History

* Adding DrCov for qemu

* Fixing cargo fmt

* Trying to fix maturin build

* Fixing clippy

* libafl_qemu --no-default-features fix

* Adding make module mapping a user input as suggested from @WorksButNotTested

* Switching from blocks_raw() -> blocks() and full_tracing as an option

* Avoiding get before get_mut

* HashSet to Vec

* Avoiding lazy_static

* Adding DrCov for example fuzzer qemu_arm_launcher

* Removing mut for globals in DrCov

* Using emu.mappings() for drcov module mappings

* Fixing clippy

Co-authored-by: Dominik Maier <domenukk@gmail.com>
Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com>

2022-11-20 14:28:30 +01:00

corpus

Qemu arm launcher (#708 )

2022-08-02 11:46:24 +02:00

src

Adding DrCov for qemu (#878 )

2022-11-20 14:28:30 +01:00

.gitignore

Adding DrCov for qemu (#878 )

2022-11-20 14:28:30 +01:00

Cargo.toml

Adding DrCov for qemu (#878 )

2022-11-20 14:28:30 +01:00

harness.cc

Qemu arm launcher (#708 )

2022-08-02 11:46:24 +02:00

Makefile.toml

Token mutations: set MutationResult for CmpValues::Bytes (#838 )

2022-10-14 13:03:57 +02:00

README.md

Qemu arm launcher (#708 )

2022-08-02 11:46:24 +02:00

README.md

LibAFL with launcher for libpng with qemu arm32 in usermode

This folder contains an example fuzzer for libpng using the qemu emulator in arm32 usermode. To show off crash detection, we added an optional undefined instruction to the harness. Everything has been tested on Linux.

In contrast to the normal libfuzzer libpng example, this uses the launcher feature, that automatically spawns n child processes, and binds them to a free core.

Prerequisites

sudo apt install gcc-arm-linux-gnueabi g++-arm-linux-gnueabi

Run

cargo make run

Run with artifical crash

cargo make run_crashing