From 8d2713c4d9572866b49afe7376770ca5daee0814 Mon Sep 17 00:00:00 2001 From: Andrea Fioraldi Date: Wed, 24 Mar 2021 15:28:58 +0100 Subject: [PATCH] libfuzzer_libpng wrappers --- fuzzers/libfuzzer_libpng/src/bin/cc.rs | 10 +++++-- fuzzers/libfuzzer_libpng/src/bin/cxx.rs | 20 ++++++++++++++ libafl_cc/src/lib.rs | 36 ++++++++++++++++++------- 3 files changed, 54 insertions(+), 12 deletions(-) create mode 100644 fuzzers/libfuzzer_libpng/src/bin/cxx.rs diff --git a/fuzzers/libfuzzer_libpng/src/bin/cc.rs b/fuzzers/libfuzzer_libpng/src/bin/cc.rs index ad820b5904..8a34130ba4 100644 --- a/fuzzers/libfuzzer_libpng/src/bin/cc.rs +++ b/fuzzers/libfuzzer_libpng/src/bin/cc.rs @@ -3,11 +3,17 @@ use std::env; fn main() { let args: Vec = env::args().collect(); - ClangWrapper::new("clang", "clang++") + if args.len() > 1 { + let mut dir = env::current_exe().unwrap(); + dir.pop(); + ClangWrapper::new("clang", "clang++") .from_args(&args) .unwrap() - .add_arg("-fsanitize=trace-pc-guard".into()) + .add_arg("-fsanitize-coverage=trace-pc-guard".into()) + .unwrap() + .add_link_arg(dir.join("liblibfuzzer_libpng.a").display().to_string()) .unwrap() .run() .unwrap(); + } } diff --git a/fuzzers/libfuzzer_libpng/src/bin/cxx.rs b/fuzzers/libfuzzer_libpng/src/bin/cxx.rs new file mode 100644 index 0000000000..aaf901835e --- /dev/null +++ b/fuzzers/libfuzzer_libpng/src/bin/cxx.rs @@ -0,0 +1,20 @@ +use libafl_cc::{ClangWrapper, CompilerWrapper}; +use std::env; + +fn main() { + let args: Vec = env::args().collect(); + if args.len() > 1 { + let mut dir = env::current_exe().unwrap(); + dir.pop(); + ClangWrapper::new("clang", "clang++") + .is_cpp() + .from_args(&args) + .unwrap() + .add_arg("-fsanitize-coverage=trace-pc-guard".into()) + .unwrap() + .add_link_arg(dir.join("liblibfuzzer_libpng.a").display().to_string()) + .unwrap() + .run() + .unwrap(); + } +} diff --git a/libafl_cc/src/lib.rs b/libafl_cc/src/lib.rs index 85ad5b5cbc..9b27de117b 100644 --- a/libafl_cc/src/lib.rs +++ b/libafl_cc/src/lib.rs @@ -1,8 +1,9 @@ -use std::{string::String, vec::Vec}; +use std::{process::Command, string::String, vec::Vec}; #[derive(Debug)] pub enum Error { InvalidArguments(String), + IOError(std::io::Error), Unknown(String), } @@ -28,9 +29,18 @@ pub trait CompilerWrapper { /// Run the compiler fn run(&mut self) -> Result<(), Error> { - // TODO subproc let args = self.command()?; - println!("{:?}", args); + dbg!(&args); + if args.len() < 1 { + return Err(Error::InvalidArguments( + "The number of arguments cannot be 0".into(), + )); + } + let status = match Command::new(&args[0]).args(&args[1..]).status() { + Ok(s) => s, + Err(e) => return Err(Error::IOError(e)), + }; + dbg!(status); Ok(()) } } @@ -63,12 +73,7 @@ impl CompilerWrapper for ClangWrapper { self.name = args[0].clone(); // Detect C++ compiler looking at the wrapper name - self.is_cpp = self.name.ends_with("++"); - if self.is_cpp { - new_args.push(self.wrapped_cxx.clone()); - } else { - new_args.push(self.wrapped_cc.clone()); - } + self.is_cpp = self.is_cpp || self.name.ends_with("++"); // Sancov flag // new_args.push("-fsanitize-coverage=trace-pc-guard".into()); @@ -122,7 +127,13 @@ impl CompilerWrapper for ClangWrapper { } fn command(&mut self) -> Result, Error> { - let mut args = self.base_args.clone(); + let mut args = vec![]; + if self.is_cpp { + args.push(self.wrapped_cxx.clone()); + } else { + args.push(self.wrapped_cc.clone()); + } + args.extend_from_slice(self.base_args.as_slice()); if self.linking { if self.x_set { args.push("-x".into()); @@ -163,6 +174,11 @@ impl ClangWrapper { self.optimize = false; self } + + pub fn is_cpp<'a>(&'a mut self) -> &'a mut Self { + self.is_cpp = true; + self + } } #[cfg(test)]