SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Finalize macOS support for libafl_libfuzzer (#1843)

Browse Source 
* libafl_targets: on macOS, do not provide a default implementation for weak functions

* libafl_libfuzzer: update README to talk about macOS specifics

* libafl_targets: allow __sanitizer_cov_pcs_init to be called more than once

---------

Co-authored-by: Dominik Maier <domenukk@gmail.com>
This commit is contained in:
Sameer Puri 2024-02-15 13:45:15 -08:00 committed by GitHub
parent 0a995f241c
commit 50892ddc75
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 22 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libafl_libfuzzer/README.md
View File

@ -51,6 +51,22 @@ As this branch generally offers the highest performance version of `libafl_libfu
Remember to `cargo update` often if using the experimental changes, and please [submit an issue] Remember to `cargo update` often if using the experimental changes, and please [submit an issue]
if you encounter problems while using `libfuzzer-best`! if you encounter problems while using `libfuzzer-best`!
#### macOS
On macOS, you will need to add weak linking for some functions in a `build.rs` file:
```rust
fn main() {
for func in [
"_libafl_main",
"_LLVMFuzzerCustomMutator",
"_LLVMFuzzerCustomCrossOver",
] {
println!("cargo:rustc-link-arg=-Wl,-U,{func}");
}
}
```
#### Caveats #### Caveats
Like harnesses built with `libfuzzer-sys`, Rust targets which build other libraries (e.g. C/C++ FFI) may not Like harnesses built with `libfuzzer-sys`, Rust targets which build other libraries (e.g. C/C++ FFI) may not

11
libafl_targets/src/common.h
View File

@ -140,14 +140,11 @@ typedef uint128_t u128;
#else #else
#if defined(__APPLE__) #if defined(__APPLE__)
// On Apple, weak_import and weak attrs behave differently to linux.
#define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN) \
__attribute__((weak, visibility("default"))) RETURN_TYPE NAME FUNC_SIG { \
return (RETURN_TYPE)0; \
}
#define EXT_FUNC_IMPL(NAME, RETURN_TYPE, FUNC_SIG, WARN) \ #define EXT_FUNC_IMPL(NAME, RETURN_TYPE, FUNC_SIG, WARN) \
EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN)
// Declare these symbols as weak to allow them to be optionally defined.
#define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN) \
__attribute__((weak, visibility("default"))) RETURN_TYPE NAME FUNC_SIG __attribute__((weak, visibility("default"))) RETURN_TYPE NAME FUNC_SIG
// Weakly defined globals // Weakly defined globals

4
libafl_targets/src/sancov_cmp.rs
View File

@ -34,11 +34,11 @@ extern "C" {
unsafe extern "C" fn __sanitizer_cov_pcs_init(pcs_beg: *const usize, pcs_end: *const usize) { unsafe extern "C" fn __sanitizer_cov_pcs_init(pcs_beg: *const usize, pcs_end: *const usize) {
// "The Unsafe Code Guidelines also notably defines that usize and isize are respectively compatible with uintptr_t and intptr_t defined in C." // "The Unsafe Code Guidelines also notably defines that usize and isize are respectively compatible with uintptr_t and intptr_t defined in C."
assert!( assert!(
PCS_BEG.is_null(), pcs_beg == PCS_BEG || PCS_BEG.is_null(),
"__sanitizer_cov_pcs_init can be called only once." "__sanitizer_cov_pcs_init can be called only once."
); );
assert!( assert!(
PCS_END.is_null(), pcs_end == PCS_END || PCS_END.is_null(),
"__sanitizer_cov_pcs_init can be called only once." "__sanitizer_cov_pcs_init can be called only once."
); );