by: tokatoka <tokazerkje@outlook.com>
Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-12-29 18:47:33 +01:00
Andrea Fioraldi
6274ad4594
Refactor libafl_qemu creating the Emulator struct and post syscall hooks (#430) 
* working without asan.rs

* working asan

* update fuzzers

* mremap in snapshot

* sugar

* python

* fix python

* clippy

* fmt

* fuck you loader
 2021-12-23 09:10:13 +01:00
Andrea Fioraldi
d2bc09a31b Format 2021-12-21 11:28:08 +01:00
Andrea Fioraldi
0cce1e2b91 Update fuzzbench and fuzzbench_qemu, delete fuzzbench_gsoc 2021-12-21 11:26:04 +01:00
van Hauser
1f24ad0b65
Implement AflMap (#416) 
* aflmap

* nits

* nits

* switch implementation

* clippy

* set fuzzbench fuzzer to afl map

* fix monitor display

* Remove MapFindFilter and fix names

* AndReducer

* fixed testcase

* always inline

* remove inline(always)

Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-12-16 14:19:39 +01:00
Dongjia Zhang
6e59e5bdc7
Frida Refactor: Separate Frida other helper functions into each Runtime (#418) 
* separate asan

* fmt

* move asan out of helper.rs

* fmt

* move cmplog out of helper.rs

* fmt

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* fix

* final fix & fmt

* Fix unused imports

* Fmt

* rename files

* fix Makefile

* fmt

* clippy

Co-authored-by: s1341 <github@shmarya.net>
Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-12-16 14:16:01 +01:00
Dominik Maier
88e07a8d37 CI galore 2021-12-15 23:34:42 +01:00
Dominik Maier
d3245de5bd Even more CI 2021-12-15 21:37:22 +01:00
Dominik Maier
e72c579ebc more CI fixes 2021-12-15 19:07:43 +01:00
Dominik Maier
304eda724f
Various fixes for CI (#423) 
* Various fixes

* fix try_from for cores

* no_std
 2021-12-15 18:11:40 +01:00
Dominik Maier
a8845ccbe7
Fix makefile for frida_libpng (#422) 
* fix Makefile

* revert unfinished changes from #418

Co-authored-by: tokatoka <tokazerkje@outlook.com>
 2021-12-15 12:30:33 +01:00
Dominik Maier
217a7dee1d
Use Structopt instead of yaml for example fuzzers, introduce Cores API (#420) 
* reworked generic_inmemory to structopt

* moved core parsing to a struct

* added Cores

* added structopt to libpng_ctx

* improved libafl, added structopt to libpng launcher

* fix deexit ub

* move more to structopt

* improve llvm-config detection

* move construct_automata to structopt

* clippy, fixes, ...

* no_std

* clippy

* frida core parsing

* fixed no-fork cores

* updated clap

* added missing import

* missing borrow

* reworked frida to structopt

* fixed build

* using Cores api for atheris

Co-authored-by: Dominik Maier <d.maier@avm.de>
 2021-12-15 03:58:35 +01:00
Dongjia Zhang
4aa6550bf2
Clap: use help instead of about (#417) 2021-12-10 05:04:32 +01:00
Dongjia Zhang
a96e01fda5
Fix forkserver_simple clap issue (#412) 2021-12-10 03:38:42 +01:00
van Hauser
4a23489acb
Implement unstable edge detection+ignore in calibration stage (#398) 
* step 1 for unstable calibration

* fmt

* fixed build

* done unstable implementation

* clippy

* finishing touches for unstable

* no_std

* fmt

* event mgr stablity

* fixed stability value

* displaying

* no_std

* fixed critical whitespace

* send msg only after calibration

* clippy

* Added log to mgr

* moved stability to state

* fix introspection

* space

* fixed docs

Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-12-08 09:54:47 +01:00
Dominik Maier
83583a867f
QEMU target arch selector via feature flag (#405) 
* QEMU target arch selector via feature flag

* fix ci

* fixing ci some mmore

* more ci fixes, defaulting to x86_64 always

* more ci

* i368 -> i386 typo fix

* revert forkserver changes

* trying to fix clippy

* docs

* fixed warnings

* more clippy action

* qemu example arch

* bring back deprecated function I don't know how to replace

* get rid of deprecated feature again'

* builds?i
 2021-12-06 20:06:47 +01:00
Dongjia Zhang
bfcb86a2e4
Forkserver example updated (#404) 2021-12-06 13:48:41 +01:00
Dongjia Zhang
62291654bd
Frida_libpng document change (#401) 
* change

* change
 2021-12-04 16:19:41 +01:00
Dongjia Zhang
30f8fd44ef
Better forkserver example (#399) 
* better example

* fmt
 2021-12-04 16:17:38 +01:00
Dominik Maier
a0ce4cfd68
Ignored qemu fuzzer for non-linux (#397) 
* ignored qemu fuzzer for non-linux

* fixed cfg

* ignore rm -rf errors in make short_test (fuck you macos)

Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
 2021-12-02 11:48:35 +01:00
Andrea Fioraldi
37b8cb0d2f Bump to 0.7 2021-12-01 17:22:09 +01:00
Andrea Fioraldi
2fb1c3520a
More LLVM passes from AFL++ (#394) 
* afl coverage pass

* working ctx coverage

* MAYBE_THREAD_LOCAL

* doh

* fix for msvc

* ci

* clippy

* atheris

* thread_local
 2021-12-01 13:27:39 +01:00
Toka
6cd2d69bfc
fix (#388) 2021-11-23 17:01:08 +01:00
Dominik Maier
e978b4f281 fmt 2021-11-17 18:14:15 +01:00
Toka
fd869ba1cd
Frida Refactor: Frida executor (#374) 
* frida executor

* add files

* fmt & clippy

* fmt

* fix

* fmt

* fix & fmt
 2021-11-17 12:51:39 +01:00
Dominik Maier
ba969108e3
Push stage trait (#380) 
* rpush mutational trait

* tiny changes

* started PushStageAdapter

* fmt

* refactoring

* fix docs

* no_std

* formatted more
 2021-11-17 12:51:14 +01:00
Andrea Fioraldi
fd5e793e57
libafl_qemu cpu_target cfg (#383) 
* cpu_target

* report

* track mmap in x64 snapshots
 2021-11-17 12:50:10 +01:00
Andrea Fioraldi
00d38dc535
AddressSanitizer for libafl_qemu (#378) 
* build libqasan

* asan runtime

* working simple asan

* init_with_asan

* fmt

* incomplete instr filter

* harden dealloc

* clippy
 2021-11-16 13:53:28 +01:00
Toka
c7512fceec
Frida Refactor: Split FridaHelper into each Runtime (#368) 
* dynasm maybe_log

* create coverage_rt, trim helper

* add

* amd64 working

* aarch64 instrumentation, untested

* asan dir

* Revert "asan dir"

This reverts commit c7afc784819072d9fa7b8ce23adb7c9f07a21b10.

* non x86_64 fix

* clippy

* change

* change

* fix

* Fix aarch64-linux-android build

* Fix aarch64 execution

* Fix fmt

Co-authored-by: s1341 <github@shmarya.net>
 2021-11-16 12:30:34 +01:00
Toka
23f02dae12
Fix api (#376) 
* Fix api

* change fuzzers
 2021-11-12 19:10:53 +01:00
Toka
c96474e0b9
Reachability fuzzer fix (#346) 
* fix

* env var

* readme
 2021-11-12 18:13:38 +01:00
Dominik Maier
62afed61e2
Renamed Stats to Monitors (#373) 
* renamed stats to monitors

* added depreciation notices

* resorted generics alphaabetically

* added monitors

* fmt fuzzers

* added depreciation note for usermonitor

* fmt all fuzzers script

* more fmt

* renamed some monitor things back to stats

* fixed rename
 2021-11-12 11:01:08 +01:00
Dominik Maier
3e85cf22de
Mutational Push Stage (#356) 
* initial commit for push stage

* cleanup, no_std, clippy

* clippy

* fuzzes

* readme

* fmt
 2021-11-11 01:49:38 +01:00
Andrea Fioraldi
b4e15fe9f3
Bridge grammartec from Nautilus to libafl (#342) 
* nautilus dep

* nautilus generation

* fix mutator

* start new mutator for nautilus

* other mutators

* baby

* ci

* NautilusFeedback

* fix unparse

* ci

* ci

* ci

* ci

* nigghtly clippy

* ci

* fix

* ci

* ci

* update construct automatata

* fix

* ci

* clippy

* clippy

* nightly clippy

* more clippy

* minor clippy

Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-11-06 02:21:53 +01:00
Dominik Maier
ea820a1694
Fork feature flag to disable fork in Launcher (#351) 
* Fork feature flag to disable fork in launcher

* FnOnce instead of FnMut

* cleanup

* fix no_std

* doc/warning fix

* useless clippy fix
 2021-11-05 17:26:49 +01:00
expend20
1ea95e73f4
(#354) 
Co-authored-by: expy <expy@>
 2021-11-05 14:50:44 +01:00
expend20
5000558f71
Readme impromevent in frida_libpng fuzzer. (#350) 
Co-authored-by: expy <expy@>
 2021-11-05 13:46:19 +01:00
Andrea Fioraldi
d1700f8775
Refcnt for MapIndexesMetadata (#348) 
* refcnt for MapIndexesMetadata

* fix clippy
 2021-11-05 12:14:57 +01:00
Toka
bf67b6ca76
Frida Address Sanitizer for x86_64 (#331) 
* remove libafl_tests

* fmt

* fix

* fix

* fix

* first

* width

* start working on runtime side

* experimental c code for generate_shadow_check_function

* generate shadow_check_blob

* add

* debuggin

* fix

* passes assert tests

* cargo fmt

* generate_shadow_check_blob, untested

* save flags

* add

* make registers numbers a const

* register frames?

* comment

* debugging memcpy

* fix a bug, more to come

* finally error removed

* finally working function hooking & clean up

* fix for arm & update stub

* fix

* blob

* blob_check_mem works? (at least no errors) & fmt

* add an link to show how the asm code are generated

* put probe code for aarch64 back & clippy

* fmt

* still blob emitting errors

* fmt

* now that blob works?

* stack alignment

* testing speed with hook_function only

* comment some printlns out

* small fix: ignore rep, jmp to current_report_impl iff blob_check_mems are emitted

* make rip accessible by pc()

* Program counter accessors for both arch

* fmt

* fix

* fix offset

* retrieve accessed memory addr, r/w rip

* inspect the fault triggering instruction

* AsanError Classification

* clippy fixes

* pass basereg/indexreg/disp to AsanErros

* update asanerrors for amd64

* clippy

* fmt

* use frida/frida-rust

* just use 44

* fix debug build

* fix

* fix

* crate.io

* change

* fmt
 2021-11-05 06:37:28 +01:00
Andrea Fioraldi
eca605bf01
MultiMapObserver and sancov 8bit-counters instrumentation (#343) 
* MultiMapObserver and 8bit instrumentation

* fix test

* clippy

* fix

* fix tutorial

* sancov_8bit targets feature
 2021-11-04 10:08:50 +01:00
Jordan McLeod
3d436b7519
Upgrade to Rust 2021 Edition (#340) 
* Enable missing const_xxh3 feature

* Move to Rust 2021 Edition

* Fix clippy complaints

* Remove imports made unecessary in 2021 edition
 2021-11-04 09:59:49 +01:00
Dominik Maier
12c470a707
Atheris example to fuzz Python Code (#300) 
* initial atheris libfuzzer harness

* cmplog, kinda

* added makefile to generic_inmemory

* Makefile for atheris fuzzer

* moved away from clap yaml

* fixed arg parsing

* fuzzing

* ldpreload lib to replace exit with abort

* fixed docker, docs

* fix docker some more

* better documentation

* less commented out important things

* Make makefile less crashy
 2021-11-03 10:13:05 +01:00
Andrea Fioraldi
2055eabede
Port gramatron preprocessing to Rust (#341) 
* grammatron random mut

* import String from alloc

* gramatron

* grammar preprocess scripts

* clippy

* fix construct_automata.py

* splice mutator

* fix

* clippy

* recursion mutator

* recursion mut in example

* clippy

* fix

* clippy

* grammars

* fix gramatron

* fmt
 2021-10-28 10:37:31 +02:00
Dominik Maier
3f1130a8a4
fixes for frida mode for win and checks in rust 1.56 (#334) 
* fixes for frida mode for win

* missing bracket

* fix docs

* fix docs, add windows ci

* disable breaking ci
 2021-10-25 11:49:34 +02:00
Andrea Fioraldi
77e0be218a
Gramatron (#332) 
* grammatron random mut

* import String from alloc

* gramatron

* grammar preprocess scripts

* clippy

* fix construct_automata.py

* splice mutator

* fix

* clippy

* recursion mutator

* recursion mut in example

* clippy

* fix

* clippy

* grammars
 2021-10-21 16:33:40 +02:00
julihoh
2e55d24f5a
update deps (#327) 
* experimental update deps

* Reverted to rand-core 0.5.1 for Lain compatibility

* updated nix

* less strict libc dep

* remove deprecated errno conversion

Co-authored-by: Dominik Maier <domenukk@gmail.com>
 2021-10-12 10:32:21 +02:00
julihoh
6e2aa47285
add ability to trace location information in concolic tracer (#322) 
* add ability to trace location information in concolic tracer

* fix formatting

* introduce location new-type

* fix conolic smoke test

* impl From instead of custom into_inner function

* fmt

* change to use usize instead of NonZeroUsize

in order to no over-constrain the implementation
 2021-10-11 13:31:16 +02:00
Toka
c0d40a43e1
remove libafl_tests (#324) 
* remove libafl_tests

* fmt

* fix

* fix

* fix
 2021-10-10 20:44:49 +02:00