SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

QEMU: Fix injections build for hexagon, disable on system mode (#1821)

Browse Source 
* Fix CI for Clippy, QEMU

* Clippy, fixes for system mode

* clippy

* clippy

* fixing new clippy
This commit is contained in:
Dominik Maier 2024-01-30 04:25:14 +01:00 committed by GitHub
parent 07f9a9d06a
commit 244c6b0da5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
9 changed files with 32 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -67,4 +67,4 @@ libafl_nyx/packer
# No llvm IR # No llvm IR
*.ll *.ll
.tar.gz *.tar.gz

14
fuzzers/qemu_systemmode/src/fuzzer.rs
View File

@ -36,6 +36,7 @@ use libafl_qemu::{
pub static mut MAX_INPUT_SIZE: usize = 50; pub static mut MAX_INPUT_SIZE: usize = 50;
#[allow(clippy::too_many_lines)]
pub fn fuzz() { pub fn fuzz() {
env_logger::init(); env_logger::init();
@ -56,12 +57,13 @@ pub fn fuzz() {
) )
.unwrap(); .unwrap();
let input_addr = elf let input_addr = GuestPhysAddr::from(
.resolve_symbol( elf.resolve_symbol(
&env::var("FUZZ_INPUT").unwrap_or_else(|_| "FUZZ_INPUT".to_owned()), &env::var("FUZZ_INPUT").unwrap_or_else(|_| "FUZZ_INPUT".to_owned()),
0, 0,
) )
.expect("Symbol or env FUZZ_INPUT not found") as GuestPhysAddr; .expect("Symbol or env FUZZ_INPUT not found"),
);
println!("FUZZ_INPUT @ {input_addr:#x}"); println!("FUZZ_INPUT @ {input_addr:#x}");
let main_addr = elf let main_addr = elf
@ -85,14 +87,14 @@ pub fn fuzz() {
emu.set_breakpoint(main_addr); emu.set_breakpoint(main_addr);
unsafe { unsafe {
emu.run(); emu.run().unwrap();
} }
emu.remove_breakpoint(main_addr); emu.remove_breakpoint(main_addr);
emu.set_breakpoint(breakpoint); // BREAKPOINT emu.set_breakpoint(breakpoint); // BREAKPOINT
let devices = emu.list_devices(); let devices = emu.list_devices();
println!("Devices = {:?}", devices); println!("Devices = {devices:?}");
// let saved_cpu_states: Vec<_> = (0..emu.num_cpus()) // let saved_cpu_states: Vec<_> = (0..emu.num_cpus())
// .map(|i| emu.cpu_from_index(i).save_state()) // .map(|i| emu.cpu_from_index(i).save_state())
@ -115,7 +117,7 @@ pub fn fuzz() {
emu.write_phys_mem(input_addr, buf); emu.write_phys_mem(input_addr, buf);
emu.run(); emu.run().unwrap();
// If the execution stops at any point other then the designated breakpoint (e.g. a breakpoint on a panic method) we consider it a crash // If the execution stops at any point other then the designated breakpoint (e.g. a breakpoint on a panic method) we consider it a crash
let mut pcs = (0..emu.num_cpus()) let mut pcs = (0..emu.num_cpus())

2
libafl/src/corpus/inmemory_ondisk.rs
View File

@ -304,7 +304,7 @@ where
// Try to create lock file for new testcases // Try to create lock file for new testcases
if OpenOptions::new() if OpenOptions::new()
.create(true) .create_new(true)
.write(true) .write(true)
.open(self.dir_path.join(new_lock_filename)) .open(self.dir_path.join(new_lock_filename))
.is_err() .is_err()

6
libafl_bolts/src/fs.rs
View File

@ -94,17 +94,17 @@ impl Clone for InputFile {
#[cfg(feature = "std")] #[cfg(feature = "std")]
impl InputFile { impl InputFile {
/// Creates a new [`InputFile`] /// Creates a new [`InputFile`], or truncates if it already exists
pub fn create<P>(filename: P) -> Result<Self, Error> pub fn create<P>(filename: P) -> Result<Self, Error>
where where
P: AsRef<Path>, P: AsRef<Path>,
{ {
let f = OpenOptions::new() let f = OpenOptions::new()
.create(true)
.read(true) .read(true)
.write(true) .write(true)
.create(true) .truncate(true)
.open(&filename)?; .open(&filename)?;
f.set_len(0)?;
Ok(Self { Ok(Self {
path: filename.as_ref().to_owned(), path: filename.as_ref().to_owned(),
file: f, file: f,

4
libafl_cc/build.rs
View File

@ -311,12 +311,12 @@ pub const LIBAFL_CC_LLVM_VERSION: Option<usize> = None;
let mut cxxflags: Vec<String> = cxxflags.split_whitespace().map(String::from).collect(); let mut cxxflags: Vec<String> = cxxflags.split_whitespace().map(String::from).collect();
let edges_map_size: usize = option_env!("LIBAFL_EDGES_MAP_SIZE") let edges_map_size: usize = option_env!("LIBAFL_EDGES_MAP_SIZE")
.map_or(Ok(2621440), str::parse) .map_or(Ok(2_621_440), str::parse)
.expect("Could not parse LIBAFL_EDGES_MAP_SIZE"); .expect("Could not parse LIBAFL_EDGES_MAP_SIZE");
cxxflags.push(format!("-DLIBAFL_EDGES_MAP_SIZE={edges_map_size}")); cxxflags.push(format!("-DLIBAFL_EDGES_MAP_SIZE={edges_map_size}"));
let acc_map_size: usize = option_env!("LIBAFL_ACCOUNTING_MAP_SIZE") let acc_map_size: usize = option_env!("LIBAFL_ACCOUNTING_MAP_SIZE")
.map_or(Ok(65536), str::parse) .map_or(Ok(65_536), str::parse)
.expect("Could not parse LIBAFL_ACCOUNTING_MAP_SIZE"); .expect("Could not parse LIBAFL_ACCOUNTING_MAP_SIZE");
cxxflags.push(format!("-DLIBAFL_ACCOUNTING_MAP_SIZE={acc_map_size}")); cxxflags.push(format!("-DLIBAFL_ACCOUNTING_MAP_SIZE={acc_map_size}"));

8
libafl_qemu/src/injections.rs
View File

@ -17,10 +17,16 @@ use hashbrown::HashMap;
use libafl::{inputs::UsesInput, Error}; use libafl::{inputs::UsesInput, Error};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
#[cfg(not(cpu_target = "hexagon"))]
use crate::SYS_execve;
use crate::{ use crate::{
elf::EasyElf, emu::ArchExtras, CallingConvention, Emulator, GuestAddr, Hook, QemuHelper, elf::EasyElf, emu::ArchExtras, CallingConvention, Emulator, GuestAddr, Hook, QemuHelper,
QemuHelperTuple, QemuHooks, SYS_execve, SyscallHookResult, QemuHelperTuple, QemuHooks, SyscallHookResult,
}; };
#[cfg(cpu_target = "hexagon")]
/// Hexagon syscalls are not currently supported by the `syscalls` crate, so we just paste this here for now.
/// <https://github.com/qemu/qemu/blob/11be70677c70fdccd452a3233653949b79e97908/linux-user/hexagon/syscall_nr.h#L230>
const SYS_execve: u8 = 221;
/// Parses `injections.yaml` /// Parses `injections.yaml`
fn parse_yaml<P: AsRef<Path> + Display>(path: P) -> Result<Vec<YamlInjectionEntry>, Error> { fn parse_yaml<P: AsRef<Path> + Display>(path: P) -> Result<Vec<YamlInjectionEntry>, Error> {

4
libafl_qemu/src/lib.rs
View File

@ -82,9 +82,9 @@ pub mod cmplog;
#[cfg(not(any(cpu_target = "mips", cpu_target = "hexagon")))] #[cfg(not(any(cpu_target = "mips", cpu_target = "hexagon")))]
pub use cmplog::QemuCmpLogHelper; pub use cmplog::QemuCmpLogHelper;
#[cfg(feature = "injections")] #[cfg(all(emulation_mode = "usermode", feature = "injections"))]
pub mod injections; pub mod injections;
#[cfg(feature = "injections")] #[cfg(all(emulation_mode = "usermode", feature = "injections"))]
pub use injections::QemuInjectionHelper; pub use injections::QemuInjectionHelper;
#[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))] #[cfg(all(emulation_mode = "usermode", not(cpu_target = "hexagon")))]

11
libafl_targets/build.rs
View File

@ -2,6 +2,9 @@
use std::{env, fs::File, io::Write, path::Path}; use std::{env, fs::File, io::Write, path::Path};
const TWO_MB: usize = 2_621_440;
const SIXTY_FIVE_KB: usize = 65_536;
#[allow(clippy::too_many_lines)] #[allow(clippy::too_many_lines)]
fn main() { fn main() {
let out_dir = env::var_os("OUT_DIR").unwrap(); let out_dir = env::var_os("OUT_DIR").unwrap();
@ -14,19 +17,19 @@ fn main() {
let mut constants_file = File::create(dest_path).expect("Could not create file"); let mut constants_file = File::create(dest_path).expect("Could not create file");
let edges_map_size: usize = option_env!("LIBAFL_EDGES_MAP_SIZE") let edges_map_size: usize = option_env!("LIBAFL_EDGES_MAP_SIZE")
.map_or(Ok(2621440), str::parse) .map_or(Ok(TWO_MB), str::parse)
.expect("Could not parse LIBAFL_EDGES_MAP_SIZE"); .expect("Could not parse LIBAFL_EDGES_MAP_SIZE");
let cmp_map_size: usize = option_env!("LIBAFL_CMP_MAP_SIZE") let cmp_map_size: usize = option_env!("LIBAFL_CMP_MAP_SIZE")
.map_or(Ok(65536), str::parse) .map_or(Ok(SIXTY_FIVE_KB), str::parse)
.expect("Could not parse LIBAFL_CMP_MAP_SIZE"); .expect("Could not parse LIBAFL_CMP_MAP_SIZE");
let cmplog_map_w: usize = option_env!("LIBAFL_CMPLOG_MAP_W") let cmplog_map_w: usize = option_env!("LIBAFL_CMPLOG_MAP_W")
.map_or(Ok(65536), str::parse) .map_or(Ok(SIXTY_FIVE_KB), str::parse)
.expect("Could not parse LIBAFL_CMPLOG_MAP_W"); .expect("Could not parse LIBAFL_CMPLOG_MAP_W");
let cmplog_map_h: usize = option_env!("LIBAFL_CMPLOG_MAP_H") let cmplog_map_h: usize = option_env!("LIBAFL_CMPLOG_MAP_H")
.map_or(Ok(32), str::parse) .map_or(Ok(32), str::parse)
.expect("Could not parse LIBAFL_CMPLOG_MAP_H"); .expect("Could not parse LIBAFL_CMPLOG_MAP_H");
let acc_map_size: usize = option_env!("LIBAFL_ACCOUNTING_MAP_SIZE") let acc_map_size: usize = option_env!("LIBAFL_ACCOUNTING_MAP_SIZE")
.map_or(Ok(65536), str::parse) .map_or(Ok(SIXTY_FIVE_KB), str::parse)
.expect("Could not parse LIBAFL_ACCOUNTING_MAP_SIZE"); .expect("Could not parse LIBAFL_ACCOUNTING_MAP_SIZE");
write!( write!(

3
libafl_targets/src/lib.rs
View File

@ -13,8 +13,7 @@
clippy::missing_panics_doc, clippy::missing_panics_doc,
clippy::missing_docs_in_private_items, clippy::missing_docs_in_private_items,
clippy::module_name_repetitions, clippy::module_name_repetitions,
clippy::unreadable_literal, clippy::unreadable_literal
clippy::pub_underscore_fields
)] )]
#![cfg_attr(not(test), warn( #![cfg_attr(not(test), warn(
missing_debug_implementations, missing_debug_implementations,