From 28ab5e224b87b10a0dd08b79a25154109f44c6e0 Mon Sep 17 00:00:00 2001
From: Dominik Maier <domenukk@gmail.com>
Date: Wed, 19 Oct 2022 14:14:10 +0200
Subject: [PATCH] Fix baby_no_std (#846)

* Fixing baby_no_std

* Fixed warnings for no_std

* Fix aarch build, clippy

* oops nyx again

* Using CString from alloc
---
 fuzzers/baby_no_std/Cargo.toml     |  1 -
 fuzzers/baby_no_std/Makefile.toml  | 34 +++++++++++++++++++++++
 fuzzers/baby_no_std/build.rs       |  5 ++++
 fuzzers/baby_no_std/rust-toolchain |  1 +
 fuzzers/baby_no_std/src/main.rs    | 43 +++++++++++++++++++-----------
 libafl/Cargo.toml                  |  4 +--
 libafl/src/executors/inprocess.rs  |  2 +-
 7 files changed, 71 insertions(+), 19 deletions(-)
 create mode 100644 fuzzers/baby_no_std/Makefile.toml
 create mode 100644 fuzzers/baby_no_std/build.rs
 create mode 100644 fuzzers/baby_no_std/rust-toolchain

diff --git a/fuzzers/baby_no_std/Cargo.toml b/fuzzers/baby_no_std/Cargo.toml
index 27298aa1a4..11ac14b723 100644
--- a/fuzzers/baby_no_std/Cargo.toml
+++ b/fuzzers/baby_no_std/Cargo.toml
@@ -20,5 +20,4 @@ static-alloc = "0.2.3"
 
 [target.'cfg(unix)'.dependencies]
 libc = "0.2"
-cstr_core = "0.2.3"
 
diff --git a/fuzzers/baby_no_std/Makefile.toml b/fuzzers/baby_no_std/Makefile.toml
new file mode 100644
index 0000000000..a5f28651fe
--- /dev/null
+++ b/fuzzers/baby_no_std/Makefile.toml
@@ -0,0 +1,34 @@
+[env]
+FUZZER_NAME="fuzzer"
+PROJECT_DIR = { script = ["pwd"] }
+
+[tasks.unsupported]
+script_runner="@shell"
+script='''
+echo "Cargo-make not integrated yet on this"
+'''
+
+# Fuzzer
+[tasks.build]
+command = "cargo"
+args = ["build", "--release", "-Zbuild-std=core,alloc", "--target", "x86_64-unknown-linux-gnu"]
+
+# Test
+[tasks.test]
+linux_alias = "test_unix"
+mac_alias = "unsupported"
+windows_alias = "unsupported"
+
+[tasks.test_unix]
+script='''
+cargo run -Zbuild-std=core,alloc --target x86_64-unknown-linux-gnu || true
+'''
+dependencies = ["build"]
+
+[tasks.build_aarch]
+script = "cargo +nightly build -Zbuild-std=core,alloc --target aarch64-unknown-none -v --release"
+
+# Clean
+[tasks.clean]
+command = "cargo"
+args = ["clean"]
\ No newline at end of file
diff --git a/fuzzers/baby_no_std/build.rs b/fuzzers/baby_no_std/build.rs
new file mode 100644
index 0000000000..ccf20a4a53
--- /dev/null
+++ b/fuzzers/baby_no_std/build.rs
@@ -0,0 +1,5 @@
+fn main() {
+    if std::env::var("CARGO_CFG_TARGET_FAMILY").unwrap_or_default() == "unix" {
+        println!("cargo:rustc-link-lib=c");
+    };
+}
diff --git a/fuzzers/baby_no_std/rust-toolchain b/fuzzers/baby_no_std/rust-toolchain
new file mode 100644
index 0000000000..bf867e0ae5
--- /dev/null
+++ b/fuzzers/baby_no_std/rust-toolchain
@@ -0,0 +1 @@
+nightly
diff --git a/fuzzers/baby_no_std/src/main.rs b/fuzzers/baby_no_std/src/main.rs
index 797de2837d..d570351516 100644
--- a/fuzzers/baby_no_std/src/main.rs
+++ b/fuzzers/baby_no_std/src/main.rs
@@ -1,14 +1,16 @@
 #![no_std]
 // Embedded targets: build with no_main
-#![cfg_attr(not(any(windows, unix)), no_main)]
+#![cfg_attr(not(any(windows)), no_main)]
 // Embedded needs alloc error handlers which only work on nightly right now...
-#![cfg_attr(not(any(windows, unix)), feature(default_alloc_error_handler))]
-
-#[cfg(not(any(windows, unix)))]
-use core::panic::PanicInfo;
+#![cfg_attr(not(any(windows)), feature(default_alloc_error_handler))]
 
 #[cfg(any(windows, unix))]
-use cstr_core::CString;
+extern crate alloc;
+#[cfg(any(windows, unix))]
+use alloc::ffi::CString;
+#[cfg(not(any(windows)))]
+use core::panic::PanicInfo;
+
 use libafl::{
     bolts::{current_nanos, rands::StdRand, tuples::tuple_list, AsSlice},
     corpus::InMemoryCorpus,
@@ -26,16 +28,22 @@ use libafl::{
     state::StdState,
 };
 #[cfg(any(windows, unix))]
-use libc::{c_char, printf};
+use libc::{abort, printf};
 use static_alloc::Bump;
 
 #[global_allocator]
 static A: Bump<[u8; 512 * 1024 * 1024]> = Bump::uninit();
 
-#[cfg(not(any(windows, unix)))]
 #[panic_handler]
 fn panic(_info: &PanicInfo) -> ! {
-    loop {}
+    #[cfg(unix)]
+    unsafe {
+        abort();
+    }
+    #[cfg(not(unix))]
+    loop {
+        // On embedded, there's not much left to do.
+    }
 }
 
 /// Coverage map with explicit assignments due to the lack of instrumentation
@@ -46,7 +54,7 @@ fn signals_set(idx: usize) {
     unsafe { SIGNALS[idx] = 1 };
 }
 
-/// Provide custom time in no_std environment
+/// Provide custom time in `no_std` environment
 /// Use a time provider of your choice
 #[no_mangle]
 pub extern "C" fn external_current_millis() -> u64 {
@@ -54,8 +62,12 @@ pub extern "C" fn external_current_millis() -> u64 {
     1000
 }
 
+/// The main of this program.
+/// # Panics
+/// Will panic once the fuzzer finds the correct conditions.
 #[allow(clippy::similar_names)]
-pub fn main() {
+#[no_mangle]
+pub extern "C" fn main(_argc: isize, _argv: *const *const u8) -> isize {
     // The closure that we want to fuzz
     let mut harness = |input: &BytesInput| {
         let target = input.target_bytes();
@@ -65,6 +77,7 @@ pub fn main() {
             signals_set(1);
             if buf.len() > 1 && buf[1] == b'b' {
                 signals_set(2);
+                #[allow(clippy::manual_assert)]
                 if buf.len() > 2 && buf[2] == b'c' {
                     panic!("=)");
                 }
@@ -104,10 +117,8 @@ pub fn main() {
         // TODO: Print `s` here, if your target permits it.
         #[cfg(any(windows, unix))]
         unsafe {
-            printf(
-                b"%s\n\0".as_ptr() as *const c_char,
-                CString::new(s).unwrap().as_ptr() as *const c_char,
-            );
+            let s = CString::new(s).unwrap();
+            printf(b"%s\n\0".as_ptr().cast(), s.as_ptr());
         }
     });
 
@@ -146,4 +157,6 @@ pub fn main() {
     fuzzer
         .fuzz_loop(&mut stages, &mut executor, &mut state, &mut mgr)
         .expect("Error in the fuzzing loop");
+
+    0
 }
diff --git a/libafl/Cargo.toml b/libafl/Cargo.toml
index fb02470891..8b9b375e56 100644
--- a/libafl/Cargo.toml
+++ b/libafl/Cargo.toml
@@ -13,7 +13,7 @@ categories = ["development-tools::testing", "emulators", "embedded", "os", "no-s
 
 [features]
 default = ["std", "derive", "llmp_compression", "rand_trait", "fork", "prelude"]
-std = ["serde_json", "serde_json/std", "hostname", "nix", "serde/std", "bincode", "wait-timeout", "regex", "byteorder", "once_cell", "uuid", "tui_monitor", "ctor", "backtrace"] # print, env, launcher ... support
+std = ["serde_json", "serde_json/std", "hostname", "nix", "serde/std", "bincode", "wait-timeout", "regex", "byteorder", "once_cell", "uuid", "tui_monitor", "ctor", "backtrace", "uds"] # print, env, launcher ... support
 derive = ["libafl_derive"] # provide derive(SerdeAny) macro.
 fork = [] # uses the fork() syscall to spawn children, instead of launching a new command, if supported by the OS (has no effect on Windows, no_std).
 rand_trait = ["rand_core"] # If set, libafl's rand implementations will implement `rand::Rng`
@@ -94,7 +94,7 @@ grammartec = { version = "0.2", optional = true }
 
 [target.'cfg(unix)'.dependencies]
 libc = "0.2" # For (*nix) libc
-uds = "0.2.6"
+uds = { version = "0.2.6", optional = true }
 lock_api = "0.4.7"
 
 [target.'cfg(windows)'.dependencies]
diff --git a/libafl/src/executors/inprocess.rs b/libafl/src/executors/inprocess.rs
index 63bd7046ca..b04a38a355 100644
--- a/libafl/src/executors/inprocess.rs
+++ b/libafl/src/executors/inprocess.rs
@@ -452,7 +452,7 @@ impl InProcessExecutorHandlerData {
         self.in_target == 1
     }
 
-    #[cfg(not(windows))]
+    #[cfg(unix)]
     fn is_valid(&self) -> bool {
         !self.current_input_ptr.is_null()
     }