test cmplog against value profile feature

Cargo.toml

@@ -12,14 +12,13 @@ members = [
     "libafl_targets",
     "libafl_frida",
     "libafl_tests",
+    "fuzzers/frida_libpng",         
 ]
 default-members = [
     "libafl",
     "libafl_derive",
     "libafl_cc",
     "libafl_targets",
-    "libafl_tests",
 ]
 exclude = [
-    "fuzzers",
 ]

fuzzers/frida_libpng/Cargo.toml

@@ -25,6 +25,7 @@ libafl = { path = "../../libafl/", features = [ "std", "llmp_bind_public" ] } #,
 libafl_frida = { path = "../../libafl_frida" }
 capstone = "0.8.0"
 frida-gum = { version = "0.5.1", features = [ "auto-download", "backtrace", "event-sink", "invocation-listener"] }
+libafl_targets = { path = "../../libafl_targets", version = "0.1.0" , features = ["value_profile"] }
 lazy_static = "1.4.0"
 libc = "0.2"
 libloading = "0.7.0"

fuzzers/frida_libpng/harness.cc

@@ -108,6 +108,19 @@ void func1() {
 // Roughly follows the libpng book example:
 // http://www.libpng.org/pub/png/book/chapter13.html
 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+
+   if(data[10] == 0xAB &&
+       data[11] == 0xCD &&
+       data[12] == 0xEF &&
+       data[13] == 0xAA &&
+       data[14] == 0xBB ) {
+        printf("passed the test!");
+    } else {
+        printf("x");
+        return 0;
+    }
+
+
     if (size < kPngHeaderSize) {
     return 0;
   }

libafl_frida/Cargo.toml

@@ -15,7 +15,7 @@ cc = { version = "1.0", features = ["parallel"] }
 
 [dependencies]
 libafl = { path = "../libafl", version = "0.3.1", features = ["std", "libafl_derive"] }
-libafl_targets = { path = "../libafl_targets", version = "0.3.1" }
+libafl_targets = { path = "../libafl_targets", version = "0.3.1", features = ["cmplog"] }
 nix = "0.20.0"
 libc = "0.2.92"
 hashbrown = "0.11"