diff --git a/libafl_qemu/src/asan.rs b/libafl_qemu/src/asan.rs index 07cd3f4c5c..6c2ca488cc 100644 --- a/libafl_qemu/src/asan.rs +++ b/libafl_qemu/src/asan.rs @@ -65,7 +65,7 @@ impl TryFrom for QasanAction { type Error = num_enum::TryFromPrimitiveError; fn try_from(value: u32) -> Result { - QasanAction::try_from(value as u64) + QasanAction::try_from(u64::from(value)) } } diff --git a/libafl_qemu/src/emu.rs b/libafl_qemu/src/emu.rs index 9dd71b7b16..0cffe7d620 100644 --- a/libafl_qemu/src/emu.rs +++ b/libafl_qemu/src/emu.rs @@ -42,8 +42,8 @@ pub enum GuestAddrKind { impl fmt::Display for GuestAddrKind { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { match self { - GuestAddrKind::Physical(phys_addr) => write!(f, "hwaddr 0x{:x}", phys_addr), - GuestAddrKind::Virtual(virt_addr) => write!(f, "vaddr 0x{:x}", virt_addr), + GuestAddrKind::Physical(phys_addr) => write!(f, "hwaddr 0x{phys_addr:x}"), + GuestAddrKind::Virtual(virt_addr) => write!(f, "vaddr 0x{virt_addr:x}"), } } } @@ -793,13 +793,13 @@ impl From<&'static T> for HookData { impl From<*mut T> for HookData { fn from(value: *mut T) -> Self { - unsafe { HookData(core::mem::transmute(value)) } + HookData(value as u64) } } impl From<*const T> for HookData { fn from(value: *const T) -> Self { - unsafe { HookData(core::mem::transmute(value)) } + HookData(value as u64) } } @@ -811,19 +811,19 @@ impl From for HookData { impl From for HookData { fn from(value: u32) -> Self { - HookData(value as u64) + HookData(u64::from(value)) } } impl From for HookData { fn from(value: u16) -> Self { - HookData(value as u64) + HookData(u64::from(value)) } } impl From for HookData { fn from(value: u8) -> Self { - HookData(value as u64) + HookData(u64::from(value)) } } @@ -845,9 +845,9 @@ impl fmt::Display for EmuExitReason { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { match self { EmuExitReason::End => write!(f, "End"), - EmuExitReason::Breakpoint(vaddr) => write!(f, "Breakpoint @vaddr 0x{:x}", vaddr), + EmuExitReason::Breakpoint(vaddr) => write!(f, "Breakpoint @vaddr 0x{vaddr:x}"), EmuExitReason::SyncBackdoor(sync_backdoor) => { - write!(f, "Sync backdoor exit: {}", sync_backdoor) + write!(f, "Sync backdoor exit: {sync_backdoor}") } } } @@ -874,7 +874,7 @@ impl TryFrom<&Emulator> for EmuExitReason { Err(EmuExitReasonError::UnexpectedExit) } else { let exit_reason: &mut libafl_qemu_sys::libafl_exit_reason = - unsafe { transmute(exit_reason) }; + unsafe { transmute(&mut *exit_reason) }; Ok(match exit_reason.kind { libafl_qemu_sys::libafl_exit_reason_kind_BREAKPOINT => unsafe { EmuExitReason::Breakpoint(exit_reason.data.breakpoint.addr.into()) diff --git a/libafl_qemu/src/hooks.rs b/libafl_qemu/src/hooks.rs index cb2427f0e5..12ee0ebd0f 100644 --- a/libafl_qemu/src/hooks.rs +++ b/libafl_qemu/src/hooks.rs @@ -58,10 +58,7 @@ pub enum Hook { impl Hook { pub fn is_empty(&self) -> bool { - match self { - Hook::Empty => true, - _ => false, - } + matches!(self, Hook::Empty) } } @@ -81,7 +78,7 @@ macro_rules! get_raw_hook { macro_rules! hook_to_repr { ($h:expr) => { match $h { - Hook::Function(f) => HookRepr::Function(transmute(f)), + Hook::Function(f) => HookRepr::Function(f as *const libc::c_void), Hook::Closure(c) => HookRepr::Closure(transmute(c)), Hook::Raw(_) => HookRepr::Empty, // managed by emu Hook::Empty => HookRepr::Empty, @@ -332,7 +329,7 @@ where let func: &mut Box, i32)> = transmute(ptr); func(hooks, target_sig); } - _ => (), + HookRepr::Empty => (), } } } @@ -459,16 +456,14 @@ where >, invalidate_block: bool, ) -> HookId { - unsafe { - match hook { - Hook::Function(f) => self.instruction_function(addr, f, invalidate_block), - Hook::Closure(c) => self.instruction_closure(addr, c, invalidate_block), - Hook::Raw(r) => { - let z: *const () = transmute(0u64); - self.emulator.set_hook(z, addr, r, invalidate_block) - } - Hook::Empty => HookId(0), // TODO error type + match hook { + Hook::Function(f) => self.instruction_function(addr, f, invalidate_block), + Hook::Closure(c) => self.instruction_closure(addr, c, invalidate_block), + Hook::Raw(r) => { + let z: *const () = ptr::null::<()>(); + self.emulator.set_hook(z, addr, r, invalidate_block) } + Hook::Empty => HookId(0), // TODO error type } } @@ -883,16 +878,14 @@ where extern "C" fn(*const (), pc: GuestAddr), >, ) -> HookId { - unsafe { - match hook { - Hook::Function(f) => self.backdoor_function(f), - Hook::Closure(c) => self.backdoor_closure(c), - Hook::Raw(r) => { - let z: *const () = transmute(0u64); - self.emulator.add_backdoor_hook(z, r) - } - Hook::Empty => HookId(0), // TODO error type + match hook { + Hook::Function(f) => self.backdoor_function(f), + Hook::Closure(c) => self.backdoor_closure(c), + Hook::Raw(r) => { + let z: *const () = ptr::null::<()>(); + self.emulator.add_backdoor_hook(z, r) } + Hook::Empty => HookId(0), // TODO error type } } @@ -966,16 +959,14 @@ where ) -> SyscallHookResult, >, ) -> HookId { - unsafe { - match hook { - Hook::Function(f) => self.syscalls_function(f), - Hook::Closure(c) => self.syscalls_closure(c), - Hook::Raw(r) => { - let z: *const () = transmute(0u64); - self.emulator.add_pre_syscall_hook(z, r) - } - Hook::Empty => HookId(0), // TODO error type + match hook { + Hook::Function(f) => self.syscalls_function(f), + Hook::Closure(c) => self.syscalls_closure(c), + Hook::Raw(r) => { + let z: *const () = ptr::null::<()>(); + self.emulator.add_pre_syscall_hook(z, r) } + Hook::Empty => HookId(0), // TODO error type } } @@ -1085,16 +1076,14 @@ where ) -> GuestAddr, >, ) -> HookId { - unsafe { - match hook { - Hook::Function(f) => self.after_syscalls_function(f), - Hook::Closure(c) => self.after_syscalls_closure(c), - Hook::Raw(r) => { - let z: *const () = transmute(0u64); - self.emulator.add_post_syscall_hook(z, r) - } - Hook::Empty => HookId(0), // TODO error type + match hook { + Hook::Function(f) => self.after_syscalls_function(f), + Hook::Closure(c) => self.after_syscalls_closure(c), + Hook::Raw(r) => { + let z: *const () = ptr::null::<()>(); + self.emulator.add_post_syscall_hook(z, r) } + Hook::Empty => HookId(0), // TODO error type } } @@ -1165,16 +1154,14 @@ where extern "C" fn(*const (), tid: u32) -> bool, >, ) -> HookId { - unsafe { - match hook { - Hook::Function(f) => self.thread_creation_function(f), - Hook::Closure(c) => self.thread_creation_closure(c), - Hook::Raw(r) => { - let z: *const () = transmute(0u64); - self.emulator.add_new_thread_hook(z, r) - } - Hook::Empty => HookId(0), // TODO error type + match hook { + Hook::Function(f) => self.thread_creation_function(f), + Hook::Closure(c) => self.thread_creation_closure(c), + Hook::Raw(r) => { + let z: *const () = ptr::null::<()>(); + self.emulator.add_new_thread_hook(z, r) } + Hook::Empty => HookId(0), // TODO error type } } diff --git a/libafl_qemu/src/sync_backdoor.rs b/libafl_qemu/src/sync_backdoor.rs index 4f4a74fb90..a3cfb1c9d9 100644 --- a/libafl_qemu/src/sync_backdoor.rs +++ b/libafl_qemu/src/sync_backdoor.rs @@ -79,19 +79,19 @@ impl CommandInput { #[cfg(emulation_mode = "usermode")] { // For now the default behaviour is to fall back to virtual addresses - emu.write_mem(hwaddr.try_into().unwrap(), input) + emu.write_mem(hwaddr.try_into().unwrap(), input); } #[cfg(emulation_mode = "systemmode")] { - emu.write_phys_mem(hwaddr, input) + emu.write_phys_mem(hwaddr, input); } }, GuestAddrKind::Virtual(vaddr) => unsafe { - emu.write_mem(vaddr.try_into().unwrap(), input) + emu.write_mem(vaddr.try_into().unwrap(), input); }, }; - backdoor.ret(&emu, input.len().try_into().unwrap()).unwrap() + backdoor.ret(emu, input.len().try_into().unwrap()).unwrap(); } } @@ -115,11 +115,11 @@ impl Display for Command { match self { Command::Save => write!(f, "Save VM"), Command::Load => write!(f, "Reload VM"), - Command::Input(command_input) => write!(f, "Set fuzzing input @{}", command_input), + Command::Input(command_input) => write!(f, "Set fuzzing input @{command_input}"), Command::Start(command_input) => { - write!(f, "Start fuzzing with input @{}", command_input) + write!(f, "Start fuzzing with input @{command_input}") } - Command::Exit(exit_kind) => write!(f, "Exit of kind {:?}", exit_kind), + Command::Exit(exit_kind) => write!(f, "Exit of kind {exit_kind:?}"), } } } @@ -131,6 +131,7 @@ pub struct SyncBackdoor { } impl SyncBackdoor { + #[must_use] pub fn command(&self) -> &Command { &self.command } @@ -197,18 +198,15 @@ impl TryFrom<&Emulator> for SyncBackdoor { let native_exit_kind: Result = u64::from(native_exit_kind).try_into(); - let exit_kind = native_exit_kind - .ok() - .map(|k| { - EMU_EXIT_KIND_MAP.get_or_init(|| { - enum_map! { - NativeExitKind::Unknown => None, - NativeExitKind::Ok => Some(ExitKind::Ok), - NativeExitKind::Crash => Some(ExitKind::Crash) - } - })[k] - }) - .flatten(); + let exit_kind = native_exit_kind.ok().and_then(|k| { + EMU_EXIT_KIND_MAP.get_or_init(|| { + enum_map! { + NativeExitKind::Unknown => None, + NativeExitKind::Ok => Some(ExitKind::Ok), + NativeExitKind::Crash => Some(ExitKind::Crash) + } + })[k] + }); SyncBackdoor { command: Command::Exit(exit_kind),