From 1d746b4074f781a82d3e11b5124017597eb1e242 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Sun, 20 Aug 2023 12:00:41 +0200 Subject: [PATCH] Fixes for frida, qemu_sugar (#1427) * Fixes for frida, qemu_sugar * tiny clippy * clippy * fix thread_id * Attempted fix for qemu --- fuzzers/baby_fuzzer_minimizing/src/main.rs | 2 +- libafl_frida/src/executor.rs | 24 ++++++++++++++++------ libafl_qemu/src/executor.rs | 11 +++++----- 3 files changed, 25 insertions(+), 12 deletions(-) diff --git a/fuzzers/baby_fuzzer_minimizing/src/main.rs b/fuzzers/baby_fuzzer_minimizing/src/main.rs index 0eda481089..a1b6650e26 100644 --- a/fuzzers/baby_fuzzer_minimizing/src/main.rs +++ b/fuzzers/baby_fuzzer_minimizing/src/main.rs @@ -109,7 +109,7 @@ pub fn main() -> Result<(), Error> { let mut state = StdState::new( StdRand::with_seed(current_nanos()), - InMemoryOnDiskCorpus::new(&minimized_dir).unwrap(), + InMemoryOnDiskCorpus::new(minimized_dir).unwrap(), InMemoryCorpus::new(), &mut (), &mut (), diff --git a/libafl_frida/src/executor.rs b/libafl_frida/src/executor.rs index 021e35c104..3943b85e1f 100644 --- a/libafl_frida/src/executor.rs +++ b/libafl_frida/src/executor.rs @@ -1,5 +1,5 @@ use core::fmt::{self, Debug, Formatter}; -use std::{ffi::c_void, marker::PhantomData}; +use std::{ffi::c_void, marker::PhantomData, process}; use frida_gum::{ stalker::{NoneEventSink, Stalker}, @@ -35,7 +35,7 @@ where { base: InProcessExecutor<'a, H, OT, S>, // thread_id for the Stalker - thread_id: usize, + thread_id: u32, /// Frida's dynamic rewriting engine stalker: Stalker<'a>, /// User provided callback for instrumentation @@ -87,8 +87,11 @@ where } else { self.followed = true; let transformer = self.helper.transformer(); - self.stalker - .follow::(self.thread_id, transformer, None); + self.stalker.follow::( + self.thread_id.try_into().unwrap(), + transformer, + None, + ); } } let res = self.base.run_target(fuzzer, state, mgr, input); @@ -153,12 +156,21 @@ where OT: ObserversTuple, RT: FridaRuntimeTuple, { - /// Creates a new [`FridaInProcessExecutor`] + /// Creates a new [`FridaInProcessExecutor`]. pub fn new( gum: &'a Gum, base: InProcessExecutor<'a, H, OT, S>, - thread_id: usize, helper: &'c mut FridaInstrumentationHelper<'b, RT>, + ) -> Self { + Self::on_thread(gum, base, helper, process::id()) + } + + /// Creates a new [`FridaInProcessExecutor`] tracking the given `thread_id`. + pub fn on_thread( + gum: &'a Gum, + base: InProcessExecutor<'a, H, OT, S>, + helper: &'c mut FridaInstrumentationHelper<'b, RT>, + thread_id: u32, ) -> Self { let mut stalker = Stalker::new(gum); // Include the current module (the fuzzer) in stalked ranges. We clone the ranges so that diff --git a/libafl_qemu/src/executor.rs b/libafl_qemu/src/executor.rs index 5f01ff384f..2262fd8ae7 100644 --- a/libafl_qemu/src/executor.rs +++ b/libafl_qemu/src/executor.rs @@ -2,7 +2,11 @@ use core::fmt::{self, Debug, Formatter}; #[cfg(feature = "fork")] -use libafl::{events::EventManager, executors::InProcessForkExecutor, state::HasMetadata}; +use libafl::{ + events::EventManager, + executors::InProcessForkExecutor, + state::{HasLastReportTime, HasMetadata}, +}; use libafl::{ events::{EventFirer, EventRestarter}, executors::{Executor, ExitKind, HasObservers, InProcessExecutor}, @@ -10,10 +14,7 @@ use libafl::{ fuzzer::{HasFeedback, HasObjective, HasScheduler}, inputs::UsesInput, observers::{ObserversTuple, UsesObservers}, - state::{ - HasClientPerfMonitor, HasCorpus, HasExecutions, HasLastReportTime, HasSolutions, State, - UsesState, - }, + state::{HasClientPerfMonitor, HasCorpus, HasExecutions, HasSolutions, State, UsesState}, Error, }; #[cfg(feature = "fork")]