diff --git a/libafl_frida/Cargo.toml b/libafl_frida/Cargo.toml index fdd42c4ca5..439635fea7 100644 --- a/libafl_frida/Cargo.toml +++ b/libafl_frida/Cargo.toml @@ -9,7 +9,13 @@ readme = "../README.md" license = "MIT OR Apache-2.0" keywords = ["fuzzing", "frida", "instrumentation"] edition = "2021" -categories = ["development-tools::testing", "emulators", "embedded", "os", "no-std"] +categories = [ + "development-tools::testing", + "emulators", + "embedded", + "os", + "no-std" +] [features] default = ["serdeany_autoreg"] @@ -20,22 +26,45 @@ serdeany_autoreg = ["libafl_bolts/serdeany_autoreg"] cc = { version = "1.0", features = ["parallel"] } [dependencies] -libafl = { path = "../libafl", default-features = false, version = "0.10.1", features = ["std", "derive", "frida_cli"] } -libafl_bolts = { path = "../libafl_bolts", version = "0.10.1", default-features = false, features = ["std", "derive", "frida_cli"] } -libafl_targets = { path = "../libafl_targets", version = "0.10.1", features = ["std", "sancov_cmplog"] } +libafl = { path = "../libafl", default-features = false, version = "0.10.1", features = [ + "std", + "derive", + "frida_cli", +] } +libafl_bolts = { path = "../libafl_bolts", version = "0.10.1", default-features = false, features = [ + "std", + "derive", + "frida_cli" +] } +libafl_targets = { path = "../libafl_targets", version = "0.10.1", features = [ + "std", + "sancov_cmplog", +] } nix = "0.26" libc = "0.2" hashbrown = "0.14" rangemap = "1.3" -frida-gum-sys = { version = "0.8.1", features = [ "auto-download", "event-sink", "invocation-listener"] } -frida-gum = { version = "0.13.2", features = [ "auto-download", "event-sink", "invocation-listener", "module-names"] } +frida-gum-sys = { version = "0.8.1", features = [ + "auto-download", + "event-sink", + "invocation-listener", +] } +frida-gum = { version = "0.13.2", features = [ + "auto-download", + "event-sink", + "invocation-listener", + "module-names", +] } dynasmrt = "2" capstone = "0.11.0" -color-backtrace ={ version = "0.5", features = [ "resolve-modules" ] } +color-backtrace = { version = "0.5", features = ["resolve-modules"] } termcolor = "1.1.3" serde = "1.0" -backtrace = { version = "0.3", default-features = false, features = ["std", "serde"] } +backtrace = { version = "0.3", default-features = false, features = [ + "std", + "serde", +] } num-traits = "0.2" ahash = "0.8" paste = "1.0" diff --git a/libafl_frida/src/executor.rs b/libafl_frida/src/executor.rs index 85f92753eb..021e35c104 100644 --- a/libafl_frida/src/executor.rs +++ b/libafl_frida/src/executor.rs @@ -34,6 +34,8 @@ where 'a: 'b, { base: InProcessExecutor<'a, H, OT, S>, + // thread_id for the Stalker + thread_id: usize, /// Frida's dynamic rewriting engine stalker: Stalker<'a>, /// User provided callback for instrumentation @@ -85,7 +87,8 @@ where } else { self.followed = true; let transformer = self.helper.transformer(); - self.stalker.follow_me::(transformer, None); + self.stalker + .follow::(self.thread_id, transformer, None); } } let res = self.base.run_target(fuzzer, state, mgr, input); @@ -154,6 +157,7 @@ where pub fn new( gum: &'a Gum, base: InProcessExecutor<'a, H, OT, S>, + thread_id: usize, helper: &'c mut FridaInstrumentationHelper<'b, RT>, ) -> Self { let mut stalker = Stalker::new(gum); @@ -187,6 +191,7 @@ where Self { base, + thread_id, stalker, helper, followed: false,