libfuzzer_libpng wrappers

fuzzers/libfuzzer_libpng/src/bin/cc.rs

@@ -3,11 +3,17 @@ use std::env;
 
 fn main() {
     let args: Vec<String> = env::args().collect();
+    if args.len() > 1 {
+        let mut dir = env::current_exe().unwrap();
+        dir.pop();
         ClangWrapper::new("clang", "clang++")
             .from_args(&args)
             .unwrap()
-            .add_arg("-fsanitize=trace-pc-guard".into())
+            .add_arg("-fsanitize-coverage=trace-pc-guard".into())
+            .unwrap()
+            .add_link_arg(dir.join("liblibfuzzer_libpng.a").display().to_string())
             .unwrap()
             .run()
             .unwrap();
+    }
 }

fuzzers/libfuzzer_libpng/src/bin/cxx.rs

@@ -0,0 +1,20 @@
+use libafl_cc::{ClangWrapper, CompilerWrapper};
+use std::env;
+
+fn main() {
+    let args: Vec<String> = env::args().collect();
+    if args.len() > 1 {
+        let mut dir = env::current_exe().unwrap();
+        dir.pop();
+        ClangWrapper::new("clang", "clang++")
+            .is_cpp()
+            .from_args(&args)
+            .unwrap()
+            .add_arg("-fsanitize-coverage=trace-pc-guard".into())
+            .unwrap()
+            .add_link_arg(dir.join("liblibfuzzer_libpng.a").display().to_string())
+            .unwrap()
+            .run()
+            .unwrap();
+    }
+}

libafl_cc/src/lib.rs

@@ -1,8 +1,9 @@
-use std::{string::String, vec::Vec};
+use std::{process::Command, string::String, vec::Vec};
 
 #[derive(Debug)]
 pub enum Error {
     InvalidArguments(String),
+    IOError(std::io::Error),
     Unknown(String),
 }
 
@@ -28,9 +29,18 @@ pub trait CompilerWrapper {
 
     /// Run the compiler
     fn run(&mut self) -> Result<(), Error> {
-        // TODO subproc
         let args = self.command()?;
-        println!("{:?}", args);
+        dbg!(&args);
+        if args.len() < 1 {
+            return Err(Error::InvalidArguments(
+                "The number of arguments cannot be 0".into(),
+            ));
+        }
+        let status = match Command::new(&args[0]).args(&args[1..]).status() {
+            Ok(s) => s,
+            Err(e) => return Err(Error::IOError(e)),
+        };
+        dbg!(status);
         Ok(())
     }
 }
@@ -63,12 +73,7 @@ impl CompilerWrapper for ClangWrapper {
 
         self.name = args[0].clone();
         // Detect C++ compiler looking at the wrapper name
-        self.is_cpp = self.name.ends_with("++");
-        if self.is_cpp {
-            new_args.push(self.wrapped_cxx.clone());
-        } else {
-            new_args.push(self.wrapped_cc.clone());
-        }
+        self.is_cpp = self.is_cpp || self.name.ends_with("++");
 
         // Sancov flag
         // new_args.push("-fsanitize-coverage=trace-pc-guard".into());
@@ -122,7 +127,13 @@ impl CompilerWrapper for ClangWrapper {
     }
 
     fn command(&mut self) -> Result<Vec<String>, Error> {
-        let mut args = self.base_args.clone();
+        let mut args = vec![];
+        if self.is_cpp {
+            args.push(self.wrapped_cxx.clone());
+        } else {
+            args.push(self.wrapped_cc.clone());
+        }
+        args.extend_from_slice(self.base_args.as_slice());
         if self.linking {
             if self.x_set {
                 args.push("-x".into());
@@ -163,6 +174,11 @@ impl ClangWrapper {
         self.optimize = false;
         self
     }
+
+    pub fn is_cpp<'a>(&'a mut self) -> &'a mut Self {
+        self.is_cpp = true;
+        self
+    }
 }
 
 #[cfg(test)]