Clean up clippy warnings in fuzzers/binary_only/* (#2662)

* clean clippy warnings from fuzzers/binary_only/*

* handle unused Results in fuzzers/binary_only/*

* format fuzzers/binary_only/qemu_cmin

* use unchecked memory write in qemu fuzzer examples

* create file_null in fuzzbench_fork_qemu

fuzzers/binary_only/frida_executable_libpng/Cargo.toml

@@ -5,7 +5,7 @@ edition = "2021"
 
 [lib]
 name = "frida_executable_fuzzer"
-crate_type = ["cdylib"]
+crate-type = ["cdylib"]
 
 [features]
 default = ["std"]

fuzzers/binary_only/frida_executable_libpng/src/fuzzer.rs

@@ -104,7 +104,7 @@ unsafe fn fuzz(
 
                 let coverage = CoverageRuntime::new();
                 #[cfg(unix)]
-                let asan = AsanRuntime::new(&options);
+                let asan = AsanRuntime::new(options);
 
                 #[cfg(unix)]
                 let mut frida_helper =

fuzzers/binary_only/frida_windows_gdiplus/src/fuzzer.rs

@@ -104,7 +104,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
                 let gum = Gum::obtain();
 
                 let coverage = CoverageRuntime::new();
-                let asan = AsanRuntime::new(&options);
+                let asan = AsanRuntime::new(options);
 
                 let mut frida_helper =
                     FridaInstrumentationHelper::new(&gum, options, tuple_list!(coverage, asan));

fuzzers/binary_only/fuzzbench_fork_qemu/src/fuzzer.rs

@@ -335,6 +335,9 @@ fn fuzz(
         }
 
         unsafe {
+            // # Safety
+            // The input buffer size is checked above. We use `write_mem_unchecked` for performance reasons
+            // For better error handling, use `write_mem` and handle the returned Result
             qemu.write_mem_unchecked(input_addr, buf);
 
             qemu.write_reg(Regs::Rdi, input_addr).unwrap();

fuzzers/binary_only/fuzzbench_qemu/src/fuzzer.rs

@@ -198,8 +198,10 @@ fn fuzz(
 
     let stack_ptr: u64 = qemu.read_reg(Regs::Sp).unwrap();
     let mut ret_addr = [0; 8];
+
     qemu.read_mem(stack_ptr, &mut ret_addr)
         .expect("Error while reading QEMU memory.");
+
     let ret_addr = u64::from_le_bytes(ret_addr);
 
     println!("Stack pointer = {stack_ptr:#x}");
@@ -339,6 +341,9 @@ fn fuzz(
             }
 
             unsafe {
+                // # Safety
+                // The input buffer size is checked above. We use `write_mem_unchecked` for performance reasons
+                // For better error handling, use `write_mem` and handle the returned Result
                 qemu.write_mem_unchecked(input_addr, buf);
 
                 qemu.write_reg(Regs::Rdi, input_addr).unwrap();

fuzzers/binary_only/qemu_cmin/src/fuzzer.rs

@@ -2,7 +2,7 @@
 //!
 #[cfg(feature = "i386")]
 use core::mem::size_of;
-use std::{env, io, path::PathBuf, process, ptr::NonNull};
+use std::{env, fmt::Write, io, path::PathBuf, process, ptr::NonNull};
 
 use clap::{builder::Str, Parser};
 use libafl::{
@@ -52,8 +52,10 @@ impl From<Version> for Str {
             ("Cargo Target Triple", env!("VERGEN_CARGO_TARGET_TRIPLE")),
         ]
         .iter()
-        .map(|(k, v)| format!("{k:25}: {v}\n"))
-        .collect::<String>();
+        .fold(String::new(), |mut output, (k, v)| {
+            let _ = writeln!(output, "{k:25}: {v}");
+            output
+        });
 
         format!("\n{version:}").into()
     }
@@ -197,6 +199,7 @@ pub fn fuzz() -> Result<(), Error> {
 
         unsafe {
             qemu.write_mem(input_addr, buf).expect("qemu write failed.");
+
             qemu.write_reg(Regs::Pc, test_one_input_ptr).unwrap();
             qemu.write_reg(Regs::Sp, stack_ptr).unwrap();
             qemu.write_return_address(ret_addr).unwrap();

fuzzers/binary_only/qemu_coverage/src/fuzzer.rs

@@ -3,7 +3,7 @@
 #[cfg(feature = "i386")]
 use core::mem::size_of;
 use core::time::Duration;
-use std::{env, fs::DirEntry, io, path::PathBuf, process};
+use std::{env, fmt::Write, fs::DirEntry, io, path::PathBuf, process};
 
 use clap::{builder::Str, Parser};
 use libafl::{
@@ -56,8 +56,10 @@ impl From<Version> for Str {
             ("Cargo Target Triple", env!("VERGEN_CARGO_TARGET_TRIPLE")),
         ]
         .iter()
-        .map(|(k, v)| format!("{k:25}: {v}\n"))
-        .collect::<String>();
+        .fold(String::new(), |mut output, (k, v)| {
+            let _ = writeln!(output, "{k:25}: {v}");
+            output
+        });
 
         format!("\n{version:}").into()
     }
@@ -156,7 +158,7 @@ pub fn fuzz() {
 
     let reset = |buf: &[u8], len: GuestReg| -> Result<(), QemuRWError> {
         unsafe {
-            qemu.write_mem(input_addr, buf);
+            let _ = qemu.write_mem(input_addr, buf);
             qemu.write_reg(Regs::Pc, test_one_input_ptr)?;
             qemu.write_reg(Regs::Sp, stack_ptr)?;
             qemu.write_return_address(ret_addr)?;

fuzzers/binary_only/tinyinst_simple/src/main.rs

@@ -37,7 +37,7 @@ fn main() {
     // use file to pass testcases
     // let args = vec!["test.exe".to_string(), "-f".to_string(), "@@".to_string()];
 
-    let coverage = unsafe { OwnedMutPtr::Ptr(addr_of_mut!(COVERAGE)) };
+    let coverage = OwnedMutPtr::Ptr(addr_of_mut!(COVERAGE));
     let observer = ListObserver::new("cov", coverage);
     let mut feedback = ListFeedback::new(&observer);
     #[cfg(windows)]
@@ -62,8 +62,7 @@ fn main() {
     let monitor = SimpleMonitor::new(|x| println!("{x}"));
 
     let mut mgr = SimpleEventManager::new(monitor);
-    let mut executor = unsafe {
-        TinyInstExecutor::builder()
+    let mut executor = TinyInstExecutor::builder()
         .tinyinst_args(tinyinst_args)
         .program_args(args)
         .use_shmem()
@@ -72,8 +71,8 @@ fn main() {
         .shmem_provider(&mut shmem_provider)
         .coverage_ptr(addr_of_mut!(COVERAGE))
         .build(tuple_list!(observer))
-            .unwrap()
-    };
+        .unwrap();
+
     let mutator = StdScheduledMutator::new(havoc_mutations());
     let mut stages = tuple_list!(StdMutationalStage::new(mutator));
     fuzzer