SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Small refactoring of nits in #635 (#636)

Browse Source 
* fix

* more

* fmt

* fix

* fix

* fix

* fix

* fmt

* fmt

* fix
This commit is contained in:
Dongjia Zhang 2022-05-20 14:26:28 +09:00 committed by GitHub
parent 4eba9323c5
commit 5570601fea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 21 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libafl/src/bolts/cli.rs
View File

@ -124,7 +124,7 @@ pub struct FuzzerOptions {
pub stdout: String, pub stdout: String,
/// the name of the configuration to use /// the name of the configuration to use
#[clap(short, long, default_value = "default configuration")] #[clap(long, default_value = "default configuration")]
pub configuration: String, pub configuration: String,
/// enable Address Sanitizer (ASAN) /// enable Address Sanitizer (ASAN)
@ -278,7 +278,7 @@ pub struct FuzzerOptions {
/// Spawn a client in each of the provided cores. Use 'all' to select all available /// Spawn a client in each of the provided cores. Use 'all' to select all available
/// cores. 'none' to run a client without binding to any core. /// cores. 'none' to run a client without binding to any core.
/// ex: '1,2-4,6' selects the cores 1, 2, 3, 4, and 6. /// ex: '1,2-4,6' selects the cores 1, 2, 3, 4, and 6.
#[clap(long, default_value = "0", parse(try_from_str = Cores::from_cmdline))] #[clap(short = 'c', long, default_value = "0", parse(try_from_str = Cores::from_cmdline))]
pub cores: Cores, pub cores: Cores,
/// port on which the broker should listen /// port on which the broker should listen

17
libafl/src/bolts/mod.rs
View File

@ -110,6 +110,23 @@ pub fn current_time() -> time::Duration {
time::Duration::from_millis(millis) time::Duration::from_millis(millis)
} }
/// Given a u64 number, return a hashed number using this mixing function
/// This function is used to hash an address into a more random number (used in `libafl_frida`).
/// Mixing function: <http://mostlymangling.blogspot.com/2018/07/on-mixing-functions-in-fast-splittable.html>
#[inline]
#[must_use]
pub fn xxh3_rrmxmx_mixer(v: u64) -> u64 {
let tmp = (v >> 32) + ((v & 0xffffffff) << 32);
let bitflip = 0x1cad21f72c81017c ^ 0xdb979082e96dd4de;
let mut h64 = tmp ^ bitflip;
h64 = h64.rotate_left(49) & h64.rotate_left(24);
h64 = h64.wrapping_mul(0x9FB21C651E98DF25);
h64 ^= (h64 >> 35) + 8;
h64 = h64.wrapping_mul(0x9FB21C651E98DF25);
h64 ^= h64 >> 28;
h64
}
/// Gets current nanoseconds since [`UNIX_EPOCH`] /// Gets current nanoseconds since [`UNIX_EPOCH`]
#[must_use] #[must_use]
#[inline] #[inline]

10
libafl_frida/src/coverage_rt.rs
View File

@ -14,6 +14,7 @@ use frida_gum::instruction_writer::{Aarch64Register, IndexMode};
use frida_gum::{instruction_writer::InstructionWriter, stalker::StalkerOutput}; use frida_gum::{instruction_writer::InstructionWriter, stalker::StalkerOutput};
use crate::helper::FridaRuntime; use crate::helper::FridaRuntime;
use libafl::bolts::xxh3_rrmxmx_mixer;
/// (Default) map size for frida coverage reporting /// (Default) map size for frida coverage reporting
pub const MAP_SIZE: usize = 64 * 1024; pub const MAP_SIZE: usize = 64 * 1024;
@ -154,14 +155,7 @@ impl CoverageRuntime {
/// Emits coverage mapping into the current basic block. /// Emits coverage mapping into the current basic block.
#[inline] #[inline]
pub fn emit_coverage_mapping(&mut self, address: u64, output: &StalkerOutput) { pub fn emit_coverage_mapping(&mut self, address: u64, output: &StalkerOutput) {
let tmp = (address >> 32) + ((address & 0xffffffff) << 32); let h64 = xxh3_rrmxmx_mixer(address);
let bitflip = 0x1cad21f72c81017c ^ 0xdb979082e96dd4de;
let mut h64 = tmp ^ bitflip;
h64 = h64.rotate_left(49) & h64.rotate_left(24);
h64 = h64.wrapping_mul(0x9FB21C651E98DF25);
h64 ^= (h64 >> 35) + 8;
h64 = h64.wrapping_mul(0x9FB21C651E98DF25);
h64 ^= h64 >> 28;
let writer = output.writer(); let writer = output.writer();
#[allow(clippy::cast_possible_wrap)] // gum redzone size is u32, we need an offset as i32. #[allow(clippy::cast_possible_wrap)] // gum redzone size is u32, we need an offset as i32.