From 9055c2372b1f7c7aa3d6a7aa54250490676c5663 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Thu, 11 Feb 2021 14:52:32 +0100 Subject: [PATCH 1/2] moved state to unwrap_or --- fuzzers/libfuzzer_libpng/src/mod.rs | 35 +++++++++++++---------------- 1 file changed, 15 insertions(+), 20 deletions(-) diff --git a/fuzzers/libfuzzer_libpng/src/mod.rs b/fuzzers/libfuzzer_libpng/src/mod.rs index 92e2c174e8..54cc616c71 100644 --- a/fuzzers/libfuzzer_libpng/src/mod.rs +++ b/fuzzers/libfuzzer_libpng/src/mod.rs @@ -12,7 +12,7 @@ use afl::{ bolts::tuples::tuple_list, corpus::{Corpus, InMemoryCorpus}, events::setup_restarting_mgr, - events::{SimpleStats}, + events::SimpleStats, executors::{inprocess::InProcessExecutor, Executor, ExitKind}, feedbacks::MaxMapFeedback, inputs::Input, @@ -120,28 +120,24 @@ fn fuzz(input: Option>, broker_port: u16) -> Result<(), AflError> { let mut rand = StdRand::new(0); // 'While the stats are state, they are usually used in the broker - which is likely never restarted let stats = SimpleStats::new(|s| println!("{}", s)); - + // The restarting state will spawn the same process again as child, then restartet it each time it crashes. - let (state_opt, mut restarting_mgr) = - setup_restarting_mgr::<_, _, _, _, AflShmem, _>(stats, broker_port).expect("Failed to setup the restarter".into()); + let (state, mut restarting_mgr) = + setup_restarting_mgr::<_, _, _, _, AflShmem, _>(stats, broker_port) + .expect("Failed to setup the restarter".into()); let edges_observer = - StdMapObserver::new_from_ptr(&NAME_COV_MAP, unsafe { __lafl_edges_map }, unsafe { - __lafl_max_edges_size as usize - }); + StdMapObserver::new_from_ptr(&NAME_COV_MAP, unsafe { __lafl_edges_map }, unsafe { + __lafl_max_edges_size as usize + }); - let mut state = match state_opt { - Some(s) => s, - None => { - State::new( - InMemoryCorpus::new(), - tuple_list!(MaxMapFeedback::new_with_observer( - &NAME_COV_MAP, - &edges_observer - )), - ) - }, - }; + let mut state = state.unwrap_or(State::new( + InMemoryCorpus::new(), + tuple_list!(MaxMapFeedback::new_with_observer( + &NAME_COV_MAP, + &edges_observer + )), + )); println!("We're a client, let's fuzz :)"); @@ -150,7 +146,6 @@ fn fuzz(input: Option>, broker_port: u16) -> Result<(), AflError> { let stage = StdMutationalStage::new(mutator); let mut fuzzer = StdFuzzer::new(tuple_list!(stage)); - // Create the executor let mut executor = InProcessExecutor::new( "Libfuzzer", From d8ede9f2281f07cd5d9f7bd6cb5a073a2951d248 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Thu, 11 Feb 2021 14:53:02 +0100 Subject: [PATCH 2/2] fmt --- afl/src/events/mod.rs | 3 --- fuzzers/libfuzzer_libpng/src/mod.rs | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/afl/src/events/mod.rs b/afl/src/events/mod.rs index b76728b75e..c9e612a7cb 100644 --- a/afl/src/events/mod.rs +++ b/afl/src/events/mod.rs @@ -942,14 +942,12 @@ where // We start ourself as child process to actually fuzz if std::env::var(_ENV_FUZZER_SENDER).is_err() { - mgr = LlmpEventManager::::new_on_port(stats, broker_port)?; if mgr.is_broker() { // Yep, broker. Just loop here. println!("Doing broker things. Run this tool again to start fuzzing in a client."); mgr.broker_loop()?; } else { - mgr.to_env(_ENV_FUZZER_BROKER_CLIENT_INITIAL); // First, create a channel from the fuzzer (sender) to us (receiver) to report its state for restarts. @@ -975,7 +973,6 @@ where todo!("Fix this"); } } - } } diff --git a/fuzzers/libfuzzer_libpng/src/mod.rs b/fuzzers/libfuzzer_libpng/src/mod.rs index 8a9d5f7580..534b9f99ef 100644 --- a/fuzzers/libfuzzer_libpng/src/mod.rs +++ b/fuzzers/libfuzzer_libpng/src/mod.rs @@ -8,7 +8,7 @@ use clap::{App, Arg}; use std::{env, path::PathBuf}; use afl::{ - bolts::{tuples::tuple_list, shmem::AflShmem}, + bolts::{shmem::AflShmem, tuples::tuple_list}, corpus::{Corpus, InMemoryCorpus}, events::setup_restarting_mgr, events::SimpleStats,