SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Asan fix (#460)

Browse Source 
* fix

* fix

* bump

* fmt
This commit is contained in:
Dongjia Zhang 2022-01-10 05:00:04 +09:00 committed by GitHub
parent 82194c5fe5
commit 327ff98ea1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fuzzers/frida_libpng/Cargo.toml
View File

@ -30,7 +30,7 @@ reqwest = { version = "0.11.4", features = ["blocking"] }
[dependencies] [dependencies]
libafl = { path = "../../libafl/", features = [ "std", "llmp_compression", "llmp_bind_public" ] } #, "llmp_small_maps", "llmp_debug"]} libafl = { path = "../../libafl/", features = [ "std", "llmp_compression", "llmp_bind_public" ] } #, "llmp_small_maps", "llmp_debug"]}
capstone = "0.10.0" capstone = "0.10.0"
frida-gum = { version = "0.6.1", features = [ "auto-download", "event-sink", "invocation-listener"] } frida-gum = { version = "0.6.3", features = [ "auto-download", "event-sink", "invocation-listener"] }
libafl_frida = { path = "../../libafl_frida", features = ["cmplog"] } libafl_frida = { path = "../../libafl_frida", features = ["cmplog"] }
libafl_targets = { path = "../../libafl_targets", features = ["sancov_cmplog"] } libafl_targets = { path = "../../libafl_targets", features = ["sancov_cmplog"] }
lazy_static = "1.4.0" lazy_static = "1.4.0"

2
libafl_frida/Cargo.toml
View File

@ -27,7 +27,7 @@ hashbrown = "0.11"
libloading = "0.7" libloading = "0.7"
rangemap = "0.1" rangemap = "0.1"
frida-gum-sys = { version = "0.3", features = [ "auto-download", "event-sink", "invocation-listener"] } frida-gum-sys = { version = "0.3", features = [ "auto-download", "event-sink", "invocation-listener"] }
frida-gum = { version = "0.6.1", features = [ "auto-download", "event-sink", "invocation-listener"] } frida-gum = { version = "0.6.3", features = [ "auto-download", "event-sink", "invocation-listener"] }
core_affinity = { version = "0.5", git = "https://github.com/s1341/core_affinity_rs", rev = "6648a7a" } core_affinity = { version = "0.5", git = "https://github.com/s1341/core_affinity_rs", rev = "6648a7a" }
regex = "1.4" regex = "1.4"
dynasmrt = "1.2" dynasmrt = "1.2"

4
libafl_frida/src/asan/asan_rt.rs
View File

@ -2307,6 +2307,10 @@ impl AsanRuntime {
X86Register::Rip => { X86Register::Rip => {
writer.put_mov_reg_address(X86Register::Rsi, true_rip); writer.put_mov_reg_address(X86Register::Rsi, true_rip);
} }
X86Register::Rdi => {
// In this case rdi is already clobbered, so we want it from the stack (we pushed rdi onto stack before!)
writer.put_mov_reg_reg_offset_ptr(X86Register::Rsi, X86Register::Rsp, -0x28);
}
_ => { _ => {
writer.put_mov_reg_reg(X86Register::Rsi, indexreg.unwrap()); writer.put_mov_reg_reg(X86Register::Rsi, indexreg.unwrap());
} }

2
libafl_frida/src/asan/errors.rs
View File

@ -509,7 +509,7 @@ impl AsanErrors {
cs.set_skipdata(true).expect("failed to set skipdata"); cs.set_skipdata(true).expect("failed to set skipdata");
let start_pc = pc - 4 * 5; let start_pc = pc;
for insn in cs for insn in cs
.disasm_count( .disasm_count(
unsafe { std::slice::from_raw_parts(start_pc as *mut u8, 4 * 11) }, unsafe { std::slice::from_raw_parts(start_pc as *mut u8, 4 * 11) },