From 8618289f124b0ee43b7d58bd1507b865a91b4876 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Sun, 13 Dec 2020 17:40:45 +0100 Subject: [PATCH] compiles --- afl/src/engines/mod.rs | 1 + afl/src/events/mod.rs | 21 ++++++++++----------- afl/src/feedbacks/mod.rs | 5 +++++ afl/src/stages/mutational.rs | 16 ++++++---------- 4 files changed, 22 insertions(+), 21 deletions(-) diff --git a/afl/src/engines/mod.rs b/afl/src/engines/mod.rs index b43362bfbf..24fb6a28ae 100644 --- a/afl/src/engines/mod.rs +++ b/afl/src/engines/mod.rs @@ -112,6 +112,7 @@ where } // TODO move some of these, like evaluate_input, to FuzzingEngine + #[inline] pub fn is_interesting(&mut self, input: &I, observers: &OT) -> Result where OT: ObserversTuple, diff --git a/afl/src/events/mod.rs b/afl/src/events/mod.rs index 8a428cfc30..34b605b3be 100644 --- a/afl/src/events/mod.rs +++ b/afl/src/events/mod.rs @@ -14,7 +14,6 @@ use serde::{Deserialize, Serialize}; #[cfg(feature = "std")] use std::{ io::Write, - time::{SystemTime, UNIX_EPOCH}, }; use crate::corpus::Corpus; @@ -159,11 +158,11 @@ where } } - pub fn new_testcase(config: String, input: I, observers: Ot) -> Result + pub fn new_testcase(config: String, input: I, observers: &OT) -> Result where - Ot: ObserversTuple, + OT: ObserversTuple, { - let observers_buf = postcard::to_allocvec(&observers)?; + let observers_buf = postcard::to_allocvec(observers)?; Ok(Self::NewTestcase { sender_id: 0, input: input, @@ -251,8 +250,8 @@ where } Event::UpdateStats { sender_id, - executions, - execs_over_sec, + executions: _, + execs_over_sec: _, phantom: _, } => { // TODO: The stats buffer should be added on client add. @@ -265,7 +264,7 @@ where executions: 0, }) } - let mut stat = &mut self.client_stats_mut()[*sender_id as usize]; + let stat = &mut self.client_stats_mut()[*sender_id as usize]; println!( "[UPDATE] corpus: {} execs: {} execs/s: {}", self.corpus_size(), @@ -320,9 +319,9 @@ where // we need to pass engine to process() too, TODO #[cfg(feature = "std")] println!("Received new Testcase"); - let observers = postcard::from_bytes(&observers_buf)?; - let interestingness = state.is_interesting(&input, observers)?; - state.add_if_interesting(corpus, input, interestingness); + let observers: OT = postcard::from_bytes(&observers_buf)?; + let interestingness = state.is_interesting(&input, &observers)?; + state.add_if_interesting(corpus, input, interestingness)?; Ok(()) } _ => Err(AflError::Unknown( @@ -481,7 +480,7 @@ where #[inline] fn fire<'a>(&mut self, event: Event) -> Result<(), AflError> { let serialized = postcard::to_allocvec(&event)?; - self.send_buf(LLMP_TAG_EVENT_TO_CLIENT, &serialized)?; + self.llmp.send_buf(LLMP_TAG_EVENT_TO_CLIENT, &serialized)?; Ok(()) } diff --git a/afl/src/feedbacks/mod.rs b/afl/src/feedbacks/mod.rs index 05808efd79..8f0114938e 100644 --- a/afl/src/feedbacks/mod.rs +++ b/afl/src/feedbacks/mod.rs @@ -45,12 +45,17 @@ pub trait FeedbacksTuple: MatchType + MatchNameAndType where I: Input, { + /// Get the total interestingness value from all feedbacks fn is_interesting_all( &mut self, input: &I, observers: &OT, ) -> Result; + + /// Write metadata for this testcase fn append_metadata_all(&mut self, testcase: &mut Testcase) -> Result<(), AflError>; + + /// Discards metadata - the end of this input's execution fn discard_metadata_all(&mut self, input: &I) -> Result<(), AflError>; //fn for_each(&self, f: fn(&dyn Feedback)); //fn for_each_mut(&mut self, f: fn(&mut dyn Feedback)); diff --git a/afl/src/stages/mutational.rs b/afl/src/stages/mutational.rs index 2d438ce2fa..59cfc2ab9d 100644 --- a/afl/src/stages/mutational.rs +++ b/afl/src/stages/mutational.rs @@ -12,8 +12,6 @@ use crate::utils::Rand; use crate::AflError; use crate::{engines::State, events::Event}; -use crate::serde_anymap::{Ptr, PtrMut}; - // TODO multi mutators stage /// A Mutational stage is the stage in a fuzzing run that mutates inputs. @@ -66,21 +64,19 @@ where self.mutator_mut() .post_exec(fitness, &input_mut, i as i32)?; + let observers = engine.executor_mut().observers(); + // put all this shit in some overridable function in engine maybe? or in corpus. // consider a corpus that strores new testcases in a temporary queue, for later processing // in a late stage, NewTestcase should be triggere donly after the processing in the later stage // So by default we shoudl trigger it in corpus.add, so that the user can override it and remove // if needed by particular cases - let testcase_maybe = state.testcase_if_interesting(input_mut, fitness)?; - if let Some(mut testcase) = testcase_maybe { + if state.is_interesting(&input_mut, observers)? > 0 { // TODO decouple events manager and engine - manager.fire(Event::NewTestcase { - sender_id: 0, - input: testcase.load_input()?, - observers_buf: PtrMut::Ref(engine.executor_mut().observers_mut()), - corpus_count: corpus.count() + 1, - })?; + manager.fire(Event::new_testcase("test".into(), input_mut, observers)?)?; // let _ = corpus.add(testcase); + } else { + state.discard_input(&input_mut)?; } } Ok(())