From 9272b8b37b673389c393b310c497c216587f949c Mon Sep 17 00:00:00 2001
From: Andrea Fioraldi <andreafioraldi@gmail.com>
Date: Thu, 11 Feb 2021 22:10:20 +0100
Subject: [PATCH] fix hascorpus generic

---
 afl/src/mutators/mod.rs             |  2 +-
 afl/src/mutators/mutations.rs       |  4 ++--
 afl/src/mutators/scheduled.rs       | 26 +++++++++++++-------------
 afl/src/state/mod.rs                |  9 +++++++--
 fuzzers/libfuzzer_libpng/Cargo.toml |  1 +
 fuzzers/libfuzzer_libpng/src/mod.rs | 12 ++++++++++++
 6 files changed, 36 insertions(+), 18 deletions(-)

diff --git a/afl/src/mutators/mod.rs b/afl/src/mutators/mod.rs
index ddc52ebb22..b8c6e57fd1 100644
--- a/afl/src/mutators/mod.rs
+++ b/afl/src/mutators/mod.rs
@@ -25,7 +25,7 @@ where
     C: Corpus<I, R>,
     I: Input,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     /// Mutate a given input
     fn mutate(
diff --git a/afl/src/mutators/mutations.rs b/afl/src/mutators/mutations.rs
index 9cb24904db..4d88482bce 100644
--- a/afl/src/mutators/mutations.rs
+++ b/afl/src/mutators/mutations.rs
@@ -70,7 +70,7 @@ where
     C: Corpus<I, R>,
     I: Input,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     /// Get a mutation by index
     fn mutation_by_idx(&self, index: usize) -> MutationFunction<I, Self, R, S>;
@@ -684,7 +684,7 @@ where
     C: Corpus<I, R>,
     I: Input + HasBytesVec,
     R: Rand,
-    S: HasCorpus<C>,
+    S: HasCorpus<C, I, R>,
 {
     // We don't want to use the testcase we're already using for splicing
     let (other_testcase, idx) = state.corpus().random_entry(rand)?;
diff --git a/afl/src/mutators/scheduled.rs b/afl/src/mutators/scheduled.rs
index 7c841679fe..6a0b6bb133 100644
--- a/afl/src/mutators/scheduled.rs
+++ b/afl/src/mutators/scheduled.rs
@@ -16,7 +16,7 @@ where
     C: Corpus<I, R>,
     I: Input,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     /// Compute the number of iterations used to apply stacked mutations
     #[inline]
@@ -55,7 +55,7 @@ where
     C: Corpus<I, R>,
     I: Input,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     mutations: Vec<MutationFunction<I, Self, R, S>>,
     max_size: usize,
@@ -66,7 +66,7 @@ where
     C: Corpus<I, R>,
     I: Input,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         write!(
@@ -84,7 +84,7 @@ where
     C: Corpus<I, R>,
     I: Input,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     fn mutate(
         &mut self,
@@ -102,7 +102,7 @@ where
     C: Corpus<I, R>,
     I: Input,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     #[inline]
     fn mutation_by_idx(&self, index: usize) -> MutationFunction<I, Self, R, S> {
@@ -125,7 +125,7 @@ where
     C: Corpus<I, R>,
     I: Input,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     // Just use the default methods
 }
@@ -135,7 +135,7 @@ where
     C: Corpus<I, R>,
     I: Input,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     #[inline]
     fn max_size(&self) -> usize {
@@ -153,7 +153,7 @@ where
     C: Corpus<I, R>,
     I: Input,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     /// Create a new StdScheduledMutator instance without mutations and corpus
     pub fn new() -> Self {
@@ -180,7 +180,7 @@ where
     C: Corpus<I, R>,
     I: Input + HasBytesVec,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     scheduled: SM,
     phantom: PhantomData<(C, I, R, S)>,
@@ -192,7 +192,7 @@ where
     C: Corpus<I, R>,
     I: Input + HasBytesVec,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     /// Mutate bytes
     fn mutate(
@@ -234,7 +234,7 @@ where
     C: Corpus<I, R>,
     I: Input + HasBytesVec,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     #[inline]
     fn max_size(&self) -> usize {
@@ -253,7 +253,7 @@ where
     C: Corpus<I, R>,
     I: Input + HasBytesVec,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     /// Create a new HavocBytesMutator instance given a ScheduledMutator to wrap
     pub fn new(mut scheduled: SM) -> Self {
@@ -271,7 +271,7 @@ where
     C: Corpus<I, R>,
     I: Input + HasBytesVec,
     R: Rand,
-    S: HasCorpus<C> + HasMetadata,
+    S: HasCorpus<C, I, R> + HasMetadata,
 {
     /// Create a new HavocBytesMutator instance wrapping StdScheduledMutator
     pub fn new_default() -> Self {
diff --git a/afl/src/state/mod.rs b/afl/src/state/mod.rs
index aa2957cd89..156ba3339f 100644
--- a/afl/src/state/mod.rs
+++ b/afl/src/state/mod.rs
@@ -25,7 +25,12 @@ use crate::{
 use crate::inputs::bytes::BytesInput;
 
 /// Trait for elements offering a corpus
-pub trait HasCorpus<C> {
+pub trait HasCorpus<C, I, R>
+where
+    C: Corpus<I, R>,
+    I: Input,
+    R: Rand,
+{
     /// The testcase corpus
     fn corpus(&self) -> &C;
     /// The testcase corpus (mut)
@@ -147,7 +152,7 @@ where
     }
 }
 
-impl<C, FT, I, R> HasCorpus<C> for State<C, FT, I, R>
+impl<C, FT, I, R> HasCorpus<C, I, R> for State<C, FT, I, R>
 where
     C: Corpus<I, R>,
     I: Input,
diff --git a/fuzzers/libfuzzer_libpng/Cargo.toml b/fuzzers/libfuzzer_libpng/Cargo.toml
index 0af13c750f..6b2bbff093 100644
--- a/fuzzers/libfuzzer_libpng/Cargo.toml
+++ b/fuzzers/libfuzzer_libpng/Cargo.toml
@@ -26,6 +26,7 @@ clap = "2.32.0"
 serde = { version = "1.0", default-features = false, features = ["alloc"] }
 postcard = { version = "0.5.1", features = ["alloc"] }
 afl = { path = "../../afl/" }
+# libc = "0.2"
 
 [[bin]]
 name = "libfuzzer"
diff --git a/fuzzers/libfuzzer_libpng/src/mod.rs b/fuzzers/libfuzzer_libpng/src/mod.rs
index 534b9f99ef..d18702a311 100644
--- a/fuzzers/libfuzzer_libpng/src/mod.rs
+++ b/fuzzers/libfuzzer_libpng/src/mod.rs
@@ -4,6 +4,8 @@
 #[macro_use]
 extern crate clap;
 
+// extern crate libc;
+
 use clap::{App, Arg};
 use std::{env, path::PathBuf};
 
@@ -162,6 +164,16 @@ fn fuzz(input: Option<Vec<PathBuf>>, broker_port: u16) -> Result<(), AflError> {
             println!("Warning: LLVMFuzzerInitialize failed with -1")
         }
     }
+    
+    /*
+    // TODO close fds in a rusty way
+    unsafe {
+      let null_fname = std::ffi::CString::new("/dev/null").unwrap();
+      let null_file = libc::open(null_fname.as_ptr(), libc::O_RDWR);
+      libc::dup2(null_file, 1);
+      libc::dup2(null_file, 2);
+    }
+    */
 
     // in case the corpus is empty (on first run), reset
     if state.corpus().count() < 1 {