diff --git a/Cargo.toml b/Cargo.toml index 98347cc3da..d1037a8bc0 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -8,6 +8,7 @@ debug = true members = [ "libafl", "libafl_derive", + "libafl_cc", #example fuzzers "fuzzers/libfuzzer_libpng", diff --git a/libafl_cc/Cargo.toml b/libafl_cc/Cargo.toml new file mode 100644 index 0000000000..237f040e2c --- /dev/null +++ b/libafl_cc/Cargo.toml @@ -0,0 +1,9 @@ +[package] +name = "libafl_cc" +version = "0.1.0" +authors = ["Andrea Fioraldi "] +edition = "2018" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] diff --git a/libafl_cc/src/bin/libafl-cc.rs b/libafl_cc/src/bin/libafl-cc.rs new file mode 100644 index 0000000000..f3e95c9cc1 --- /dev/null +++ b/libafl_cc/src/bin/libafl-cc.rs @@ -0,0 +1,3 @@ +fn main() { + todo!("libafl-cc"); +} diff --git a/libafl_cc/src/lib.rs b/libafl_cc/src/lib.rs new file mode 100644 index 0000000000..005323f7bb --- /dev/null +++ b/libafl_cc/src/lib.rs @@ -0,0 +1,9 @@ +pub mod runtime; + +#[cfg(test)] +mod tests { + #[test] + fn it_works() { + assert_eq!(2 + 2, 4); + } +} diff --git a/libafl_cc/src/runtime.rs b/libafl_cc/src/runtime.rs new file mode 100644 index 0000000000..9a2cc92586 --- /dev/null +++ b/libafl_cc/src/runtime.rs @@ -0,0 +1,23 @@ +pub const MAP_SIZE: usize = 65536; + +pub static mut EDGES_MAP: [u8; MAP_SIZE] = [0; MAP_SIZE]; +pub static mut CMP_MAP: [u8; MAP_SIZE] = [0; MAP_SIZE]; +pub static mut MAX_EDGES_NUM: usize = 0; + +#[no_mangle] +pub unsafe extern "C" fn __sanitizer_cov_trace_pc_guard(guard: *mut u32) { + let pos = *guard as usize; + let val = (EDGES_MAP[pos] as u8).wrapping_add(1); + EDGES_MAP[pos] = val; +} + +#[no_mangle] +pub unsafe extern "C" fn __sanitizer_cov_trace_pc_guard_init(mut start: *mut u32, stop: *mut u32) { + if start == stop || *start != 0 { return } + + while start < stop { + MAX_EDGES_NUM += 1; + *start = (MAX_EDGES_NUM & (MAP_SIZE -1)) as u32; + start = start.offset(1); + } +}