From 3cfcec2f0f94d3738c92bcf66e66edf284ae97de Mon Sep 17 00:00:00 2001
From: Dominik Maier <domenukk@gmail.com>
Date: Thu, 31 Dec 2020 14:48:08 +0100
Subject: [PATCH] moved libfuzzer to build.rs

---
 fuzzers/libfuzzer/Cargo.toml             | 12 +++-
 fuzzers/libfuzzer/build.rs               | 30 ++++++++
 fuzzers/libfuzzer/compiler               | 88 ------------------------
 fuzzers/libfuzzer/in1/a                  |  1 +
 fuzzers/libfuzzer/runtime/Makefile       | 10 ---
 fuzzers/libfuzzer/runtime/rt.c           |  7 --
 fuzzers/libfuzzer/src/{lib.rs => mod.rs} |  3 +-
 fuzzers/libfuzzer/test.sh                | 14 ++--
 fuzzers/libfuzzer_stats/build.rs         |  2 +-
 9 files changed, 48 insertions(+), 119 deletions(-)
 create mode 100644 fuzzers/libfuzzer/build.rs
 delete mode 100755 fuzzers/libfuzzer/compiler
 create mode 100644 fuzzers/libfuzzer/in1/a
 delete mode 100644 fuzzers/libfuzzer/runtime/Makefile
 rename fuzzers/libfuzzer/src/{lib.rs => mod.rs} (99%)

diff --git a/fuzzers/libfuzzer/Cargo.toml b/fuzzers/libfuzzer/Cargo.toml
index f8af052585..ba4027e0de 100644
--- a/fuzzers/libfuzzer/Cargo.toml
+++ b/fuzzers/libfuzzer/Cargo.toml
@@ -3,6 +3,7 @@ name = "libfuzzer"
 version = "0.1.0"
 authors = ["Andrea Fioraldi <andreafioraldi@gmail.com>"]
 edition = "2018"
+build = "build.rs"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
@@ -16,9 +17,16 @@ codegen-units = 1
 opt-level = 3
 debug = true
 
+[build-dependencies]
+cc = "1.0"
+num_cpus = "1.0"
+
 [dependencies]
 clap = "2.32.0"
 afl = { path = "../../afl/" }
 
-[lib]
-crate-type = ["staticlib", "cdylib"]
+[[bin]]
+name = "libfuzzer"
+path = "./src/mod.rs"
+test = false
+bench = false
\ No newline at end of file
diff --git a/fuzzers/libfuzzer/build.rs b/fuzzers/libfuzzer/build.rs
new file mode 100644
index 0000000000..757bc7b0d5
--- /dev/null
+++ b/fuzzers/libfuzzer/build.rs
@@ -0,0 +1,30 @@
+// build.rs
+
+use std::env;
+use std::path::Path;
+
+fn main() {
+    let out_dir = env::var_os("OUT_DIR").unwrap();
+    let _cwd = env::current_dir().unwrap().to_string_lossy().to_string();
+    let out_dir = out_dir.to_string_lossy().to_string();
+    let _out_dir_path = Path::new(&out_dir);
+
+    println!("cargo:rerun-if-changed=./runtime/rt.c",);
+    println!("cargo:rerun-if-changed=./test/test.c");
+
+    // We need clang for pc-guard support
+    std::env::set_var("CC", "clang");
+
+    cc::Build::new()
+        .file("./runtime/rt.c")
+        .compile("libfuzzer-sys-rt");
+
+    cc::Build::new()
+        .file("./test/test.c")
+        .flag("-fsanitize-coverage=trace-pc-guard,trace-cmp")
+        .compile("libfuzzer-sys-target");
+
+    println!("cargo:rustc-link-search=native={}", &out_dir);
+
+    println!("cargo:rerun-if-changed=build.rs");
+}
diff --git a/fuzzers/libfuzzer/compiler b/fuzzers/libfuzzer/compiler
deleted file mode 100755
index 056a86af34..0000000000
--- a/fuzzers/libfuzzer/compiler
+++ /dev/null
@@ -1,88 +0,0 @@
-#!/usr/bin/env python3
-
-import subprocess
-import sys
-import os
-
-script_dir = os.path.dirname(os.path.realpath(os.path.abspath(__file__)))
-
-is_cxx = "++" in sys.argv[0]
-
-def cc_exec(args):
-    if os.getenv("AFL_CC"):
-        cc_name = os.environ["AFL_CC"]
-    else:
-        cc_name = "clang"
-    if is_cxx:
-        if os.getenv("AFL_CXX"):
-            cc_name = os.environ["AFL_CXX"]
-        else:
-            cc_name = "clang++"
-    argv = [cc_name] + args
-    #print(" ".join(argv))
-    return subprocess.run(argv)
-
-
-def common_opts():
-    return [
-      "-g",
-    ]
-
-def cc_mode():
-    args = common_opts()
-    args += sys.argv[1:]
-    
-    args += ["-fsanitize-coverage=trace-pc-guard,trace-cmp"]
-    
-    if os.getenv("AFL_USE_ASAN"):
-        args += ["-fsanitize=address"]
-    if os.getenv("AFL_USE_MSAN"):
-        args += ["-fsanitize=memory"]
-    if os.getenv("AFL_USE_UBSAN"):
-        args += [
-                  "-fsanitize=undefined",
-                  "-fsanitize-undefined-trap-on-error",
-                  "-fno-sanitize-recover=all",
-                ]
-
-    return cc_exec(args)
-
-def ld_mode():
-    args = common_opts()
-    
-    args += sys.argv[1:]
-    args += [
-      os.path.join(script_dir, "runtime", "rt.o"),
-      os.path.join(script_dir, "target", "release", "liblibfuzzer.a"),
-    ]
-    
-    args += ["-fsanitize-coverage=trace-pc-guard,trace-cmp"]
-
-    if os.getenv("AFL_USE_ASAN"):
-        args += ["-fsanitize=address"]
-    if os.getenv("AFL_USE_MSAN"):
-        args += ["-fsanitize=memory"]
-    if os.getenv("AFL_USE_UBSAN"):
-        args += [
-                  "-fsanitize=undefined",
-                  "-fsanitize-undefined-trap-on-error",
-                  "-fno-sanitize-recover=all",
-                ]
-
-    args += ["-pthread", "-ldl"] # for Rust
-
-    return cc_exec(args)
-
-def is_ld_mode():
-    return not ("--version" in sys.argv or "--target-help" in sys.argv or
-                "-c" in sys.argv or "-E" in sys.argv or "-S" in sys.argv or
-                "-shared" in sys.argv)
-
-#print("\x1b[0;36m" + os.path.basename(sys.argv[0]) + " 1.0a\x1b[0m by <andreafioraldi@gmail.com>")
-
-if len(sys.argv) <= 1:
-  cc_exec(sys.argv[1:])
-elif is_ld_mode():
-    ld_mode()
-else:
-    cc_mode()
diff --git a/fuzzers/libfuzzer/in1/a b/fuzzers/libfuzzer/in1/a
new file mode 100644
index 0000000000..2e65efe2a1
--- /dev/null
+++ b/fuzzers/libfuzzer/in1/a
@@ -0,0 +1 @@
+a
\ No newline at end of file
diff --git a/fuzzers/libfuzzer/runtime/Makefile b/fuzzers/libfuzzer/runtime/Makefile
deleted file mode 100644
index 87e5cb0759..0000000000
--- a/fuzzers/libfuzzer/runtime/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
-CC ?= clang
-
-all: rt.o
-
-rt.o: rt.c
-	$(CC) -c rt.c
-
-clean:
-	rm -f rt.o
-
diff --git a/fuzzers/libfuzzer/runtime/rt.c b/fuzzers/libfuzzer/runtime/rt.c
index 43ccccc2f7..164c3351cc 100644
--- a/fuzzers/libfuzzer/runtime/rt.c
+++ b/fuzzers/libfuzzer/runtime/rt.c
@@ -144,10 +144,3 @@ int afl_libfuzzer_init() {
    return 0;
 
 }
-
-int main(int argc, char** argv) {
-
-  afl_libfuzzer_main();
-  return 0;
-
-}
diff --git a/fuzzers/libfuzzer/src/lib.rs b/fuzzers/libfuzzer/src/mod.rs
similarity index 99%
rename from fuzzers/libfuzzer/src/lib.rs
rename to fuzzers/libfuzzer/src/mod.rs
index ef37f6bfd3..7f46839373 100644
--- a/fuzzers/libfuzzer/src/lib.rs
+++ b/fuzzers/libfuzzer/src/mod.rs
@@ -47,8 +47,7 @@ fn harness<I>(_executor: &dyn Executor<I>, buf: &[u8]) -> ExitKind {
 
 const NAME_COV_MAP: &str = "cov_map";
 
-#[no_mangle]
-pub extern "C" fn afl_libfuzzer_main() {
+pub fn main() {
     let matches = App::new("libAFLrs fuzzer harness")
         .about("libAFLrs fuzzer harness help options.")
         .arg(
diff --git a/fuzzers/libfuzzer/test.sh b/fuzzers/libfuzzer/test.sh
index 335985452d..baa2ef0030 100755
--- a/fuzzers/libfuzzer/test.sh
+++ b/fuzzers/libfuzzer/test.sh
@@ -1,21 +1,17 @@
 #!/bin/sh
 
 cargo build --release || exit 1
-make -C runtime || exit 1
+cp ./target/release/libfuzzer ./.libfuzzer_test.elf
 
-rm -f test_fuzz.elf test_fuzz.o
-./compiler -flto=thin -c test/test.c -o test_fuzz.o || exit 1
-./compiler -flto=thin test_fuzz.o -o test_fuzz.elf || exit 1
-
-RUST_BACKTRACE=1 ./test_fuzz.elf &
+RUST_BACKTRACE=1 ./.libfuzzer_test.elf &
 
 test "$!" -gt 0 && {
 
   usleep 250
-  RUST_BACKTRACE=1 ./test_fuzz.elf -x a -x b -T5 in1 in2 &
+  RUST_BACKTRACE=1 ./.libfuzzer_test.elf -x a -x b -T5 in1 in2 &
 
 }
 
 sleep 10
-killall test_fuzz.elf
-
+killall .libfuzzer_test.elf
+rm -rf ./.libfuzzer_test.elf
\ No newline at end of file
diff --git a/fuzzers/libfuzzer_stats/build.rs b/fuzzers/libfuzzer_stats/build.rs
index 5bc05d03f2..cc702048da 100644
--- a/fuzzers/libfuzzer_stats/build.rs
+++ b/fuzzers/libfuzzer_stats/build.rs
@@ -12,7 +12,7 @@ fn main() {
     let out_dir = out_dir.to_string_lossy().to_string();
     let out_dir_path = Path::new(&out_dir);
 
-    println!("cargo:rerun-if-changed=./r&untime/rt.c",);
+    println!("cargo:rerun-if-changed=./runtime/rt.c",);
     println!("cargo:rerun-if-changed=harness.cc");
 
     cc::Build::new()