SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Un-Unfix libafl_qemu fixes after #2020, remove python CI (#2024)

Browse Source 
* Un-Unfix libafl_qemu fixes after #2020

* remove CI for removed python bindings
This commit is contained in:
Dominik Maier 2024-04-08 22:06:40 +02:00 committed by GitHub
parent ed5a10d0b5
commit 7479726c3e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 8 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/build_and_test.yml vendored
View File

@ -308,7 +308,7 @@ jobs:
- name: Run a maturin build
run: export LLVM_CONFIG=llvm-config-16 && cd ./bindings/pylibafl && python3 -m venv .env && . .env/bin/activate && pip install --upgrade --force-reinstall . && ./test.sh
- name: Run python test
run: . ./bindings/pylibafl/.env/bin/activate && cd ./fuzzers/baby_fuzzer && python3 baby_fuzzer.py 2>&1 | grep "Bye"
run: . ./bindings/pylibafl/.env/bin/activate # && cd ./fuzzers/python_qemu/ && python3 fuzzer.py 2>&1 | grep "Bye"
fuzzers:
needs: ubuntu

89
fuzzers/baby_fuzzer/baby_fuzzer.py
View File

@ -1,89 +0,0 @@
from pylibafl import libafl
# LIBRARY WRAPPER
def map_observer_wrapper(map_observer):
if type(map_observer).__name__ == "OwnedMapObserverI32":
return libafl.MapObserverI32.new_owned(map_observer)
def executor_wrapper(executor):
if type(executor).__name__ == "InProcessExecutor":
return libafl.Executor.new_inprocess(executor)
def generator_wrapper(generator):
if type(generator).__name__ == "RandPrintablesGenerator":
return libafl.Generator.new_rand_printables(generator)
def monitor_wrapper(monitor):
return monitor.as_monitor()
def event_manager_wrapper(event_manager):
return event_manager.as_manager()
def corpus_wrapper(corpus):
if type(corpus).__name__ == "InMemoryCorpus":
return libafl.Corpus.new_in_memory(corpus)
if type(corpus).__name__ == "OnDiskCorpus":
return libafl.Corpus.new_on_disk(corpus)
def rand_wrapper(rand):
if type(rand).__name__ == "StdRand":
return libafl.Rand.new_std(rand)
def mutator_wrapper(mutator):
if type(mutator).__name__ == "StdHavocMutator":
return libafl.Mutator.new_std_havoc(mutator)
def stage_wrapper(stage):
if type(stage).__name__ == "StdMutationalStage":
return libafl.Stage.new_std_mutational(stage)
# CODE WRITTEN BY USER
import logging
logging.basicConfig(level=logging.INFO)
map_observer = libafl.OwnedMapObserverI32("signals", [0] * 16)
def harness(inp):
#print(inp)
map_observer[0] = 1
if len(inp) > 0 and inp[0] == ord('a'):
map_observer[1] = 1
if len(inp) > 1 and inp[1] == ord('b'):
map_observer[2] = 1
if len(inp) > 2 and inp[2] == ord('c'):
map_observer[3] = 1
raise Exception("NOOOOOO =)")
feedback = libafl.MaxMapFeedbackI32(map_observer_wrapper(map_observer))
objective = libafl.CrashFeedback()
state = libafl.StdState(
rand_wrapper(libafl.StdRand.with_current_nanos()),
corpus_wrapper(libafl.InMemoryCorpus()),
corpus_wrapper(libafl.OnDiskCorpus("./crashes")),
feedback.as_feedback(),
objective.as_feedback(),
)
monitor = libafl.SimpleMonitor(lambda x: print(x))
mgr = libafl.SimpleEventManager(monitor_wrapper(monitor))
fuzzer = libafl.StdFuzzer(feedback.as_feedback(), objective.as_feedback())
observers = libafl.ObserversTuple([libafl.Observer.new_map_i32(map_observer_wrapper(map_observer))])
executor = libafl.InProcessExecutor(harness, observers, fuzzer, state, event_manager_wrapper(mgr))
generator = libafl.RandPrintablesGenerator(32)
state.generate_initial_inputs(fuzzer, executor_wrapper(executor), generator_wrapper(generator), event_manager_wrapper(mgr), 3)
mutator = libafl.StdHavocMutator()
stage = libafl.StdMutationalStage(mutator_wrapper(mutator))
stages = libafl.StagesTuple([stage_wrapper(stage)])
fuzzer.fuzz_loop(executor_wrapper(executor), state, event_manager_wrapper(mgr), stages)

8
libafl_qemu/src/emu.rs
View File

@ -650,25 +650,25 @@ pub struct HookData(u64);
impl<T> From<Pin<&mut T>> for HookData {
fn from(value: Pin<&mut T>) -> Self {
unsafe { HookData(core::mem::transmute(value)) }
unsafe { HookData(transmute::<Pin<&mut T>, u64>(value)) }
}
}
impl<T> From<Pin<&T>> for HookData {
fn from(value: Pin<&T>) -> Self {
unsafe { HookData(core::mem::transmute(value)) }
unsafe { HookData(transmute::<Pin<&T>, u64>(value)) }
}
}
impl<T> From<&'static mut T> for HookData {
fn from(value: &'static mut T) -> Self {
unsafe { HookData(core::mem::transmute(value)) }
unsafe { HookData(transmute::<&mut T, u64>(value)) }
}
}
impl<T> From<&'static T> for HookData {
fn from(value: &'static T) -> Self {
unsafe { HookData(core::mem::transmute(value)) }
unsafe { HookData(transmute::<&T, u64>(value)) }
}
}

5
libafl_qemu/src/emu/usermode.rs
View File

@ -3,8 +3,9 @@ use std::{cell::OnceCell, slice::from_raw_parts, str::from_utf8_unchecked};
use libafl_qemu_sys::{
exec_path, free_self_maps, guest_base, libafl_dump_core_hook, libafl_force_dfl, libafl_get_brk,
libafl_load_addr, libafl_maps_next, libafl_qemu_run, libafl_set_brk, mmap_next_start,
read_self_maps, strlen, GuestAddr, GuestUsize, MapInfo, MmapPerms, VerifyAccess,
libafl_load_addr, libafl_maps_first, libafl_maps_next, libafl_qemu_run, libafl_set_brk,
mmap_next_start, read_self_maps, strlen, GuestAddr, GuestUsize, MapInfo, MmapPerms,
VerifyAccess,
};
use libc::c_int;
#[cfg(feature = "python")]