SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add filename_path to MmapShMemProvider (#1014)

Browse Source 
* change how it is named

* Add more comments

* more

* macOS 32bytes onlyu

* chg

* comment, fix
This commit is contained in:
Dongjia "toka" Zhang 2023-01-26 08:53:37 +09:00 committed by GitHub
parent e5c220519e
commit b927fc9b06
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 26 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
libafl/src/bolts/shmem.rs
View File

@ -84,6 +84,10 @@ impl ShMemDescription {
/// An id associated with a given shared memory mapping ([`ShMem`]), which can be used to /// An id associated with a given shared memory mapping ([`ShMem`]), which can be used to
/// establish shared-mappings between proccesses. /// establish shared-mappings between proccesses.
/// Id is a file descriptor if you use `MmapShMem` or `AshmemShMem`.
/// That means you have to use shmem server to access to the shmem segment from other processes in these cases.
/// On the other hand, id is a unique identifier if you use `CommonUnixShMem` or `Win32ShMem`.
/// In these two cases, you can use shmat(id) or `OpenFileMappingA`(id) to gain access to the shmem
#[derive(Copy, Clone, Debug, Serialize, Deserialize, PartialEq, Eq, Hash, Default)] #[derive(Copy, Clone, Debug, Serialize, Deserialize, PartialEq, Eq, Hash, Default)]
pub struct ShMemId { pub struct ShMemId {
id: [u8; 20], id: [u8; 20],
@ -550,6 +554,7 @@ pub mod unix_shmem {
use crate::{ use crate::{
bolts::{ bolts::{
rands::{Rand, RandomSeed, StdRand},
shmem::{ShMem, ShMemId, ShMemProvider}, shmem::{ShMem, ShMemId, ShMemProvider},
AsMutSlice, AsSlice, AsMutSlice, AsSlice,
}, },
@ -588,6 +593,12 @@ pub mod unix_shmem {
pub __glibc_reserved5: c_ulong, pub __glibc_reserved5: c_ulong,
} }
// This is macOS's limit
// https://stackoverflow.com/questions/38049068/osx-shm-open-returns-enametoolong
#[cfg(target_vendor = "apple")]
const MAX_MMAP_FILENAME_LEN: usize = 31;
#[cfg(not(target_vendor = "apple"))]
const MAX_MMAP_FILENAME_LEN: usize = 256; const MAX_MMAP_FILENAME_LEN: usize = 256;
/// Mmap-based The sharedmap impl for unix using [`shm_open`] and [`mmap`]. /// Mmap-based The sharedmap impl for unix using [`shm_open`] and [`mmap`].
@ -610,14 +621,14 @@ pub mod unix_shmem {
impl MmapShMem { impl MmapShMem {
/// Create a new [`MmapShMem`] /// Create a new [`MmapShMem`]
pub fn new(map_size: usize, shmem_ctr: usize) -> Result<Self, Error> { pub fn new(map_size: usize, rand_id: u32) -> Result<Self, Error> {
unsafe { unsafe {
let mut filename_path = [0_u8; MAX_MMAP_FILENAME_LEN]; let mut filename_path = [0_u8; MAX_MMAP_FILENAME_LEN];
write!( write!(
&mut filename_path[..MAX_MMAP_FILENAME_LEN - 1], &mut filename_path[..MAX_MMAP_FILENAME_LEN - 1],
"/libafl_{}_{}", "/libafl_{}_{}",
process::id(), process::id(),
shmem_ctr rand_id
)?; )?;
/* create the shared memory segment as if it was a file */ /* create the shared memory segment as if it was a file */
@ -629,7 +640,7 @@ pub mod unix_shmem {
if shm_fd == -1 { if shm_fd == -1 {
perror(b"shm_open\0".as_ptr() as *const _); perror(b"shm_open\0".as_ptr() as *const _);
return Err(Error::unknown(format!( return Err(Error::unknown(format!(
"Failed to shm_open map with id {shmem_ctr:?}" "Failed to shm_open map with id {filename_path:?}",
))); )));
} }
@ -638,7 +649,7 @@ pub mod unix_shmem {
perror(b"ftruncate\0".as_ptr() as *const _); perror(b"ftruncate\0".as_ptr() as *const _);
shm_unlink(filename_path.as_ptr() as *const _); shm_unlink(filename_path.as_ptr() as *const _);
return Err(Error::unknown(format!( return Err(Error::unknown(format!(
"setup_shm(): ftruncate() failed for map with id {shmem_ctr:?}" "setup_shm(): ftruncate() failed for map with id {filename_path:?}",
))); )));
} }
@ -656,7 +667,7 @@ pub mod unix_shmem {
close(shm_fd); close(shm_fd);
shm_unlink(filename_path.as_ptr() as *const _); shm_unlink(filename_path.as_ptr() as *const _);
return Err(Error::unknown(format!( return Err(Error::unknown(format!(
"mmap() failed for map with id {shmem_ctr:?}" "mmap() failed for map with id {filename_path:?}",
))); )));
} }
@ -700,13 +711,19 @@ pub mod unix_shmem {
}) })
} }
} }
/// Get `filename_path`
#[must_use]
pub fn filename_path(&self) -> &Option<[u8; MAX_MMAP_FILENAME_LEN]> {
&self.filename_path
}
} }
/// A [`ShMemProvider`] which uses `shmget`/`shmat`/`shmctl` to provide shared memory mappings. /// A [`ShMemProvider`] which uses `shmget`/`shmat`/`shmctl` to provide shared memory mappings.
#[cfg(unix)] #[cfg(unix)]
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
pub struct MmapShMemProvider { pub struct MmapShMemProvider {
current_shmem_id: usize, rand: StdRand,
} }
unsafe impl Send for MmapShMemProvider {} unsafe impl Send for MmapShMemProvider {}
@ -725,12 +742,12 @@ pub mod unix_shmem {
fn new() -> Result<Self, Error> { fn new() -> Result<Self, Error> {
Ok(Self { Ok(Self {
current_shmem_id: 0, rand: StdRand::new(),
}) })
} }
fn new_shmem(&mut self, map_size: usize) -> Result<Self::ShMem, Error> { fn new_shmem(&mut self, map_size: usize) -> Result<Self::ShMem, Error> {
self.current_shmem_id += 1; let id = self.rand.next() as u32;
MmapShMem::new(map_size, self.current_shmem_id) MmapShMem::new(map_size, id)
} }
fn shmem_from_id_and_size( fn shmem_from_id_and_size(