Fixes for frida, qemu_sugar (#1427)

* Fixes for frida, qemu_sugar * tiny clippy * clippy * fix thread_id * Attempted fix for qemu
2023-08-20 12:00:41 +02:00 · 2023-08-20 12:00:41 +02:00 · 1d746b4074
commit 1d746b4074
parent 173b14258b
3 changed files with 25 additions and 12 deletions
--- a/fuzzers/baby_fuzzer_minimizing/src/main.rs
+++ b/fuzzers/baby_fuzzer_minimizing/src/main.rs
@ -109,7 +109,7 @@ pub fn main() -> Result<(), Error> {

    let mut state = StdState::new(
        StdRand::with_seed(current_nanos()),
-        InMemoryOnDiskCorpus::new(&minimized_dir).unwrap(),
+        InMemoryOnDiskCorpus::new(minimized_dir).unwrap(),
        InMemoryCorpus::new(),
        &mut (),
        &mut (),
--- a/libafl_frida/src/executor.rs
+++ b/libafl_frida/src/executor.rs
@ -1,5 +1,5 @@
 use core::fmt::{self, Debug, Formatter};
-use std::{ffi::c_void, marker::PhantomData};
+use std::{ffi::c_void, marker::PhantomData, process};

 use frida_gum::{
    stalker::{NoneEventSink, Stalker},
@ -35,7 +35,7 @@ where
 {
    base: InProcessExecutor<'a, H, OT, S>,
    // thread_id for the Stalker
-    thread_id: usize,
+    thread_id: u32,
    /// Frida's dynamic rewriting engine
    stalker: Stalker<'a>,
    /// User provided callback for instrumentation
@ -87,8 +87,11 @@ where
            } else {
                self.followed = true;
                let transformer = self.helper.transformer();
-                self.stalker
-                    .follow::<NoneEventSink>(self.thread_id, transformer, None);
+                self.stalker.follow::<NoneEventSink>(
+                    self.thread_id.try_into().unwrap(),
+                    transformer,
+                    None,
+                );
            }
        }
        let res = self.base.run_target(fuzzer, state, mgr, input);
@ -153,12 +156,21 @@ where
    OT: ObserversTuple<S>,
    RT: FridaRuntimeTuple,
 {
-    /// Creates a new [`FridaInProcessExecutor`]
+    /// Creates a new [`FridaInProcessExecutor`].
    pub fn new(
        gum: &'a Gum,
        base: InProcessExecutor<'a, H, OT, S>,
-        thread_id: usize,
        helper: &'c mut FridaInstrumentationHelper<'b, RT>,
+    ) -> Self {
+        Self::on_thread(gum, base, helper, process::id())
+    }
+
+    /// Creates a new [`FridaInProcessExecutor`] tracking the given `thread_id`.
+    pub fn on_thread(
+        gum: &'a Gum,
+        base: InProcessExecutor<'a, H, OT, S>,
+        helper: &'c mut FridaInstrumentationHelper<'b, RT>,
+        thread_id: u32,
    ) -> Self {
        let mut stalker = Stalker::new(gum);
        // Include the current module (the fuzzer) in stalked ranges. We clone the ranges so that
--- a/libafl_qemu/src/executor.rs
+++ b/libafl_qemu/src/executor.rs
@ -2,7 +2,11 @@
 use core::fmt::{self, Debug, Formatter};

 #[cfg(feature = "fork")]
-use libafl::{events::EventManager, executors::InProcessForkExecutor, state::HasMetadata};
+use libafl::{
+    events::EventManager,
+    executors::InProcessForkExecutor,
+    state::{HasLastReportTime, HasMetadata},
+};
 use libafl::{
    events::{EventFirer, EventRestarter},
    executors::{Executor, ExitKind, HasObservers, InProcessExecutor},
@ -10,10 +14,7 @@ use libafl::{
    fuzzer::{HasFeedback, HasObjective, HasScheduler},
    inputs::UsesInput,
    observers::{ObserversTuple, UsesObservers},
-    state::{
-        HasClientPerfMonitor, HasCorpus, HasExecutions, HasLastReportTime, HasSolutions, State,
-        UsesState,
-    },
+    state::{HasClientPerfMonitor, HasCorpus, HasExecutions, HasSolutions, State, UsesState},
    Error,
 };
 #[cfg(feature = "fork")]