From 8cca87f2bd8976a7116b31ecab94357e9f625c5d Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Wed, 5 Jul 2023 13:03:09 +0200 Subject: [PATCH] Fix #1342 (#1345) * push * fmt --- fuzzers/libfuzzer_libpng_launcher/Makefile.toml | 16 +++++++--------- fuzzers/libfuzzer_libpng_launcher/src/lib.rs | 14 +++----------- libafl/src/stages/mutational.rs | 4 +++- 3 files changed, 13 insertions(+), 21 deletions(-) diff --git a/fuzzers/libfuzzer_libpng_launcher/Makefile.toml b/fuzzers/libfuzzer_libpng_launcher/Makefile.toml index 65f1265597..29d462dd9f 100644 --- a/fuzzers/libfuzzer_libpng_launcher/Makefile.toml +++ b/fuzzers/libfuzzer_libpng_launcher/Makefile.toml @@ -1,7 +1,7 @@ # Variables [env] FUZZER_NAME='fuzzer_libpng_launcher' -CARGO_TARGET_DIR = { value = "${PROJECT_DIR}/target/x86_64-unknown-linux-gnu", condition = { env_not_set = ["CARGO_TARGET_DIR"] } } +CARGO_TARGET_DIR = { value = "${PROJECT_DIR}/target", condition = { env_not_set = ["CARGO_TARGET_DIR"] } } LIBAFL_CC = '${CARGO_TARGET_DIR}/release/libafl_cc' LIBAFL_CXX = '${CARGO_TARGET_DIR}/release/libafl_cxx' LIBAFL_LIBTOOL = '${CARGO_TARGET_DIR}/release/libafl_libtool' @@ -35,9 +35,8 @@ mac_alias = "cxx_unix" windows_alias = "unsupported" [tasks.cxx_unix] -script="RUSTFLAGS=-Zsanitizer=address cargo +nightly build -Zbuild-std --target x86_64-unknown-linux-gnu --release" -#command = "cargo" -#args = ["build" , "--release"] +command = "cargo" +args = ["build" , "--release"] [tasks.cc] linux_alias = "cc_unix" @@ -45,9 +44,8 @@ mac_alias = "cc_unix" windows_alias = "unsupported" [tasks.cc_unix] -script="RUSTFLAGS=-Zsanitizer=address cargo +nightly build -Zbuild-std --target x86_64-unknown-linux-gnu --release" -#command = "cargo" -#args = ["build" , "--release"] +command = "cargo" +args = ["build" , "--release"] # Library [tasks.lib] @@ -57,7 +55,7 @@ windows_alias = "unsupported" [tasks.lib_unix] script_runner="@shell" -cript=''' +script=''' cd libpng-1.6.37 && ./configure --enable-shared=no --with-pic=yes --enable-hardware-optimizations=yes cd "${PROJECT_DIR}" make -C libpng-1.6.37 CC="${CARGO_TARGET_DIR}/release/libafl_cc" CXX="${CARGO_TARGET_DIR}/release/libafl_cxx" LIBTOOL=${CARGO_TARGET_DIR}/release/libafl_libtool @@ -73,7 +71,7 @@ windows_alias = "unsupported" [tasks.fuzzer_unix] command = "${CARGO_TARGET_DIR}/release/libafl_cxx" -args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/libpng-1.6.37/.libs/libpng16.a", "-I", "${PROJECT_DIR}/libpng-1.6.37/", "-o", "${FUZZER_NAME}", "-lm", "-lz", "-fsanitize=address"] +args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/libpng-1.6.37/.libs/libpng16.a", "-I", "${PROJECT_DIR}/libpng-1.6.37/", "-o", "${FUZZER_NAME}", "-lm", "-lz"] dependencies = [ "lib", "cxx", "cc" ] # Run the fuzzer diff --git a/fuzzers/libfuzzer_libpng_launcher/src/lib.rs b/fuzzers/libfuzzer_libpng_launcher/src/lib.rs index 6440f05e20..ffef102464 100644 --- a/fuzzers/libfuzzer_libpng_launcher/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_launcher/src/lib.rs @@ -2,9 +2,9 @@ //! The example harness is built for libpng. //! In this example, you will see the use of the `launcher` feature. //! The `launcher` will spawn new processes for each cpu core. -//use mimalloc::MiMalloc; -//#[global_allocator] -//static GLOBAL: MiMalloc = MiMalloc; +use mimalloc::MiMalloc; +#[global_allocator] +static GLOBAL: MiMalloc = MiMalloc; use core::time::Duration; use std::{env, net::SocketAddr, path::PathBuf}; @@ -197,15 +197,7 @@ pub fn libafl_main() { let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); - - // Artificial timeout to check timeout libfuzzer_test_one_input(buf); - - // We're timeouting - if buf.len() == 42 { - println!("TIMEOUT :)"); - std::thread::sleep(Duration::from_millis(1_000_000)); - } ExitKind::Ok }; diff --git a/libafl/src/stages/mutational.rs b/libafl/src/stages/mutational.rs index 300dcc6b07..2f85925bff 100644 --- a/libafl/src/stages/mutational.rs +++ b/libafl/src/stages/mutational.rs @@ -298,7 +298,9 @@ where corpus_idx: CorpusId, ) -> Result<(), Error> { let mut testcase = state.corpus().get(corpus_idx)?.borrow_mut(); - let Ok(input) = I::try_transform_from(&mut testcase, state, corpus_idx) else { return Ok(()); }; + let Ok(input) = I::try_transform_from(&mut testcase, state, corpus_idx) else { + return Ok(()); + }; drop(testcase); let mut generated = vec![];