From 4e4586d3b2d4f06708fe4d6b99ff2b34bc7672da Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Wed, 6 Jan 2021 00:51:57 +0100 Subject: [PATCH] a bit refactoring --- afl/src/corpus/mod.rs | 11 ++--- afl/src/corpus/testcase.rs | 12 ++--- afl/src/engines/mod.rs | 28 ++++++----- afl/src/events/mod.rs | 77 +++++++++++++++++++---------- afl/src/executors/inmemory.rs | 39 +++++++++------ afl/src/executors/mod.rs | 10 ++-- afl/src/feedbacks/mod.rs | 18 ++++--- afl/src/generators/mod.rs | 12 ++--- afl/src/inputs/bytes.rs | 7 +-- afl/src/inputs/mod.rs | 13 +++-- afl/src/metamap.rs | 15 +++--- afl/src/mutators/mod.rs | 5 +- afl/src/mutators/mutations.rs | 12 +++-- afl/src/mutators/scheduled.rs | 11 +++-- afl/src/observers/mod.rs | 14 ++++-- afl/src/stages/mod.rs | 22 +++++---- afl/src/stages/mutational.rs | 24 ++++----- afl/src/tuples.rs | 4 +- afl/src/utils.rs | 4 +- fuzzers/libfuzzer_libpng/build.rs | 7 +-- fuzzers/libfuzzer_libpng/src/mod.rs | 23 ++++++--- 21 files changed, 207 insertions(+), 161 deletions(-) diff --git a/afl/src/corpus/mod.rs b/afl/src/corpus/mod.rs index 1bbb14170b..7afc731787 100644 --- a/afl/src/corpus/mod.rs +++ b/afl/src/corpus/mod.rs @@ -1,19 +1,14 @@ pub mod testcase; pub use testcase::Testcase; -use alloc::borrow::ToOwned; -use alloc::vec::Vec; -use core::cell::RefCell; -use core::marker::PhantomData; -use core::ptr; +use alloc::{borrow::ToOwned, vec::Vec}; +use core::{cell::RefCell, marker::PhantomData, ptr}; use serde::{Deserialize, Serialize}; #[cfg(feature = "std")] use std::path::PathBuf; -use crate::inputs::Input; -use crate::utils::Rand; -use crate::AflError; +use crate::{inputs::Input, utils::Rand, AflError}; /// A way to obtain the containing testcase entries pub trait HasTestcaseVec diff --git a/afl/src/corpus/testcase.rs b/afl/src/corpus/testcase.rs index 50d6c78a9c..d389b3c880 100644 --- a/afl/src/corpus/testcase.rs +++ b/afl/src/corpus/testcase.rs @@ -1,12 +1,12 @@ use alloc::string::String; -use core::convert::Into; -use core::default::Default; -use core::option::Option; +use core::{convert::Into, default::Default, option::Option}; use serde::{Deserialize, Serialize}; -use crate::inputs::Input; -use crate::serde_anymap::{SerdeAny, SerdeAnyMap}; -use crate::AflError; +use crate::{ + inputs::Input, + serde_anymap::{SerdeAny, SerdeAnyMap}, + AflError, +}; /// An entry in the Testcase Corpus #[derive(Default, Serialize, Deserialize, Clone, Debug)] diff --git a/afl/src/engines/mod.rs b/afl/src/engines/mod.rs index 99dab97181..7b940815ec 100644 --- a/afl/src/engines/mod.rs +++ b/afl/src/engines/mod.rs @@ -9,21 +9,23 @@ use std::{ path::{Path, PathBuf}, }; -use crate::corpus::{Corpus, Testcase}; -use crate::events::EventManager; -use crate::executors::{Executor, ExecutorsTuple, HasObservers}; -use crate::feedbacks::FeedbacksTuple; -use crate::generators::Generator; +use crate::{ + corpus::{Corpus, Testcase}, + events::EventManager, + executors::{Executor, ExecutorsTuple, HasObservers}, + feedbacks::FeedbacksTuple, + generators::Generator, + inputs::Input, + observers::ObserversTuple, + serde_anymap::{SerdeAny, SerdeAnyMap}, + stages::StagesTuple, + tuples::{tuple_list, tuple_list_type}, + utils::{current_milliseconds, Rand}, + AflError, +}; + #[cfg(feature = "std")] use crate::inputs::bytes::BytesInput; -use crate::inputs::Input; -use crate::observers::ObserversTuple; -use crate::serde_anymap::{SerdeAny, SerdeAnyMap}; -use crate::stages::StagesTuple; -use crate::tuples::{tuple_list, tuple_list_type}; -use crate::utils::{current_milliseconds, Rand}; - -use crate::AflError; pub trait StateMetadata: Debug { /// The name of this metadata - used to find it in the list of avaliable metadatas diff --git a/afl/src/events/mod.rs b/afl/src/events/mod.rs index 239654fe43..95a4b7c4a4 100644 --- a/afl/src/events/mod.rs +++ b/afl/src/events/mod.rs @@ -1,25 +1,30 @@ pub mod llmp; pub mod shmem; -use alloc::string::{String, ToString}; -use alloc::vec::Vec; -use core::time::Duration; -use core::{marker::PhantomData, time}; +use alloc::{ + string::{String, ToString}, + vec::Vec, +}; +use core::{ + time::Duration, + {marker::PhantomData, time}, +}; use serde::{Deserialize, Serialize}; use self::{ llmp::{LlmpClient, Tag}, shmem::ShMem, }; -use crate::corpus::Corpus; -use crate::executors::Executor; -use crate::feedbacks::FeedbacksTuple; -use crate::inputs::Input; -use crate::observers::ObserversTuple; -use crate::serde_anymap::Ptr; -use crate::utils::Rand; -use crate::AflError; -use crate::{engines::State, utils}; +use crate::{ + corpus::Corpus, + feedbacks::FeedbacksTuple, + inputs::Input, + observers::ObserversTuple, + serde_anymap::Ptr, + utils::Rand, + AflError, + {engines::State, utils}, +}; #[cfg(feature = "std")] use shmem::AflShmem; @@ -235,16 +240,23 @@ where &mut self, state: &mut State, corpus: &mut C, - ) -> Result where + ) -> Result + where C: Corpus, FT: FeedbacksTuple, R: Rand; - fn serialize_observers(&mut self, observers: &OT) -> Result, AflError> where OT: ObserversTuple { + fn serialize_observers(&mut self, observers: &OT) -> Result, AflError> + where + OT: ObserversTuple, + { Ok(postcard::to_allocvec(observers)?) } - fn deserialize_observers(&mut self, observers_buf: &[u8]) -> Result where OT: ObserversTuple { + fn deserialize_observers(&mut self, observers_buf: &[u8]) -> Result + where + OT: ObserversTuple, + { Ok(postcard::from_bytes(observers_buf)?) } @@ -254,7 +266,10 @@ where _observers: &OT, _corpus_size: usize, _config: String, - ) -> Result<(), AflError> where OT: ObserversTuple { + ) -> Result<(), AflError> + where + OT: ObserversTuple, + { Ok(()) } @@ -410,8 +425,7 @@ where events: Vec>, } -impl EventManager - for LoggerEventManager +impl EventManager for LoggerEventManager where I: Input, ST: Stats, @@ -421,10 +435,12 @@ where &mut self, state: &mut State, corpus: &mut C, - ) -> Result where + ) -> Result + where C: Corpus, FT: FeedbacksTuple, - R: Rand { + R: Rand, + { let count = self.events.len(); self.events .drain(..) @@ -438,7 +454,10 @@ where _observers: &OT, corpus_size: usize, _config: String, - ) -> Result<(), AflError> where OT: ObserversTuple { + ) -> Result<(), AflError> + where + OT: ObserversTuple, + { let event = LoggerEvent::NewTestcase { corpus_size: corpus_size, phantom: PhantomData, @@ -823,8 +842,7 @@ where } } -impl EventManager - for LlmpEventManager +impl EventManager for LlmpEventManager where I: Input, SH: ShMem, @@ -835,10 +853,12 @@ where &mut self, state: &mut State, corpus: &mut C, - ) -> Result where + ) -> Result + where C: Corpus, FT: FeedbacksTuple, - R: Rand { + R: Rand, + { // TODO: Get around local event copy by moving handle_in_client Ok(match &mut self.llmp { llmp::LlmpConnection::IsClient { client } => { @@ -875,7 +895,10 @@ where observers: &OT, corpus_size: usize, config: String, - ) -> Result<(), AflError> where OT: ObserversTuple { + ) -> Result<(), AflError> + where + OT: ObserversTuple, + { let kind = LLMPEventKind::NewTestcase { input: Ptr::Ref(input), observers_buf: postcard::to_allocvec(observers)?, diff --git a/afl/src/executors/inmemory.rs b/afl/src/executors/inmemory.rs index 4ccac316dd..c66ee0da1b 100644 --- a/afl/src/executors/inmemory.rs +++ b/afl/src/executors/inmemory.rs @@ -1,4 +1,4 @@ -use alloc::{boxed::Box, string::ToString, vec::Vec}; +use alloc::{boxed::Box, vec::Vec}; use core::{ffi::c_void, ptr}; use crate::{ @@ -134,8 +134,7 @@ where _state: &State, _corpus: &C, _event_mgr: &EM, - ) -> Self - { + ) -> Self { /*#[cfg(feature = "std")] unsafe { CORPUS_PTR = _corpus as *const _ as *const c_void; @@ -155,7 +154,10 @@ where /// Serialize the current state and corpus during an executiont to bytes. /// This method is needed when the fuzzer run crashes and has to restart. -pub fn serialize_state_corpus(state: &State, corpus: &C) -> Result, AflError> +pub fn serialize_state_corpus( + state: &State, + corpus: &C, +) -> Result, AflError> where C: Corpus, FT: FeedbacksTuple, @@ -205,12 +207,12 @@ pub mod unix_signals { use crate::{ corpus::Corpus, - events::EventManager, - executors::{ - inmemory::{OnCrashFunction, ExitKind, CURRENT_INPUT_PTR, CURRENT_ON_CRASH_FN, CORPUS_PTR, STATE_PTR, EVENT_MANAGER_PTR}, - Executor, - }, engines::State, + events::EventManager, + executors::inmemory::{ + ExitKind, OnCrashFunction, CORPUS_PTR, CURRENT_INPUT_PTR, CURRENT_ON_CRASH_FN, + EVENT_MANAGER_PTR, STATE_PTR, + }, feedbacks::FeedbacksTuple, inputs::Input, observers::ObserversTuple, @@ -243,7 +245,9 @@ pub mod unix_signals { let input = (CURRENT_INPUT_PTR as *const I).as_ref().unwrap(); let corpus = (CORPUS_PTR as *const C).as_ref().unwrap(); - let state = (EVENT_MANAGER_PTR as *const State).as_ref().unwrap(); + let state = (EVENT_MANAGER_PTR as *const State) + .as_ref() + .unwrap(); let manager = (EVENT_MANAGER_PTR as *mut EM).as_mut().unwrap(); if !CURRENT_ON_CRASH_FN.is_null() { @@ -279,7 +283,9 @@ pub mod unix_signals { let input = (CURRENT_INPUT_PTR as *const I).as_ref().unwrap(); let corpus = (CORPUS_PTR as *const C).as_ref().unwrap(); - let state = (EVENT_MANAGER_PTR as *const State).as_ref().unwrap(); + let state = (EVENT_MANAGER_PTR as *const State) + .as_ref() + .unwrap(); let manager = (EVENT_MANAGER_PTR as *mut EM).as_mut().unwrap(); if !CURRENT_ON_CRASH_FN.is_null() { @@ -288,7 +294,7 @@ pub mod unix_signals { input, state, corpus, - manager + manager, ); } @@ -299,8 +305,11 @@ pub mod unix_signals { } // TODO clearly state that manager should be static (maybe put the 'static lifetime?) - pub unsafe fn setup_crash_handlers(state: &State, corpus: &C, manager: &mut EM) - where + pub unsafe fn setup_crash_handlers( + state: &State, + corpus: &C, + manager: &mut EM, + ) where EM: EventManager, C: Corpus, OT: ObserversTuple, @@ -311,7 +320,7 @@ pub mod unix_signals { CORPUS_PTR = corpus as *const _ as *const c_void; STATE_PTR = state as *const _ as *const c_void; EVENT_MANAGER_PTR = manager as *mut _ as *mut c_void; - + let mut sa: sigaction = mem::zeroed(); libc::sigemptyset(&mut sa.sa_mask as *mut libc::sigset_t); sa.sa_flags = SA_NODEFER | SA_SIGINFO; diff --git a/afl/src/executors/mod.rs b/afl/src/executors/mod.rs index 1a3919ac69..0d1ead666f 100644 --- a/afl/src/executors/mod.rs +++ b/afl/src/executors/mod.rs @@ -4,10 +4,12 @@ pub mod runtime; use core::marker::PhantomData; -use crate::inputs::{HasTargetBytes, Input}; -use crate::observers::ObserversTuple; -use crate::tuples::{MatchNameAndType, MatchType, Named, TupleList}; -use crate::AflError; +use crate::{ + inputs::{HasTargetBytes, Input}, + observers::ObserversTuple, + tuples::{MatchNameAndType, MatchType, Named, TupleList}, + AflError, +}; /// How an execution finished. pub enum ExitKind { diff --git a/afl/src/feedbacks/mod.rs b/afl/src/feedbacks/mod.rs index 80f5afbde6..50ce8ff4dd 100644 --- a/afl/src/feedbacks/mod.rs +++ b/afl/src/feedbacks/mod.rs @@ -1,14 +1,18 @@ -use alloc::string::{String, ToString}; -use alloc::vec::Vec; +use alloc::{ + string::{String, ToString}, + vec::Vec, +}; use core::marker::PhantomData; use num::Integer; use serde::{Deserialize, Serialize}; -use crate::corpus::Testcase; -use crate::inputs::Input; -use crate::observers::{MapObserver, Observer, ObserversTuple}; -use crate::tuples::{Named, TupleList}; -use crate::AflError; +use crate::{ + corpus::Testcase, + inputs::Input, + observers::{MapObserver, Observer, ObserversTuple}, + tuples::{Named, TupleList}, + AflError, +}; pub type MaxMapFeedback = MapFeedback, O>; pub type MinMapFeedback = MapFeedback, O>; diff --git a/afl/src/generators/mod.rs b/afl/src/generators/mod.rs index f0a076b565..b8d2e91587 100644 --- a/afl/src/generators/mod.rs +++ b/afl/src/generators/mod.rs @@ -1,11 +1,11 @@ use alloc::vec::Vec; -use core::cmp::min; -use core::marker::PhantomData; +use core::{cmp::min, marker::PhantomData}; -use crate::inputs::bytes::BytesInput; -use crate::inputs::Input; -use crate::utils::Rand; -use crate::AflError; +use crate::{ + inputs::{bytes::BytesInput, Input}, + utils::Rand, + AflError, +}; /// The maximum size of dummy bytes generated by _dummy generator methods const DUMMY_BYTES_MAX: usize = 64; diff --git a/afl/src/inputs/bytes.rs b/afl/src/inputs/bytes.rs index 86cf60f731..f2e5d8829e 100644 --- a/afl/src/inputs/bytes.rs +++ b/afl/src/inputs/bytes.rs @@ -1,8 +1,5 @@ -use alloc::borrow::ToOwned; -use alloc::rc::Rc; -use alloc::vec::Vec; -use core::cell::RefCell; -use core::convert::From; +use alloc::{borrow::ToOwned, rc::Rc, vec::Vec}; +use core::{cell::RefCell, convert::From}; use serde::{Deserialize, Serialize}; use crate::inputs::{HasBytesVec, HasTargetBytes, Input, TargetBytes}; diff --git a/afl/src/inputs/mod.rs b/afl/src/inputs/mod.rs index 67990ef721..2c487d4aff 100644 --- a/afl/src/inputs/mod.rs +++ b/afl/src/inputs/mod.rs @@ -2,15 +2,14 @@ pub mod bytes; pub use bytes::BytesInput; use alloc::vec::Vec; -use core::clone::Clone; -use core::fmt::Debug; +use core::{clone::Clone, fmt::Debug}; #[cfg(feature = "std")] -use std::fs::File; -#[cfg(feature = "std")] -use std::io::{Read, Write}; -#[cfg(feature = "std")] -use std::path::Path; +use std::{ + fs::File, + io::{Read, Write}, + path::Path, +}; use crate::AflError; diff --git a/afl/src/metamap.rs b/afl/src/metamap.rs index ce8698cab3..3edc566a00 100644 --- a/afl/src/metamap.rs +++ b/afl/src/metamap.rs @@ -1,9 +1,12 @@ -use alloc::boxed::Box; -use alloc::vec::Vec; -use core::any::{Any, TypeId}; -use core::slice::{Iter, IterMut}; -use hashbrown::hash_map::{Keys, Values, ValuesMut}; -use hashbrown::HashMap; +use alloc::{boxed::Box, vec::Vec}; +use core::{ + any::{Any, TypeId}, + slice::{Iter, IterMut}, +}; +use hashbrown::{ + hash_map::{Keys, Values, ValuesMut}, + HashMap, +}; /// A map, storing any trait object by TypeId #[derive(Default)] diff --git a/afl/src/mutators/mod.rs b/afl/src/mutators/mod.rs index d7de0fb722..fe34056766 100644 --- a/afl/src/mutators/mod.rs +++ b/afl/src/mutators/mod.rs @@ -3,10 +3,7 @@ pub use scheduled::*; pub mod mutations; pub use mutations::*; -use crate::corpus::Corpus; -use crate::inputs::Input; -use crate::utils::Rand; -use crate::AflError; +use crate::{corpus::Corpus, inputs::Input, utils::Rand, AflError}; // TODO mutator stats method that produces something that can be sent with the NewTestcase event // We can use it to report which mutations generated the testcase in the broker logs diff --git a/afl/src/mutators/mutations.rs b/afl/src/mutators/mutations.rs index 62ce704fd9..5d641d4d33 100644 --- a/afl/src/mutators/mutations.rs +++ b/afl/src/mutators/mutations.rs @@ -1,8 +1,10 @@ -use crate::inputs::{HasBytesVec, Input}; -use crate::mutators::Corpus; -use crate::mutators::*; -use crate::utils::Rand; -use crate::AflError; +use crate::{ + inputs::{HasBytesVec, Input}, + mutators::Corpus, + mutators::*, + utils::Rand, + AflError, +}; /// The result of a mutation. /// If the mutation got skipped, the target diff --git a/afl/src/mutators/scheduled.rs b/afl/src/mutators/scheduled.rs index 6a8f206607..18cf7a31be 100644 --- a/afl/src/mutators/scheduled.rs +++ b/afl/src/mutators/scheduled.rs @@ -1,11 +1,12 @@ use alloc::vec::Vec; use core::marker::PhantomData; -use crate::inputs::{HasBytesVec, Input}; -use crate::mutators::Corpus; -use crate::mutators::*; -use crate::utils::Rand; -use crate::AflError; +use crate::{ + inputs::{HasBytesVec, Input}, + mutators::{Corpus, *}, + utils::Rand, + AflError, +}; pub trait ScheduledMutator: Mutator + ComposedByMutations where diff --git a/afl/src/observers/mod.rs b/afl/src/observers/mod.rs index 23d7deb8de..6ea5f09ef2 100644 --- a/afl/src/observers/mod.rs +++ b/afl/src/observers/mod.rs @@ -1,12 +1,16 @@ extern crate num; -use alloc::string::{String, ToString}; -use alloc::vec::Vec; +use alloc::{ + string::{String, ToString}, + vec::Vec, +}; use serde::{Deserialize, Serialize}; -use crate::serde_anymap::{ArrayMut, Cptr}; -use crate::tuples::{MatchNameAndType, MatchType, Named, TupleList}; -use crate::AflError; +use crate::{ + serde_anymap::{ArrayMut, Cptr}, + tuples::{MatchNameAndType, MatchType, Named, TupleList}, + AflError, +}; /// Observers observe different information about the target. /// They can then be used by various sorts of feedback. diff --git a/afl/src/stages/mod.rs b/afl/src/stages/mod.rs index dd2c3260f3..52ac8ff6b0 100644 --- a/afl/src/stages/mod.rs +++ b/afl/src/stages/mod.rs @@ -1,16 +1,18 @@ pub mod mutational; pub use mutational::StdMutationalStage; -use crate::corpus::Corpus; -use crate::engines::{Engine, State}; -use crate::events::EventManager; -use crate::executors::{Executor, ExecutorsTuple, HasObservers}; -use crate::feedbacks::FeedbacksTuple; -use crate::inputs::Input; -use crate::observers::ObserversTuple; -use crate::tuples::TupleList; -use crate::utils::Rand; -use crate::AflError; +use crate::{ + corpus::Corpus, + engines::{Engine, State}, + events::EventManager, + executors::{Executor, ExecutorsTuple, HasObservers}, + feedbacks::FeedbacksTuple, + inputs::Input, + observers::ObserversTuple, + tuples::TupleList, + utils::Rand, + AflError, +}; /// A stage is one step in the fuzzing process. /// Multiple stages will be scheduled one by one for each input. diff --git a/afl/src/stages/mutational.rs b/afl/src/stages/mutational.rs index 8d04ef5e27..ea0c6cacf0 100644 --- a/afl/src/stages/mutational.rs +++ b/afl/src/stages/mutational.rs @@ -1,16 +1,18 @@ use core::marker::PhantomData; -use crate::engines::State; -use crate::events::EventManager; -use crate::executors::{Executor, ExecutorsTuple, HasObservers}; -use crate::feedbacks::FeedbacksTuple; -use crate::inputs::Input; -use crate::mutators::Mutator; -use crate::observers::ObserversTuple; -use crate::stages::Corpus; -use crate::stages::{Engine, Stage}; -use crate::utils::Rand; -use crate::AflError; +use crate::{ + engines::State, + events::EventManager, + executors::{Executor, ExecutorsTuple, HasObservers}, + feedbacks::FeedbacksTuple, + inputs::Input, + mutators::Mutator, + observers::ObserversTuple, + stages::Corpus, + stages::{Engine, Stage}, + utils::Rand, + AflError, +}; // TODO multi mutators stage diff --git a/afl/src/tuples.rs b/afl/src/tuples.rs index f0b4831015..4b6dcfa20f 100644 --- a/afl/src/tuples.rs +++ b/afl/src/tuples.rs @@ -1,6 +1,4 @@ -pub use tuple_list::tuple_list; -pub use tuple_list::tuple_list_type; -pub use tuple_list::TupleList; +pub use tuple_list::{tuple_list, tuple_list_type, TupleList}; use core::any::TypeId; diff --git a/afl/src/utils.rs b/afl/src/utils.rs index bff255e56f..10700f0177 100644 --- a/afl/src/utils.rs +++ b/afl/src/utils.rs @@ -1,9 +1,7 @@ //! Utility functions for AFL use alloc::rc::Rc; -use core::debug_assert; -use core::fmt::Debug; -use core::{cell::RefCell, time}; +use core::{cell::RefCell, debug_assert, fmt::Debug, time}; use xxhash_rust::xxh3::xxh3_64_with_seed; #[cfg(feature = "std")] diff --git a/fuzzers/libfuzzer_libpng/build.rs b/fuzzers/libfuzzer_libpng/build.rs index f9f76f2578..ed6c162c8e 100644 --- a/fuzzers/libfuzzer_libpng/build.rs +++ b/fuzzers/libfuzzer_libpng/build.rs @@ -4,7 +4,8 @@ use std::env; use std::path::Path; use std::process::Command; -const LIBPNG_URL: &str = "https://deac-fra.dl.sourceforge.net/project/libpng/libpng16/1.6.37/libpng-1.6.37.tar.xz"; +const LIBPNG_URL: &str = + "https://deac-fra.dl.sourceforge.net/project/libpng/libpng16/1.6.37/libpng-1.6.37.tar.xz"; fn main() { let out_dir = env::var_os("OUT_DIR").unwrap(); @@ -18,7 +19,7 @@ fn main() { let libpng = format!("{}/libpng-1.6.37", &out_dir); let libpng_path = Path::new(&libpng); let libpng_tar = format!("{}/libpng-1.6.37.tar.xz", &cwd); - + if !libpng_path.is_dir() { if !Path::new(&libpng_tar).is_file() { println!("cargo:warning=Libpng not found, downloading..."); @@ -82,7 +83,7 @@ fn main() { .status() .unwrap(); } - + cc::Build::new() .include(&libpng_path) .file("../libfuzzer_runtime/rt.c") diff --git a/fuzzers/libfuzzer_libpng/src/mod.rs b/fuzzers/libfuzzer_libpng/src/mod.rs index e95d4d18e3..321edf9157 100644 --- a/fuzzers/libfuzzer_libpng/src/mod.rs +++ b/fuzzers/libfuzzer_libpng/src/mod.rs @@ -2,7 +2,6 @@ extern crate clap; use clap::{App, Arg}; -use postcard; use std::{env, path::PathBuf, process::Command}; use afl::{ @@ -15,17 +14,17 @@ use afl::{ EventManager, LlmpEventManager, SimpleStats, }, executors::{ - inmemory::{serialize_state_corpus, deserialize_state_corpus, InMemoryExecutor}, + inmemory::{deserialize_state_corpus, serialize_state_corpus, InMemoryExecutor}, Executor, ExitKind, }, feedbacks::MaxMapFeedback, generators::RandPrintablesGenerator, + inputs::BytesInput, mutators::{scheduled::HavocBytesMutator, HasMaxSize}, observers::StdMapObserver, stages::mutational::StdMutationalStage, tuples::tuple_list, utils::StdRand, - inputs::BytesInput, AflError, }; @@ -104,7 +103,10 @@ fn fuzz(input: Option>, broker_port: u16) -> Result<(), AflError> { // We are the fuzzing instance, first, connect to all channels. // Mgr to send and receive msgs from/to all other fuzzer instances - mgr = LlmpEventManager::::existing_client_from_env_std(ENV_FUZZER_BROKER_CLIENT, stats)?; + mgr = LlmpEventManager::::existing_client_from_env_std( + ENV_FUZZER_BROKER_CLIENT, + stats, + )?; // A sender and a receiver for single communication let mut receiver = LlmpReceiver::::on_existing_from_env(ENV_FUZZER_RECEIVER)?; let mut sender = LlmpSender::::on_existing_from_env(ENV_FUZZER_SENDER)?; @@ -143,9 +145,14 @@ fn fuzz(input: Option>, broker_port: u16) -> Result<(), AflError> { tuple_list!(edges_observer), Box::new(move |exit_kind, input, state, corpus, mgr| { match exit_kind { - ExitKind::Timeout => mgr.timeout(input).expect(&format!("Error sending Timeout event for input {:?}", input)), - ExitKind::Crash => mgr.crash(input).expect(&format!("Error sending crash event for input {:?}", input)), - _ => () + ExitKind::Timeout => mgr.timeout(input).expect(&format!( + "Error sending Timeout event for input {:?}", + input + )), + ExitKind::Crash => mgr + .crash(input) + .expect(&format!("Error sending crash event for input {:?}", input)), + _ => (), } let state_corpus_serialized = serialize_state_corpus(state, corpus).unwrap(); sender.send_buf(0x1, &state_corpus_serialized).unwrap(); @@ -250,6 +257,6 @@ pub fn main() { println!("Workdir: {:?}", workdir); - fuzz(Some(vec![PathBuf::from("./corpus/")]), broker_port).expect("An error occurred while fuzzing"); + fuzz(Some(vec![PathBuf::from("./in1")]), broker_port).expect("An error occurred while fuzzing"); //fuzz(input, broker_port).expect("An error occurred while fuzzing"); }