From 71b33757f768e35cfaa67bcdf36ff98ba57f3268 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Thu, 11 Feb 2021 14:39:37 +0100 Subject: [PATCH] moved non-fuzzer things to ./bolts --- afl/examples/llmp_test/main.rs | 5 +++- afl/src/{ => bolts}/llmp.rs | 4 ++-- afl/src/{ => bolts}/metamap.rs | 0 afl/src/bolts/mod.rs | 7 ++++++ afl/src/{ => bolts}/serde_anymap.rs | 8 +++---- afl/src/{ => bolts}/shmem.rs | 0 afl/src/{ => bolts}/tuples.rs | 0 afl/src/corpus/testcase.rs | 2 +- afl/src/events/mod.rs | 36 ++++++++++++++++------------- afl/src/executors/inprocess.rs | 4 ++-- afl/src/executors/mod.rs | 2 +- afl/src/feedbacks/mod.rs | 2 +- afl/src/lib.rs | 10 +++----- afl/src/mutators/mutations.rs | 2 +- afl/src/mutators/scheduled.rs | 2 +- afl/src/mutators/token_mutations.rs | 2 +- afl/src/observers/mod.rs | 8 ++++--- afl/src/stages/mod.rs | 2 +- afl/src/state/mod.rs | 2 +- afl/src/utils.rs | 2 +- fuzzers/libfuzzer_libpng/src/mod.rs | 2 +- 21 files changed, 57 insertions(+), 45 deletions(-) rename afl/src/{ => bolts}/llmp.rs (99%) rename afl/src/{ => bolts}/metamap.rs (100%) create mode 100644 afl/src/bolts/mod.rs rename afl/src/{ => bolts}/serde_anymap.rs (98%) rename afl/src/{ => bolts}/shmem.rs (100%) rename afl/src/{ => bolts}/tuples.rs (100%) diff --git a/afl/examples/llmp_test/main.rs b/afl/examples/llmp_test/main.rs index 754ff1590e..4f8f79abda 100644 --- a/afl/examples/llmp_test/main.rs +++ b/afl/examples/llmp_test/main.rs @@ -6,7 +6,10 @@ extern crate alloc; use core::{convert::TryInto, time::Duration}; use std::{thread, time}; -use afl::{llmp, shmem::AflShmem, AflError}; +use afl::{ + bolts::{llmp, shmem::AflShmem}, + AflError, +}; const TAG_SIMPLE_U32_V1: u32 = 0x51300321; const TAG_MATH_RESULT_V1: u32 = 0x77474331; diff --git a/afl/src/llmp.rs b/afl/src/bolts/llmp.rs similarity index 99% rename from afl/src/llmp.rs rename to afl/src/bolts/llmp.rs index 429e9a9a0c..7a1d293ca4 100644 --- a/afl/src/llmp.rs +++ b/afl/src/bolts/llmp.rs @@ -1,5 +1,5 @@ /*! -A PoC for low level message passing +A library for low level message passing To send new messages, the clients place a new message at the end of their client_out_map. If the ringbuf is filled up, they start place a @@ -1609,7 +1609,7 @@ mod tests { Tag, }; #[cfg(feature = "std")] - use crate::shmem::AflShmem; + use crate::bolts::shmem::AflShmem; #[cfg(feature = "std")] #[test] diff --git a/afl/src/metamap.rs b/afl/src/bolts/metamap.rs similarity index 100% rename from afl/src/metamap.rs rename to afl/src/bolts/metamap.rs diff --git a/afl/src/bolts/mod.rs b/afl/src/bolts/mod.rs new file mode 100644 index 0000000000..0ced888f4b --- /dev/null +++ b/afl/src/bolts/mod.rs @@ -0,0 +1,7 @@ +//! Bolts are no conceptual fuzzing elements, but they keep libafl-based fuzzers together. + +pub mod llmp; +pub mod metamap; +pub mod serde_anymap; +pub mod shmem; +pub mod tuples; diff --git a/afl/src/serde_anymap.rs b/afl/src/bolts/serde_anymap.rs similarity index 98% rename from afl/src/serde_anymap.rs rename to afl/src/bolts/serde_anymap.rs index fd12c5f28b..f9df55db0f 100644 --- a/afl/src/serde_anymap.rs +++ b/afl/src/bolts/serde_anymap.rs @@ -78,7 +78,7 @@ macro_rules! create_serde_registry_for_trait { use hashbrown::hash_map::{Keys, Values, ValuesMut}; use hashbrown::HashMap; - use $crate::serde_anymap::{ + use $crate::bolts::serde_anymap::{ pack_type_id, unpack_type_id, DeserializeCallback, DeserializeCallbackSeed, }; use $crate::AflError; @@ -470,10 +470,10 @@ macro_rules! create_serde_registry_for_trait { { use serde::ser::SerializeSeq; - let id = $crate::serde_anymap::unpack_type_id(self.type_id()); + let id = $crate::bolts::serde_anymap::unpack_type_id(self.type_id()); let mut seq = se.serialize_seq(Some(2))?; seq.serialize_element(&id)?; - seq.serialize_element(&$crate::serde_anymap::Wrap(self))?; + seq.serialize_element(&$crate::bolts::serde_anymap::Wrap(self))?; seq.end() } } @@ -489,7 +489,7 @@ macro_rules! create_serde_registry_for_trait { }; } -create_serde_registry_for_trait!(serdeany_serde, crate::serde_anymap::SerdeAny); +create_serde_registry_for_trait!(serdeany_serde, crate::bolts::serde_anymap::SerdeAny); pub use serdeany_serde::*; #[derive(Clone, Debug)] diff --git a/afl/src/shmem.rs b/afl/src/bolts/shmem.rs similarity index 100% rename from afl/src/shmem.rs rename to afl/src/bolts/shmem.rs diff --git a/afl/src/tuples.rs b/afl/src/bolts/tuples.rs similarity index 100% rename from afl/src/tuples.rs rename to afl/src/bolts/tuples.rs diff --git a/afl/src/corpus/testcase.rs b/afl/src/corpus/testcase.rs index 9f34bfa9d9..3177b6ca10 100644 --- a/afl/src/corpus/testcase.rs +++ b/afl/src/corpus/testcase.rs @@ -6,8 +6,8 @@ use core::{convert::Into, default::Default, option::Option}; use serde::{Deserialize, Serialize}; use crate::{ + bolts::serde_anymap::{SerdeAny, SerdeAnyMap}, inputs::Input, - serde_anymap::{SerdeAny, SerdeAnyMap}, AflError, }; diff --git a/afl/src/events/mod.rs b/afl/src/events/mod.rs index 77dc6f8c2f..df521f012c 100644 --- a/afl/src/events/mod.rs +++ b/afl/src/events/mod.rs @@ -3,8 +3,7 @@ pub mod stats; pub use stats::*; -use crate::llmp::LlmpSender; -use crate::{llmp::LlmpReceiver, utils::deserialize_state_mgr}; +use crate::bolts::llmp::LlmpSender; use alloc::{ string::{String, ToString}, vec::Vec, @@ -12,19 +11,24 @@ use alloc::{ use core::{fmt, marker::PhantomData, time::Duration}; use serde::{Deserialize, Serialize}; +#[cfg(feature = "std")] +use crate::{bolts::llmp::LlmpReceiver, utils::deserialize_state_mgr}; + #[cfg(feature = "std")] use std::{env, process::Command}; #[cfg(feature = "std")] #[cfg(unix)] -use crate::shmem::AflShmem; +use crate::bolts::shmem::AflShmem; use crate::{ + bolts::{ + llmp::{self, LlmpClient, LlmpClientDescription, Tag}, + shmem::ShMem, + }, corpus::Corpus, feedbacks::FeedbacksTuple, inputs::Input, - llmp::{self, LlmpClient, LlmpClientDescription, Tag}, observers::ObserversTuple, - shmem::ShMem, state::State, utils::{serialize_state_mgr, Rand}, AflError, @@ -802,10 +806,10 @@ where } /// The llmp connection from the actual fuzzer to the process supervising it -const ENV_FUZZER_SENDER: &str = &"_AFL_ENV_FUZZER_SENDER"; -const ENV_FUZZER_RECEIVER: &str = &"_AFL_ENV_FUZZER_RECEIVER"; +const _ENV_FUZZER_SENDER: &str = &"_AFL_ENV_FUZZER_SENDER"; +const _ENV_FUZZER_RECEIVER: &str = &"_AFL_ENV_FUZZER_RECEIVER"; /// The llmp (2 way) connection from a fuzzer to the broker (broadcasting all other fuzzer messages) -const ENV_FUZZER_BROKER_CLIENT_INITIAL: &str = &"_AFL_ENV_FUZZER_BROKER_CLIENT"; +const _ENV_FUZZER_BROKER_CLIENT_INITIAL: &str = &"_AFL_ENV_FUZZER_BROKER_CLIENT"; impl LlmpRestartingEventManager where @@ -933,8 +937,8 @@ where ST: Stats, { // We start ourself as child process to actually fuzz - if std::env::var(ENV_FUZZER_SENDER).is_err() { - mgr.to_env(ENV_FUZZER_BROKER_CLIENT_INITIAL); + if std::env::var(_ENV_FUZZER_SENDER).is_err() { + mgr.to_env(_ENV_FUZZER_BROKER_CLIENT_INITIAL); // First, create a channel from the fuzzer (sender) to us (receiver) to report its state for restarts. let sender = LlmpSender::new(0, false)?; @@ -943,8 +947,8 @@ where None, )?; // Store the information to a map. - sender.to_env(ENV_FUZZER_SENDER)?; - receiver.to_env(ENV_FUZZER_RECEIVER)?; + sender.to_env(_ENV_FUZZER_SENDER)?; + receiver.to_env(_ENV_FUZZER_RECEIVER)?; let mut ctr = 0; // Client->parent loop @@ -965,8 +969,8 @@ where // We are the fuzzing instance, first, connect to our own restore map. // A sender and a receiver for single communication - let mut receiver = LlmpReceiver::::on_existing_from_env(ENV_FUZZER_RECEIVER)?; - let sender = LlmpSender::::on_existing_from_env(ENV_FUZZER_SENDER)?; + let mut receiver = LlmpReceiver::::on_existing_from_env(_ENV_FUZZER_RECEIVER)?; + let sender = LlmpSender::::on_existing_from_env(_ENV_FUZZER_SENDER)?; // If we're restarting, deserialize the old state. let (state, mut mgr) = match receiver.recv_buf()? { @@ -974,7 +978,7 @@ where println!("First run. Let's set it all up"); // Mgr to send and receive msgs from/to all other fuzzer instances let client_mgr = LlmpEventManager::::existing_client_from_env( - ENV_FUZZER_BROKER_CLIENT_INITIAL, + _ENV_FUZZER_BROKER_CLIENT_INITIAL, )?; (None, LlmpRestartingEventManager::new(client_mgr, sender)) @@ -1002,11 +1006,11 @@ where #[cfg(test)] mod tests { + use crate::bolts::tuples::{tuple_list, MatchNameAndType, Named}; use crate::events::Event; use crate::inputs::bytes::BytesInput; use crate::observers::ObserversTuple; use crate::observers::StdMapObserver; - use crate::tuples::{tuple_list, MatchNameAndType, Named}; static mut MAP: [u32; 4] = [0; 4]; diff --git a/afl/src/executors/inprocess.rs b/afl/src/executors/inprocess.rs index 871d7f66a7..05ea2481df 100644 --- a/afl/src/executors/inprocess.rs +++ b/afl/src/executors/inprocess.rs @@ -7,6 +7,7 @@ use core::marker::PhantomData; use os_signals::set_oncrash_ptrs; use crate::{ + bolts::tuples::Named, corpus::Corpus, events::EventManager, executors::{Executor, ExitKind, HasObservers}, @@ -14,7 +15,6 @@ use crate::{ inputs::{HasTargetBytes, Input}, observers::ObserversTuple, state::State, - tuples::Named, utils::Rand, AflError, }; @@ -397,9 +397,9 @@ mod tests { use core::marker::PhantomData; use crate::{ + bolts::tuples::tuple_list, executors::{Executor, ExitKind, InProcessExecutor}, inputs::Input, - tuples::tuple_list, }; fn test_harness_fn_nop, I: Input>(_executor: &E, _buf: &[u8]) -> ExitKind { diff --git a/afl/src/executors/mod.rs b/afl/src/executors/mod.rs index ddb16f2c23..4980e43062 100644 --- a/afl/src/executors/mod.rs +++ b/afl/src/executors/mod.rs @@ -8,13 +8,13 @@ pub mod runtime; use core::marker::PhantomData; use crate::{ + bolts::tuples::{MatchNameAndType, MatchType, Named, TupleList}, corpus::Corpus, events::EventManager, feedbacks::FeedbacksTuple, inputs::{HasTargetBytes, Input}, observers::ObserversTuple, state::State, - tuples::{MatchNameAndType, MatchType, Named, TupleList}, utils::Rand, AflError, }; diff --git a/afl/src/feedbacks/mod.rs b/afl/src/feedbacks/mod.rs index 2d8e5d4a8f..95428e813e 100644 --- a/afl/src/feedbacks/mod.rs +++ b/afl/src/feedbacks/mod.rs @@ -10,10 +10,10 @@ use num::Integer; use serde::{Deserialize, Serialize}; use crate::{ + bolts::tuples::{Named, TupleList}, corpus::Testcase, inputs::Input, observers::{MapObserver, Observer, ObserversTuple}, - tuples::{Named, TupleList}, AflError, }; diff --git a/afl/src/lib.rs b/afl/src/lib.rs index ba5a31ff15..8d672d773f 100644 --- a/afl/src/lib.rs +++ b/afl/src/lib.rs @@ -9,21 +9,17 @@ extern crate alloc; #[macro_use] extern crate static_assertions; +pub mod bolts; pub mod corpus; pub mod events; pub mod executors; pub mod feedbacks; pub mod generators; pub mod inputs; -pub mod llmp; -pub mod metamap; pub mod mutators; pub mod observers; -pub mod serde_anymap; -pub mod shmem; pub mod stages; pub mod state; -pub mod tuples; pub mod utils; use alloc::string::String; @@ -244,13 +240,13 @@ impl From for AflError { mod tests { use crate::{ + bolts::tuples::tuple_list, corpus::{Corpus, InMemoryCorpus, Testcase}, executors::{Executor, ExitKind, InProcessExecutor}, inputs::{BytesInput, Input}, mutators::{mutation_bitflip, ComposedByMutations, StdScheduledMutator}, stages::StdMutationalStage, state::{HasCorpus, State}, - tuples::tuple_list, utils::StdRand, Fuzzer, StdFuzzer, }; @@ -298,7 +294,7 @@ mod tests { } let state_serialized = postcard::to_allocvec(&state).unwrap(); - let state_deserialized: State, BytesInput, StdRand, ()> = + let state_deserialized: State, (), BytesInput, StdRand> = postcard::from_bytes(state_serialized.as_slice()).unwrap(); assert_eq!(state.executions(), state_deserialized.executions()); diff --git a/afl/src/mutators/mutations.rs b/afl/src/mutators/mutations.rs index 4005ce3334..9cb24904db 100644 --- a/afl/src/mutators/mutations.rs +++ b/afl/src/mutators/mutations.rs @@ -883,7 +883,7 @@ token2="B" 16000 as usize } - fn set_max_size(&mut self, max_size: usize) { + fn set_max_size(&mut self, _max_size: usize) { todo!("Not needed"); } } diff --git a/afl/src/mutators/scheduled.rs b/afl/src/mutators/scheduled.rs index a2ededcad3..44a9e0926c 100644 --- a/afl/src/mutators/scheduled.rs +++ b/afl/src/mutators/scheduled.rs @@ -353,7 +353,7 @@ mod tests { InMemoryCorpus, _, _, - State<_, _, _, ()>, + State<_, (), _, _>, >::new(); mutation_splice(&mut mutator, &mut rand, &mut state, &mut input).unwrap(); diff --git a/afl/src/mutators/token_mutations.rs b/afl/src/mutators/token_mutations.rs index eb230ab450..6459f56868 100644 --- a/afl/src/mutators/token_mutations.rs +++ b/afl/src/mutators/token_mutations.rs @@ -2,9 +2,9 @@ //! They may be inserted as part of mutations during fuzzing. use crate::{ + bolts::serde_anymap::SerdeAny, inputs::{HasBytesVec, Input}, mutators::*, - serde_anymap::SerdeAny, utils::Rand, AflError, }; diff --git a/afl/src/observers/mod.rs b/afl/src/observers/mod.rs index 717b937fc7..cc50dbeb01 100644 --- a/afl/src/observers/mod.rs +++ b/afl/src/observers/mod.rs @@ -8,8 +8,10 @@ use core::time::Duration; use serde::{Deserialize, Serialize}; use crate::{ - serde_anymap::{ArrayMut, Cptr}, - tuples::{MatchNameAndType, MatchType, Named, TupleList}, + bolts::{ + serde_anymap::{ArrayMut, Cptr}, + tuples::{MatchNameAndType, MatchType, Named, TupleList}, + }, utils::current_time, AflError, }; @@ -386,8 +388,8 @@ where mod tests { use crate::{ + bolts::tuples::{tuple_list, tuple_list_type, Named}, observers::{StdMapObserver, TimeObserver}, - tuples::{tuple_list, tuple_list_type, Named}, }; static mut MAP: [u32; 4] = [0; 4]; diff --git a/afl/src/stages/mod.rs b/afl/src/stages/mod.rs index 33e5859d08..4031f75b36 100644 --- a/afl/src/stages/mod.rs +++ b/afl/src/stages/mod.rs @@ -2,6 +2,7 @@ pub mod mutational; pub use mutational::StdMutationalStage; use crate::{ + bolts::tuples::TupleList, corpus::Corpus, events::EventManager, executors::{Executor, HasObservers}, @@ -9,7 +10,6 @@ use crate::{ inputs::Input, observers::ObserversTuple, state::State, - tuples::TupleList, utils::Rand, AflError, }; diff --git a/afl/src/state/mod.rs b/afl/src/state/mod.rs index ca4e9003f6..aa2957cd89 100644 --- a/afl/src/state/mod.rs +++ b/afl/src/state/mod.rs @@ -9,6 +9,7 @@ use std::{ }; use crate::{ + bolts::serde_anymap::{SerdeAny, SerdeAnyMap}, corpus::{Corpus, Testcase}, events::{Event, EventManager, LogSeverity}, executors::{Executor, HasObservers}, @@ -16,7 +17,6 @@ use crate::{ generators::Generator, inputs::Input, observers::ObserversTuple, - serde_anymap::{SerdeAny, SerdeAnyMap}, utils::{current_milliseconds, Rand}, AflError, }; diff --git a/afl/src/utils.rs b/afl/src/utils.rs index 578e9ef27e..46987b6786 100644 --- a/afl/src/utils.rs +++ b/afl/src/utils.rs @@ -10,11 +10,11 @@ use xxhash_rust::xxh3::xxh3_64_with_seed; use std::time::{SystemTime, UNIX_EPOCH}; use crate::{ + bolts::shmem::ShMem, corpus::Corpus, events::{LlmpEventManager, Stats}, feedbacks::FeedbacksTuple, inputs::Input, - shmem::ShMem, state::State, AflError, }; diff --git a/fuzzers/libfuzzer_libpng/src/mod.rs b/fuzzers/libfuzzer_libpng/src/mod.rs index 9721336f9e..a9c2d1c407 100644 --- a/fuzzers/libfuzzer_libpng/src/mod.rs +++ b/fuzzers/libfuzzer_libpng/src/mod.rs @@ -8,6 +8,7 @@ use clap::{App, Arg}; use std::{env, path::PathBuf}; use afl::{ + bolts::tuples::tuple_list, corpus::{Corpus, InMemoryCorpus}, events::setup_restarting_state, events::{LlmpEventManager, SimpleStats}, @@ -18,7 +19,6 @@ use afl::{ observers::StdMapObserver, stages::mutational::StdMutationalStage, state::{HasCorpus, State}, - tuples::tuple_list, utils::StdRand, AflError, Fuzzer, StdFuzzer, };