SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Qemu generic hooks (#313)

Browse Source 
* generic hooks

* Fix generic hooks
This commit is contained in:
Andrea Fioraldi 2021-10-01 16:27:26 +02:00 committed by GitHub
parent 7e176ff292
commit a420eb0513
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fuzzers/fuzzbench_qemu/fuzz.c
View File

@ -2,8 +2,11 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
char o = 0;
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
// printf("Got %ld bytes.\n", Size); // printf("Got %ld bytes.\n", Size);
o += 1;
if (Size >= 4 && *(uint32_t*)Data == 0xaabbccdd) if (Size >= 4 && *(uint32_t*)Data == 0xaabbccdd)
abort(); abort();
} }

2
libafl_qemu/build.rs
View File

@ -3,7 +3,7 @@ use which::which;
const QEMU_URL: &str = "https://github.com/AFLplusplus/qemu-libafl-bridge"; const QEMU_URL: &str = "https://github.com/AFLplusplus/qemu-libafl-bridge";
const QEMU_DIRNAME: &str = "qemu-libafl-bridge"; const QEMU_DIRNAME: &str = "qemu-libafl-bridge";
const QEMU_REVISION: &str = "6065cb8a84b305146d37ae540926bac439fc5601"; const QEMU_REVISION: &str = "f9898d7db457e57f84178c3ae58b4972ad66587d";
fn build_dep_check(tools: &[&str]) { fn build_dep_check(tools: &[&str]) {
for tool in tools { for tool in tools {

14
libafl_qemu/src/emu.rs
View File

@ -178,6 +178,8 @@ extern "C" {
fn libafl_qemu_num_regs() -> i32; fn libafl_qemu_num_regs() -> i32;
fn libafl_qemu_set_breakpoint(addr: u64) -> i32; fn libafl_qemu_set_breakpoint(addr: u64) -> i32;
fn libafl_qemu_remove_breakpoint(addr: u64) -> i32; fn libafl_qemu_remove_breakpoint(addr: u64) -> i32;
fn libafl_qemu_insert_hook(addr: u64, callback: /*extern "C"*/ extern fn ()) -> i32;
fn libafl_qemu_remove_hook(addr: u64) -> i32;
fn libafl_qemu_run() -> i32; fn libafl_qemu_run() -> i32;
fn libafl_load_addr() -> u64; fn libafl_load_addr() -> u64;
fn libafl_get_brk() -> u64; fn libafl_get_brk() -> u64;
@ -395,6 +397,18 @@ pub fn remove_breakpoint(addr: u64) {
} }
} }
pub fn set_hook(addr: u64, callback: extern fn()) {
unsafe {
libafl_qemu_insert_hook(addr, callback);
}
}
pub fn remove_hook(addr: u64) {
unsafe {
libafl_qemu_remove_hook(addr);
}
}
pub fn run() { pub fn run() {
unsafe { unsafe {
libafl_qemu_run(); libafl_qemu_run();