From e8b3d33bf4c5edbe6fdd1e85c8334faa7f8fcd02 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Tue, 18 Oct 2022 20:36:43 +0200 Subject: [PATCH] Update dependencies, removed unused deps, CI fixes (#839) * update clap, remove unused deps * update grammartek * update pyo3 * update pyo3 * undid clap update * not changing nyx * updated deps * Update more deps, fixes * not needed clippy * fix windows * try to enable deprecated pyproto for pyo3 * unused * moving some things to clap4 after all * initial move to clap 4 * fix clap * more clap4, removed accidental file * fixes, fmt * fix * all fix no play * fix --- .gitignore | 3 +- bindings/pylibafl/Cargo.toml | 4 +- bindings/pylibafl/README.md | 10 +-- fuzzers/forkserver_simple/Cargo.toml | 2 +- fuzzers/forkserver_simple/src/main.rs | 13 ++- fuzzers/frida_gdiplus/Cargo.toml | 2 +- fuzzers/frida_libpng/Cargo.toml | 2 +- fuzzers/fuzzbench/Cargo.toml | 4 +- fuzzers/fuzzbench/server | Bin 0 -> 16784 bytes fuzzers/fuzzbench/src/lib.rs | 26 +++--- fuzzers/fuzzbench_fork_qemu/Cargo.toml | 2 +- fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs | 8 +- fuzzers/fuzzbench_qemu/Cargo.toml | 2 +- fuzzers/fuzzbench_qemu/src/fuzzer.rs | 10 +-- fuzzers/fuzzbench_text/Cargo.toml | 2 +- fuzzers/fuzzbench_text/src/lib.rs | 10 +-- fuzzers/fuzzbench_weighted/Cargo.toml | 2 +- fuzzers/fuzzbench_weighted/src/lib.rs | 10 +-- fuzzers/libafl_atheris/src/lib.rs | 10 +-- .../libfuzzer_libpng_accounting/Cargo.toml | 2 +- .../libfuzzer_libpng_accounting/src/lib.rs | 41 +++------ fuzzers/libfuzzer_libpng_ctx/Cargo.toml | 2 +- fuzzers/libfuzzer_libpng_ctx/src/lib.rs | 39 +++------ fuzzers/libfuzzer_libpng_launcher/Cargo.toml | 2 +- fuzzers/libfuzzer_libpng_launcher/src/lib.rs | 39 +++------ .../fuzzer/Cargo.toml | 2 +- .../fuzzer/src/main.rs | 6 +- libafl/Cargo.toml | 27 +++--- libafl/src/bolts/cli.rs | 82 ++++++++---------- libafl/src/bolts/core_affinity.rs | 2 +- libafl/src/bolts/rands.rs | 2 + libafl/src/bolts/shmem.rs | 4 +- libafl/src/corpus/cached.rs | 1 + libafl/src/corpus/inmemory.rs | 1 + libafl/src/corpus/ondisk.rs | 1 + libafl/src/executors/mod.rs | 1 + libafl/src/executors/timeout.rs | 8 +- libafl/src/observers/map.rs | 2 + libafl/src/observers/mod.rs | 2 + libafl_concolic/symcc_runtime/Cargo.toml | 2 +- .../test/dump_constraints/Cargo.toml | 2 +- .../test/dump_constraints/src/main.rs | 20 ++--- libafl_frida/Cargo.toml | 2 +- libafl_nyx/Cargo.toml | 4 +- libafl_qemu/Cargo.toml | 4 +- libafl_sugar/Cargo.toml | 6 +- utils/gramatron/construct_automata/Cargo.toml | 2 +- .../gramatron/construct_automata/src/main.rs | 20 ++--- utils/libafl_benches/Cargo.toml | 4 +- 49 files changed, 204 insertions(+), 250 deletions(-) create mode 100755 fuzzers/fuzzbench/server diff --git a/.gitignore b/.gitignore index c79b27f4ef..c90546d363 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ target +target-bin out Cargo.lock vendor @@ -48,4 +49,4 @@ __pycache__ *atomic_file_testfile* **/libxml2 **/corpus_discovered -**/libxml2-*.tar.gz \ No newline at end of file +**/libxml2-*.tar.gz diff --git a/bindings/pylibafl/Cargo.toml b/bindings/pylibafl/Cargo.toml index fc99ceafda..5263c39ef3 100644 --- a/bindings/pylibafl/Cargo.toml +++ b/bindings/pylibafl/Cargo.toml @@ -4,13 +4,13 @@ version = "0.8.2" edition = "2021" [dependencies] -pyo3 = { version = "0.15", features = ["extension-module"] } +pyo3 = { version = "0.17", features = ["extension-module"] } libafl_qemu = { path = "../../libafl_qemu", version = "0.8.2", features = ["python"] } libafl_sugar = { path = "../../libafl_sugar", version = "0.8.2", features = ["python"] } libafl = { path = "../../libafl", version = "0.8.2", features = ["python"] } [build-dependencies] -pyo3-build-config = { version = "0.15" } +pyo3-build-config = { version = "0.17" } [lib] name = "pylibafl" diff --git a/bindings/pylibafl/README.md b/bindings/pylibafl/README.md index 728dc6483f..3e3922251e 100644 --- a/bindings/pylibafl/README.md +++ b/bindings/pylibafl/README.md @@ -1,10 +1,10 @@ # How to use python bindings ## First time setup -``` -# Create environment variable -python -m venv .env +```bash # Install maturin pip install maturin +# Create virtual environment +python3 -m venv .env ``` ## Build bindings ``` @@ -13,7 +13,7 @@ source .env/bin/activate # Build python module maturin develop ``` -This is going to install `pylibafl` python module. +This is going to install `pylibafl` python module into this venv. ## Use bindings ### Example: Running baby_fuzzer in fuzzers/baby_fuzzer/baby_fuzzer.py @@ -28,4 +28,4 @@ Then simply run ``` python PATH_TO_BABY_FUZZER/baby_fuzzer.py ``` -The crashes' directory will be created in the directory from which you ran the command. +The crashes directory will be created in the directory from which you ran the command. diff --git a/fuzzers/forkserver_simple/Cargo.toml b/fuzzers/forkserver_simple/Cargo.toml index f763225b5c..49172932e9 100644 --- a/fuzzers/forkserver_simple/Cargo.toml +++ b/fuzzers/forkserver_simple/Cargo.toml @@ -18,4 +18,4 @@ opt-level = 3 [dependencies] libafl = { path = "../../libafl/" } clap = { version = "3.2", features = ["default"] } -nix = "0.24" +nix = "0.25" diff --git a/fuzzers/forkserver_simple/src/main.rs b/fuzzers/forkserver_simple/src/main.rs index faa617b3d2..ce0d89d3c5 100644 --- a/fuzzers/forkserver_simple/src/main.rs +++ b/fuzzers/forkserver_simple/src/main.rs @@ -74,7 +74,9 @@ pub fn main() { ) .get_matches(); - let corpus_dirs = vec![PathBuf::from(res.value_of("in").unwrap().to_string())]; + let corpus_dirs = vec![PathBuf::from( + res.get_one::("in").unwrap().to_string(), + )]; const MAP_SIZE: usize = 65536; @@ -159,7 +161,7 @@ pub fn main() { let mut tokens = Tokens::new(); let forkserver = ForkserverExecutor::builder() - .program(res.value_of("executable").unwrap()) + .program(res.get_one::("executable").unwrap()) .debug_child(debug_child) .shmem_provider(&mut shmem_provider) .autotokens(&mut tokens) @@ -170,13 +172,16 @@ pub fn main() { let mut executor = TimeoutForkserverExecutor::with_signal( forkserver, Duration::from_millis( - res.value_of("timeout") + res.get_one::("timeout") .unwrap() .to_string() .parse() .expect("Could not parse timeout in milliseconds"), ), - res.value_of("signal").unwrap().parse::().unwrap(), + res.get_one::("signal") + .unwrap() + .parse::() + .unwrap(), ) .expect("Failed to create the executor."); diff --git a/fuzzers/frida_gdiplus/Cargo.toml b/fuzzers/frida_gdiplus/Cargo.toml index e5e06f249c..1dd65e3316 100644 --- a/fuzzers/frida_gdiplus/Cargo.toml +++ b/fuzzers/frida_gdiplus/Cargo.toml @@ -33,7 +33,7 @@ libc = "0.2" libloading = "0.7" num-traits = "0.2" rangemap = "0.1" -clap = { version = "3.2", features = ["derive"] } +clap = { version = "4.0", features = ["derive"] } serde = "1.0" mimalloc = { version = "*", default-features = false } diff --git a/fuzzers/frida_libpng/Cargo.toml b/fuzzers/frida_libpng/Cargo.toml index ffdea7ac7a..306c8a7b41 100644 --- a/fuzzers/frida_libpng/Cargo.toml +++ b/fuzzers/frida_libpng/Cargo.toml @@ -36,7 +36,7 @@ libc = "0.2" libloading = "0.7" num-traits = "0.2" rangemap = "0.1" -clap = { version = "3.2", features = ["derive"] } +clap = { version = "4.0", features = ["derive"] } serde = "1.0" mimalloc = { version = "*", default-features = false } diff --git a/fuzzers/fuzzbench/Cargo.toml b/fuzzers/fuzzbench/Cargo.toml index 941f9ad3a6..7fb1d77d63 100644 --- a/fuzzers/fuzzbench/Cargo.toml +++ b/fuzzers/fuzzbench/Cargo.toml @@ -23,8 +23,8 @@ libafl = { path = "../../libafl/" } libafl_targets = { path = "../../libafl_targets/", features = ["sancov_pcguard_hitcounts", "sancov_cmplog", "libfuzzer"] } # TODO Include it only when building cc libafl_cc = { path = "../../libafl_cc/" } -clap = { version = "3.2", features = ["default"] } -nix = "0.24" +clap = { version = "4.0", features = ["default"] } +nix = "0.25" mimalloc = { version = "*", default-features = false } [lib] diff --git a/fuzzers/fuzzbench/server b/fuzzers/fuzzbench/server new file mode 100755 index 0000000000000000000000000000000000000000..6daa7aae04a822fd757427bd0bdec2c2547beaf0 GIT binary patch literal 16784 zcmeHOeQ+Da6<^6tVj#$hNs5zDase|nv{vLK1kp6*-@cE%cYCMZyW4A8!>imb7b9}BZ!#{;QaL2{jP1XWG#FD^fSn5a z1?)^V9pGx%NKcg|;s@Qrj(Cj_Sru@!tH%Q8Y6(AsONvzDBTjn7cnVizOcDCT@07&_y%d$D>>Pr zh<5GLu3g#@-z5`4obrh|!7U*38K_c0LRoMH1t5j*8FSigkaioSKJk#$Cyp_YI^M8i zpC?|sw0l|MZrIC;$_vE90%pW1-nYRH^YU4VPV+h$uiSaq?-Cw~OOY*#o88NnE{eyR z;$|Y--_##i*0gM?FO&2w<_6dtHZwYSwhGbgE%541rYB-E!aL2@k=PJzt>+erx82yMv*{b7z|S7vxAoD3VD>zS~f z3LEOv2F1@zO`usfg*INFQ{fxS;NK{Nx0S&$+f(`90=NR3lNJInm40Ix9CI?2eoGk~ zb2*hhp6jV_%=J__%Os;$7#1`7O^c^?7O4bU6--d;kK5Q`eNT= z-}#`uxi6WJ+B&q&ZTq=wWyFzO@QVPa>nS_Wgf8f2SMXZKCN5HW$=>e}IAX))Et%`p zt19P+VQz>N8!jS?nnoKgZ&AF$Z^NzW z5@m47#z(mP2+BB=8-JL~zeX8{aO1nUd_T%Kg&7~>@;xZyP;PuXm+wLuhmYeaF5iwa z4(Y}(=kkpx<4|tAoy*suj6=9_mCIM5j6=6^KgiARw&k9`Ow0X48+d)9y|ZoK$iuT$ zrtKST=WO3Z9USAFy)Ya9SM7ojV`DwO+6C8xH6A|5dv1V%oVEh@)@geX#x$NZj6mVl zo}sZGyMfA{;QH4d;w(3zjUKv48$D8`x%O($AGc-|JJU@vi!*a=RytDJz(TsaJ!a!Gxy3PIK9ZXL(Ptn z?A+Wz=y~3aW5c7UfB!K!ONIQ|P&w>D;1dDV0njtV}uogE{!J6-^l;dN;B(We;u3GBuB^JMKltW9F=L8!$B<3R_9ckOhs@L;UL z8y<`|%+5amhZW52g_c8zMs2XOVP^hx?xMdd_j@q&;&Jjr4COu!=ibc!1l&O}zZ-)d z4(ARvA839$ALUa1W?;dAeTD3OxmWVnfY3YwDG9)74sHrw7SuP54PS?C3Sm_t|2Qy_ z_9X&%5P=6!<17LE6oI=Cm?eN4flc=D;3eU~6@NJw4s3l}?!{nNTkb>Xnz>KAw85qk zfIGtH9>aT1e&8r1cJx@4HNW|#+663}dmmaJ%Ka01C7iS|=(B&zzJ+(7jhm>g&>>H_ z{_uK$PHcc{4LjSSF1Q#v9>vFO7-p!jU%P4L5x59yusS=T-L&b*)3%Ek?{B<4KZnD> zaLyYZ)K{pIfl3A{8K`8Sl7UJFDjBF`ppt?Amki)LpXS9E`26r|rZ-S#GNEiStzO0I zHI$5zzS2l5JrOf*#C$&A$*hCFx>7P(cmtKm^kn1ltx7a)L@cbIvKHTBiAv#2yxcMq zn?Yat7q7D>!>}-a0cHcl8#4ucorv=I*zRIGVG29HYPkj{3a6%>hYN*!fj3MP3Ne&{ z4*`$8S13FS{B__Hz-PZ-D0pE4Ykg2CTnhXJ;P(Q@_j^dLtJX1Bzt=T?=8T#l*9QJGu9|4bdm8bq&wWn;U+0HJSxBR>% z4QC;&z_tOlA!zsafwQ2;8}cXvZg-c*8}!r!JqmBfHmG_Bbk4Ku=v;+iF7AfyQ>b5$ z4FDf4p86J#(&A}s@%V$DK**CCm~r#;!D+Wt-&(cP?f%3Q2zvay8k9g)#7eOcnCD^h zLcTTuXHa#kyUkO7OI52!8LV#gG~PTd!WYj-6d&H^@#9gXKIDtbG8}`c z7?+RB;}h0j+@8KGcSc+#&)0g%dnCV7@|}|ZNb>t6|E=VEC4W)!Hzof_a%a5ND_4G9 zX$%?NW+b6BH^axO{-)+-=gK0J714Mku~~t~5gDB7H!s157EMc>zU(sQxthIK?5|XZ z=gkE*+hjjeWJMkDsr0|h^=C7Dv1lip^Shvz;p=ug;c^K#t7WQOM?rPVC7yENYb5@# z1CIgjV)Gb&FMve-CdJG1*pS4jA6^YO#`V{!P@1H2$MpkHalsRdfTR6)aQrlO$5|?r zCg~n1qW=;2Ji<=+;lfmTL!GJcQEq%_>~6|bt#+?uUeT zm+@l(KFd9a;a47Zy0(n|&j81`&h|f8M*m5`6}w|ueje~y?zwEcBM*N^9DcMOrdsO1 z3pnN(Kchk7&xn8@<2Z*(cF%$2g?@gg!@t*!`GNi{uM05e^b6^qNt~X&HKIPmRb~I@ z&&t4JDd6benSWL4<99wt{J9wLR*rM1WVgNyZkEBfmB9zg;JX3GJUiR@5Z8z6PPUUj z--DKYjCpXwzpCTD`dAtNESk2OeMwjd5a~8`E3z4ZjFpAYl%fEx>|DD}54Ux6>N-dv zn-nwB#%6pZo7Sy99hM*@j0~v6lKSR&vO5yjV^%Vq(IeS@c#7PYiW~SexS1iUo3VbM zpY^08eTE*(_VsP0NUdu^JkY9j!HZjUk|updi$29uV%|nGVZuU)bULzCH(+su9{SFj z;Kgk#!KbZ;uZI8#*45~(nl1upp><4O9bVfK4C`xGt?Fp))H{PM;Z{6WzKSB6$?84e zg|E0!?F%PxO-2d8S6P%Gx)F<55wSX>v_d434v$BgT(99!MIT~)#^j0*hf2v34mbsw zq~04z#Nr0i+tz|@%uMLni~*^cJSt3$TvJl&Ef&|)Mm!mXr}r4vGNXFRG~g&qBVp;d zBn8}bXEL%)e1!=mV z_$#C+xzm0l;5g@?_V1GI-zDwar5&~riP}$oE&=Q#7}JwI&0{8{J>}17&z-?80vpa@ z$e!joUKxOYSqt@I{5lz*<{Ku|VJNbvc~iffNYOkAR5&@$-}eB;ISSd+yyUpFKU3OK z`$>;D{@>!9hh$~C$}JQ*aZ|W-V*4e`2BCn5O7^O>SEapQDpGvPKOO&%rG1Okqj_73 z;>!a@d$e)d?* zpX_N}@5>5+Kw-g(d#C-=P-C}mT&Qy0#)ZNpg_Sm<^GDF1p@1s#ax2c)X#KA_5p>YG?oe literal 0 HcmV?d00001 diff --git a/fuzzers/fuzzbench/src/lib.rs b/fuzzers/fuzzbench/src/lib.rs index abee808652..2d1e503d72 100644 --- a/fuzzers/fuzzbench/src/lib.rs +++ b/fuzzers/fuzzbench/src/lib.rs @@ -71,22 +71,19 @@ pub fn libafl_main() { Arg::new("out") .short('o') .long("output") - .help("The directory to place finds in ('corpus')") - .takes_value(true), + .help("The directory to place finds in ('corpus')"), ) .arg( Arg::new("in") .short('i') .long("input") - .help("The directory to read initial inputs from ('seeds')") - .takes_value(true), + .help("The directory to read initial inputs from ('seeds')"), ) .arg( Arg::new("tokens") .short('x') .long("tokens") - .help("A file to read tokens from, to be used during fuzzing") - .takes_value(true), + .help("A file to read tokens from, to be used during fuzzing"), ) .arg( Arg::new("logfile") @@ -102,7 +99,7 @@ pub fn libafl_main() { .help("Timeout for each individual execution, in milliseconds") .default_value("1200"), ) - .arg(Arg::new("remaining").multiple_values(true)) + .arg(Arg::new("remaining")) .try_get_matches() { Ok(res) => res, @@ -123,8 +120,8 @@ pub fn libafl_main() { env::current_dir().unwrap().to_string_lossy().to_string() ); - if let Some(filenames) = res.values_of("remaining") { - let filenames: Vec<&str> = filenames.collect(); + if let Some(filenames) = res.get_many::("remaining") { + let filenames: Vec<&str> = filenames.map(|v| v.as_str()).collect(); if !filenames.is_empty() { run_testcases(&filenames); return; @@ -133,7 +130,7 @@ pub fn libafl_main() { // For fuzzbench, crashes and finds are inside the same `corpus` directory, in the "queue" and "crashes" subdir. let mut out_dir = PathBuf::from( - res.value_of("out") + res.get_one::("out") .expect("The --output parameter is missing") .to_string(), ); @@ -149,7 +146,7 @@ pub fn libafl_main() { out_dir.push("queue"); let in_dir = PathBuf::from( - res.value_of("in") + res.get_one::("in") .expect("The --input parameter is missing") .to_string(), ); @@ -158,14 +155,13 @@ pub fn libafl_main() { return; } - let tokens = res.value_of("tokens").map(PathBuf::from); + let tokens = res.get_one::("tokens").map(PathBuf::from); - let logfile = PathBuf::from(res.value_of("logfile").unwrap().to_string()); + let logfile = PathBuf::from(res.get_one::("logfile").unwrap()); let timeout = Duration::from_millis( - res.value_of("timeout") + res.get_one::("timeout") .unwrap() - .to_string() .parse() .expect("Could not parse timeout in milliseconds"), ); diff --git a/fuzzers/fuzzbench_fork_qemu/Cargo.toml b/fuzzers/fuzzbench_fork_qemu/Cargo.toml index 5f312f54ad..70b0617eb4 100644 --- a/fuzzers/fuzzbench_fork_qemu/Cargo.toml +++ b/fuzzers/fuzzbench_fork_qemu/Cargo.toml @@ -15,4 +15,4 @@ debug = true libafl = { path = "../../libafl/" } libafl_qemu = { path = "../../libafl_qemu/", features = ["x86_64"] } clap = { version = "3.2", features = ["default"] } -nix = "0.24" +nix = "0.25" diff --git a/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs b/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs index 9bb81fb662..0f32e2229f 100644 --- a/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs +++ b/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs @@ -113,7 +113,7 @@ pub fn main() { ); // For fuzzbench, crashes and finds are inside the same `corpus` directory, in the "queue" and "crashes" subdir. - let mut out_dir = PathBuf::from(res.value_of("out").unwrap().to_string()); + let mut out_dir = PathBuf::from(res.get_one::("out").unwrap().to_string()); if fs::create_dir(&out_dir).is_err() { println!("Out dir at {:?} already exists.", &out_dir); if !out_dir.is_dir() { @@ -125,15 +125,15 @@ pub fn main() { crashes.push("crashes"); out_dir.push("queue"); - let in_dir = PathBuf::from(res.value_of("in").unwrap().to_string()); + let in_dir = PathBuf::from(res.get_one::("in").unwrap().to_string()); if !in_dir.is_dir() { println!("In dir at {:?} is not a valid directory!", &in_dir); return; } - let tokens = res.value_of("tokens").map(PathBuf::from); + let tokens = res.get_one::("tokens").map(PathBuf::from); - let logfile = PathBuf::from(res.value_of("logfile").unwrap().to_string()); + let logfile = PathBuf::from(res.get_one::("logfile").unwrap().to_string()); fuzz(out_dir, crashes, in_dir, tokens, logfile).expect("An error occurred while fuzzing"); } diff --git a/fuzzers/fuzzbench_qemu/Cargo.toml b/fuzzers/fuzzbench_qemu/Cargo.toml index ff102bb4b4..958d41d120 100644 --- a/fuzzers/fuzzbench_qemu/Cargo.toml +++ b/fuzzers/fuzzbench_qemu/Cargo.toml @@ -15,4 +15,4 @@ debug = true libafl = { path = "../../libafl/" } libafl_qemu = { path = "../../libafl_qemu/", features = ["x86_64"] } clap = { version = "3.2", features = ["default"] } -nix = "0.24" +nix = "0.25" diff --git a/fuzzers/fuzzbench_qemu/src/fuzzer.rs b/fuzzers/fuzzbench_qemu/src/fuzzer.rs index c4e27c6559..9ef0c83812 100644 --- a/fuzzers/fuzzbench_qemu/src/fuzzer.rs +++ b/fuzzers/fuzzbench_qemu/src/fuzzer.rs @@ -125,7 +125,7 @@ pub fn main() { ); // For fuzzbench, crashes and finds are inside the same `corpus` directory, in the "queue" and "crashes" subdir. - let mut out_dir = PathBuf::from(res.value_of("out").unwrap().to_string()); + let mut out_dir = PathBuf::from(res.get_one::("out").unwrap().to_string()); if fs::create_dir(&out_dir).is_err() { println!("Out dir at {:?} already exists.", &out_dir); if !out_dir.is_dir() { @@ -137,18 +137,18 @@ pub fn main() { crashes.push("crashes"); out_dir.push("queue"); - let in_dir = PathBuf::from(res.value_of("in").unwrap().to_string()); + let in_dir = PathBuf::from(res.get_one::("in").unwrap().to_string()); if !in_dir.is_dir() { println!("In dir at {:?} is not a valid directory!", &in_dir); return; } - let tokens = res.value_of("tokens").map(PathBuf::from); + let tokens = res.get_one::("tokens").map(PathBuf::from); - let logfile = PathBuf::from(res.value_of("logfile").unwrap().to_string()); + let logfile = PathBuf::from(res.get_one::("logfile").unwrap().to_string()); let timeout = Duration::from_millis( - res.value_of("timeout") + res.get_one::("timeout") .unwrap() .to_string() .parse() diff --git a/fuzzers/fuzzbench_text/Cargo.toml b/fuzzers/fuzzbench_text/Cargo.toml index 1c6b4d52df..9d58e4754f 100644 --- a/fuzzers/fuzzbench_text/Cargo.toml +++ b/fuzzers/fuzzbench_text/Cargo.toml @@ -24,7 +24,7 @@ libafl_targets = { path = "../../libafl_targets/", features = ["sancov_pcguard_h # TODO Include it only when building cc libafl_cc = { path = "../../libafl_cc/" } clap = { version = "3.2", features = ["default"] } -nix = "0.24" +nix = "0.25" mimalloc = { version = "*", default-features = false } content_inspector = "0.2.4" diff --git a/fuzzers/fuzzbench_text/src/lib.rs b/fuzzers/fuzzbench_text/src/lib.rs index 9ca385f450..d3bc751c07 100644 --- a/fuzzers/fuzzbench_text/src/lib.rs +++ b/fuzzers/fuzzbench_text/src/lib.rs @@ -139,7 +139,7 @@ pub fn libafl_main() { // For fuzzbench, crashes and finds are inside the same `corpus` directory, in the "queue" and "crashes" subdir. let mut out_dir = PathBuf::from( - res.value_of("out") + res.get_one::("out") .expect("The --output parameter is missing") .to_string(), ); @@ -155,7 +155,7 @@ pub fn libafl_main() { out_dir.push("queue"); let in_dir = PathBuf::from( - res.value_of("in") + res.get_one::("in") .expect("The --input parameter is missing") .to_string(), ); @@ -164,12 +164,12 @@ pub fn libafl_main() { return; } - let tokens = res.value_of("tokens").map(PathBuf::from); + let tokens = res.get_one::("tokens").map(PathBuf::from); - let logfile = PathBuf::from(res.value_of("logfile").unwrap().to_string()); + let logfile = PathBuf::from(res.get_one::("logfile").unwrap().to_string()); let timeout = Duration::from_millis( - res.value_of("timeout") + res.get_one::("timeout") .unwrap() .to_string() .parse() diff --git a/fuzzers/fuzzbench_weighted/Cargo.toml b/fuzzers/fuzzbench_weighted/Cargo.toml index b508e55ebe..20e629c695 100644 --- a/fuzzers/fuzzbench_weighted/Cargo.toml +++ b/fuzzers/fuzzbench_weighted/Cargo.toml @@ -24,7 +24,7 @@ libafl_targets = { path = "../../libafl_targets/", features = ["sancov_pcguard_h # TODO Include it only when building cc libafl_cc = { path = "../../libafl_cc/" } clap = { version = "3.2", features = ["default"] } -nix = "0.24" +nix = "0.25" mimalloc = { version = "*", default-features = false } [lib] diff --git a/fuzzers/fuzzbench_weighted/src/lib.rs b/fuzzers/fuzzbench_weighted/src/lib.rs index fcc1edb7be..a86e44d786 100644 --- a/fuzzers/fuzzbench_weighted/src/lib.rs +++ b/fuzzers/fuzzbench_weighted/src/lib.rs @@ -133,7 +133,7 @@ pub fn libafl_main() { // For fuzzbench, crashes and finds are inside the same `corpus` directory, in the "queue" and "crashes" subdir. let mut out_dir = PathBuf::from( - res.value_of("out") + res.get_one::("out") .expect("The --output parameter is missing") .to_string(), ); @@ -149,7 +149,7 @@ pub fn libafl_main() { out_dir.push("queue"); let in_dir = PathBuf::from( - res.value_of("in") + res.get_one::("in") .expect("The --input parameter is missing") .to_string(), ); @@ -158,12 +158,12 @@ pub fn libafl_main() { return; } - let tokens = res.value_of("tokens").map(PathBuf::from); + let tokens = res.get_one::("tokens").map(PathBuf::from); - let logfile = PathBuf::from(res.value_of("logfile").unwrap().to_string()); + let logfile = PathBuf::from(res.get_one::("logfile").unwrap().to_string()); let timeout = Duration::from_millis( - res.value_of("timeout") + res.get_one::("timeout") .unwrap() .to_string() .parse() diff --git a/fuzzers/libafl_atheris/src/lib.rs b/fuzzers/libafl_atheris/src/lib.rs index 82ebfb808f..e8c6b216c1 100644 --- a/fuzzers/libafl_atheris/src/lib.rs +++ b/fuzzers/libafl_atheris/src/lib.rs @@ -180,21 +180,21 @@ pub fn LLVMFuzzerRunDriver( env::current_dir().unwrap().to_string_lossy().to_string() ); - let cores = Cores::from_cmdline(matches.value_of("cores").unwrap()) + let cores = Cores::from_cmdline(matches.get_one::("cores").unwrap()) .expect("No valid core count given!"); let broker_port = matches - .value_of("broker_port") + .get_one::("broker_port") .map(|s| s.parse().expect("Invalid broker port")) .unwrap_or(1337); let remote_broker_addr = matches - .value_of("remote_broker_addr") + .get_one::("remote_broker_addr") .map(|s| s.parse().expect("Invalid broker address")); let input_dirs: Vec = matches .values_of("input") .map(|v| v.map(PathBuf::from).collect()) .unwrap_or_default(); let output_dir = matches - .value_of("output") + .get_one::("output") .map(PathBuf::from) .unwrap_or_else(|| workdir.clone()); let token_files: Vec<&str> = matches @@ -202,7 +202,7 @@ pub fn LLVMFuzzerRunDriver( .map(|v| v.collect()) .unwrap_or_default(); let timeout_ms = matches - .value_of("timeout") + .get_one::("timeout") .map(|s| s.parse().expect("Invalid timeout")) .unwrap_or(10000); // let cmplog_enabled = matches.is_present("cmplog"); diff --git a/fuzzers/libfuzzer_libpng_accounting/Cargo.toml b/fuzzers/libfuzzer_libpng_accounting/Cargo.toml index 429711e95f..ac16cc11cf 100644 --- a/fuzzers/libfuzzer_libpng_accounting/Cargo.toml +++ b/fuzzers/libfuzzer_libpng_accounting/Cargo.toml @@ -23,7 +23,7 @@ libafl = { path = "../../libafl/", features = ["std", "derive", "llmp_compressio libafl_targets = { path = "../../libafl_targets/", features = ["sancov_pcguard_hitcounts", "libfuzzer"] } # TODO Include it only when building cc libafl_cc = { path = "../../libafl_cc/" } -clap = { version = "3.2", features = ["derive"] } +clap = { version = "4.0", features = ["derive"] } mimalloc = { version = "*", default-features = false } [lib] diff --git a/fuzzers/libfuzzer_libpng_accounting/src/lib.rs b/fuzzers/libfuzzer_libpng_accounting/src/lib.rs index 18aa43ef42..9262bb1d27 100644 --- a/fuzzers/libfuzzer_libpng_accounting/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_accounting/src/lib.rs @@ -9,7 +9,7 @@ static GLOBAL: MiMalloc = MiMalloc; use core::time::Duration; use std::{env, net::SocketAddr, path::PathBuf}; -use clap::{self, StructOpt}; +use clap::Parser; use libafl::{ bolts::{ core_affinity::Cores, @@ -48,23 +48,23 @@ fn timeout_from_millis_str(time: &str) -> Result { } /// The commandline args this fuzzer accepts -#[derive(Debug, StructOpt)] -#[clap( +#[derive(Debug, Parser)] +#[command( name = "libfuzzer_libpng_launcher", about = "A libfuzzer-like fuzzer for libpng with llmp-multithreading support and a launcher", author = "Andrea Fioraldi , Dominik Maier " )] struct Opt { - #[clap( + #[arg( short, long, - parse(try_from_str = Cores::from_cmdline), + value_parser = Cores::from_cmdline, help = "Spawn a client in each of the provided cores. Broker runs in the 0th core. 'all' to select all available cores. 'none' to run a client without binding to any core. eg: '1,2-4,6' selects the cores 1,2,3,4,6.", name = "CORES" )] cores: Cores, - #[clap( + #[arg( short = 'p', long, help = "Choose the broker TCP port, default is 1337", @@ -73,47 +73,34 @@ struct Opt { )] broker_port: u16, - #[clap( - parse(try_from_str), - short = 'a', - long, - help = "Specify a remote broker", - name = "REMOTE" - )] + #[arg(short = 'a', long, help = "Specify a remote broker", name = "REMOTE")] remote_broker_addr: Option, - #[clap( - parse(try_from_str), - short, - long, - help = "Set an initial corpus directory", - name = "INPUT" - )] + #[arg(short, long, help = "Set an initial corpus directory", name = "INPUT")] input: Vec, - #[clap( + #[arg( short, long, - parse(try_from_str), help = "Set the output directory, default is ./out", name = "OUTPUT", default_value = "./out" )] output: PathBuf, - #[clap( - parse(try_from_str = timeout_from_millis_str), + #[arg( + value_parser = timeout_from_millis_str, short, long, - help = "Set the exeucution timeout in milliseconds, default is 10000", + help = "Set the execution timeout in milliseconds, default is 10000", name = "TIMEOUT", default_value = "10000" )] timeout: Duration, /* /// This fuzzer has hard-coded tokens - #[clap( - parse(from_os_str), + #[arg( + short = "x", long, help = "Feed the fuzzer with an user-specified list of tokens (often called \"dictionary\"", diff --git a/fuzzers/libfuzzer_libpng_ctx/Cargo.toml b/fuzzers/libfuzzer_libpng_ctx/Cargo.toml index 7b536789b4..65248bcdac 100644 --- a/fuzzers/libfuzzer_libpng_ctx/Cargo.toml +++ b/fuzzers/libfuzzer_libpng_ctx/Cargo.toml @@ -23,7 +23,7 @@ libafl = { path = "../../libafl/", features = ["std", "derive", "llmp_compressio libafl_targets = { path = "../../libafl_targets/", features = ["libfuzzer"] } # TODO Include it only when building cc libafl_cc = { path = "../../libafl_cc/" } -clap = { version = "3.2", features = ["derive"] } +clap = { version = "4.0", features = ["derive"] } mimalloc = { version = "*", default-features = false } [lib] diff --git a/fuzzers/libfuzzer_libpng_ctx/src/lib.rs b/fuzzers/libfuzzer_libpng_ctx/src/lib.rs index a27e128e3a..aaa6d93102 100644 --- a/fuzzers/libfuzzer_libpng_ctx/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_ctx/src/lib.rs @@ -9,7 +9,7 @@ static GLOBAL: MiMalloc = MiMalloc; use core::time::Duration; use std::{env, net::SocketAddr, path::PathBuf}; -use clap::{self, StructOpt}; +use clap::{self, Parser}; use libafl::{ bolts::{ core_affinity::Cores, @@ -44,23 +44,23 @@ fn timeout_from_millis_str(time: &str) -> Result { Ok(Duration::from_millis(time.parse()?)) } -#[derive(Debug, StructOpt)] -#[clap( +#[derive(Debug, Parser)] +#[command( name = "libfuzzer_libpng_ctx", about = "A clone of libfuzzer using LibAFL for a libpng harness", author = "Andrea Fioraldi , Dominik Maier " )] struct Opt { - #[clap( + #[arg( short, long, - parse(try_from_str = Cores::from_cmdline), + value_parser = Cores::from_cmdline, help = "Spawn a client in each of the provided cores. Broker runs in the 0th core. 'all' to select all available cores. 'none' to run a client without binding to any core. eg: '1,2-4,6' selects the cores 1,2,3,4,6.", name = "CORES" )] cores: Cores, - #[clap( + #[arg( short = 'p', long, help = "Choose the broker TCP port, default is 1337", @@ -69,38 +69,25 @@ struct Opt { )] broker_port: u16, - #[clap( - parse(try_from_str), - short = 'a', - long, - help = "Specify a remote broker", - name = "REMOTE" - )] + #[arg(short = 'a', long, help = "Specify a remote broker", name = "REMOTE")] remote_broker_addr: Option, - #[clap( - parse(try_from_str), - short, - long, - help = "Set an initial corpus directory", - name = "INPUT" - )] + #[arg(short, long, help = "Set an initial corpus directory", name = "INPUT")] input: Vec, - #[clap( + #[arg( short, long, - parse(try_from_str), help = "Set the output directory, default is ./out", name = "OUTPUT", default_value = "./out" )] output: PathBuf, - #[clap( + #[arg( short, long, - parse(try_from_str = timeout_from_millis_str), + value_parser = timeout_from_millis_str, help = "Set the exeucution timeout in milliseconds, default is 10000", name = "TIMEOUT", default_value = "10000", @@ -108,8 +95,8 @@ struct Opt { timeout: Duration, /* // The tokens are hardcoded in this example. - #[clap( - parse(from_os_str), + #[arg( + short = "x", long, help = "Feed the fuzzer with an user-specified list of tokens (often called \"dictionary\"", diff --git a/fuzzers/libfuzzer_libpng_launcher/Cargo.toml b/fuzzers/libfuzzer_libpng_launcher/Cargo.toml index 79bf25c31a..9a9dcefc7a 100644 --- a/fuzzers/libfuzzer_libpng_launcher/Cargo.toml +++ b/fuzzers/libfuzzer_libpng_launcher/Cargo.toml @@ -23,7 +23,7 @@ libafl = { path = "../../libafl/", features = ["std", "derive", "llmp_compressio libafl_targets = { path = "../../libafl_targets/", features = ["sancov_pcguard_hitcounts", "libfuzzer"] } # TODO Include it only when building cc libafl_cc = { path = "../../libafl_cc/" } -clap = { version = "3.2", features = ["derive"] } +clap = { version = "4.0", features = ["derive"] } mimalloc = { version = "*", default-features = false } [lib] diff --git a/fuzzers/libfuzzer_libpng_launcher/src/lib.rs b/fuzzers/libfuzzer_libpng_launcher/src/lib.rs index 8ec6fa64ff..ff1127e84d 100644 --- a/fuzzers/libfuzzer_libpng_launcher/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_launcher/src/lib.rs @@ -9,7 +9,7 @@ static GLOBAL: MiMalloc = MiMalloc; use core::time::Duration; use std::{env, net::SocketAddr, path::PathBuf}; -use clap::{self, StructOpt}; +use clap::{self, Parser}; use libafl::{ bolts::{ core_affinity::Cores, @@ -46,23 +46,23 @@ fn timeout_from_millis_str(time: &str) -> Result { } /// The commandline args this fuzzer accepts -#[derive(Debug, StructOpt)] -#[clap( +#[derive(Debug, Parser)] +#[command( name = "libfuzzer_libpng_launcher", about = "A libfuzzer-like fuzzer for libpng with llmp-multithreading support and a launcher", author = "Andrea Fioraldi , Dominik Maier " )] struct Opt { - #[clap( + #[arg( short, long, - parse(try_from_str = Cores::from_cmdline), + value_parser = Cores::from_cmdline, help = "Spawn a client in each of the provided cores. Broker runs in the 0th core. 'all' to select all available cores. 'none' to run a client without binding to any core. eg: '1,2-4,6' selects the cores 1,2,3,4,6.", name = "CORES" )] cores: Cores, - #[clap( + #[arg( short = 'p', long, help = "Choose the broker TCP port, default is 1337", @@ -71,36 +71,23 @@ struct Opt { )] broker_port: u16, - #[clap( - parse(try_from_str), - short = 'a', - long, - help = "Specify a remote broker", - name = "REMOTE" - )] + #[arg(short = 'a', long, help = "Specify a remote broker", name = "REMOTE")] remote_broker_addr: Option, - #[clap( - parse(try_from_str), - short, - long, - help = "Set an initial corpus directory", - name = "INPUT" - )] + #[arg(short, long, help = "Set an initial corpus directory", name = "INPUT")] input: Vec, - #[clap( + #[arg( short, long, - parse(try_from_str), help = "Set the output directory, default is ./out", name = "OUTPUT", default_value = "./out" )] output: PathBuf, - #[clap( - parse(try_from_str = timeout_from_millis_str), + #[arg( + value_parser = timeout_from_millis_str, short, long, help = "Set the exeucution timeout in milliseconds, default is 10000", @@ -110,8 +97,8 @@ struct Opt { timeout: Duration, /* /// This fuzzer has hard-coded tokens - #[clap( - parse(from_os_str), + #[arg( + short = "x", long, help = "Feed the fuzzer with an user-specified list of tokens (often called \"dictionary\"", diff --git a/fuzzers/libfuzzer_stb_image_concolic/fuzzer/Cargo.toml b/fuzzers/libfuzzer_stb_image_concolic/fuzzer/Cargo.toml index 5f4e4c4642..6394e7cbb5 100644 --- a/fuzzers/libfuzzer_stb_image_concolic/fuzzer/Cargo.toml +++ b/fuzzers/libfuzzer_stb_image_concolic/fuzzer/Cargo.toml @@ -18,7 +18,7 @@ debug = true [dependencies] libafl = { path = "../../../libafl/", features = ["concolic_mutation"] } libafl_targets = { path = "../../../libafl_targets/", features = ["sancov_pcguard_edges", "sancov_cmplog", "libfuzzer"] } -clap = { version = "3.2", features = ["derive"]} +clap = { version = "4.0", features = ["derive"]} mimalloc = { version = "*", default-features = false } [build-dependencies] diff --git a/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs b/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs index 72ace93774..8455d45243 100644 --- a/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs +++ b/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs @@ -4,7 +4,7 @@ use mimalloc::MiMalloc; #[global_allocator] static GLOBAL: MiMalloc = MiMalloc; -use clap::{self, StructOpt}; +use clap::{self, Parser}; use std::{ env, path::PathBuf, @@ -54,10 +54,10 @@ use libafl_targets::{ MAX_EDGES_NUM, }; -#[derive(Debug, StructOpt)] +#[derive(Debug, Parser)] struct Opt { /// This node should do concolic tracing + solving instead of traditional fuzzing - #[clap(short, long)] + #[arg(short, long)] concolic: bool, } diff --git a/libafl/Cargo.toml b/libafl/Cargo.toml index d659fa2fa7..fb02470891 100644 --- a/libafl/Cargo.toml +++ b/libafl/Cargo.toml @@ -19,7 +19,7 @@ fork = [] # uses the fork() syscall to spawn children, instead of launching a ne rand_trait = ["rand_core"] # If set, libafl's rand implementations will implement `rand::Rng` introspection = [] # Include performance statistics of the fuzzing pipeline concolic_mutation = ["z3"] # include a simple concolic mutator based on z3 -python = ["pyo3"] +python = ["pyo3", "concat-idents"] prelude = [] # Expose libafl::prelude for access without additional using directives tui_monitor = ["tui", "crossterm"] # enable TuiMonitor with crossterm cli = ["clap"] # expose bolts::cli @@ -45,7 +45,7 @@ rustversion = "1.0" [dev-dependencies] serde_json = { version = "1.0", default-features = false, features = ["alloc"] } -serial_test = "0.8" +serial_test = "0.9" [dependencies] libafl_derive = { version = "0.8.2", optional = true, path = "../libafl_derive" } @@ -62,47 +62,46 @@ bincode = {version = "1.3", optional = true } static_assertions = "1.1.0" num_enum = { version = "0.5.7", default-features = false } typed-builder = "0.10.0" # Implement the builder pattern at compiletime -ahash = { version = "0.7", default-features=false, features=["compile-time-rng"] } # The hash function already used in hashbrown +ahash = { version = "0.7", default-features=false } # The hash function already used in hashbrown intervaltree = { version = "0.2.7", default-features = false, features = ["serde"] } backtrace = {version = "0.3", optional = true} # Used to get the stacktrace in StacktraceObserver ctor = { optional = true, version = "0.1" } serde_json = { version = "1.0", optional = true, default-features = false, features = ["alloc"] } -miniz_oxide = { version = "0.5.3", optional = true} +miniz_oxide = { version = "0.6.2", optional = true} hostname = { version = "^0.3", optional = true } # Is there really no gethostname in the stdlib? rand_core = { version = "0.6", optional = true } -nix = { version = "0.24", optional = true } +nix = { version = "0.25", optional = true } regex = { version = "1", optional = true } uuid = { version = "1.1.2", optional = true, features = ["serde", "v4"] } byteorder = { version = "1.4", optional = true } once_cell = { version = "1.13", optional = true } libm = "0.2.2" -tui = { version = "0.18", default-features = false, features = ['crossterm'], optional = true } -crossterm = { version = "0.24", optional = true } -clap = {version = "3.2", features = ["derive", "wrap_help"], optional = true} +tui = { version = "0.19", default-features = false, features = ['crossterm'], optional = true } +crossterm = { version = "0.25", optional = true } +clap = {version = "4.0", features = ["derive", "wrap_help"], optional = true} wait-timeout = { version = "0.2", optional = true } # used by CommandExecutor to wait for child process z3 = { version = "0.11", features = ["static-link-z3"], optional = true } # for concolic mutation -pyo3 = { version = "0.15", optional = true, features = ["serde", "macros"] } -concat-idents = "1.1.3" +pyo3 = { version = "0.17", optional = true, features = ["serde", "macros"] } +concat-idents = { version = "1.1.3", optional = true } # AGPL # !!! this create requires nightly -grammartec = { version = "0.1", optional = true } +grammartec = { version = "0.2", optional = true } [target.'cfg(unix)'.dependencies] libc = "0.2" # For (*nix) libc uds = "0.2.6" lock_api = "0.4.7" -regex = "1" [target.'cfg(windows)'.dependencies] -windows = { version = "0.39.0", features = ["Win32_Foundation", "Win32_System_Threading", "Win32_System_Diagnostics_Debug", "Win32_System_Kernel", "Win32_System_Memory", "Win32_Security", "Win32_System_SystemInformation"] } +windows = { version = "0.42.0", features = ["Win32_Foundation", "Win32_System_Threading", "Win32_System_Diagnostics_Debug", "Win32_System_Kernel", "Win32_System_Memory", "Win32_Security", "Win32_System_SystemInformation"] } [target.'cfg(windows)'.build-dependencies] -windows = "0.39.0" +windows = "0.42.0" #[profile.release] #lto = true diff --git a/libafl/src/bolts/cli.rs b/libafl/src/bolts/cli.rs index 7b8320e1c5..e475874d80 100644 --- a/libafl/src/bolts/cli.rs +++ b/libafl/src/bolts/cli.rs @@ -106,7 +106,7 @@ fn parse_instrumentation_location( /// Top-level container for cli options/arguments/subcommands #[derive(Parser, Clone, Debug, Serialize, Deserialize)] -#[clap( +#[command( arg_required_else_help(true), subcommand_precedence_over_arg(true), args_conflicts_with_subcommands(true) @@ -114,48 +114,48 @@ fn parse_instrumentation_location( #[allow(clippy::struct_excessive_bools)] pub struct FuzzerOptions { /// timeout for each target execution (milliseconds) - #[clap(short, long, default_value = "1000", parse(try_from_str = parse_timeout), help_heading = "Fuzz Options")] + #[arg(short, long, default_value = "1000", value_parser = parse_timeout, help_heading = "Fuzz Options")] pub timeout: Duration, /// whether or not to print debug info - #[clap(short, long)] + #[arg(short, long)] pub verbose: bool, /// file to which all client output should be written - #[clap(short, long, default_value = "/dev/null")] + #[arg(short, long, default_value = "/dev/null")] pub stdout: String, /// the name of the configuration to use - #[clap(long, default_value = "default configuration")] + #[arg(long, default_value = "default configuration")] pub configuration: String, /// enable Address Sanitizer (ASAN) - #[clap(short = 'A', long, help_heading = "Fuzz Options")] + #[arg(short = 'A', long, help_heading = "Fuzz Options")] pub asan: bool, /// Enable ASAN on each of the provided cores. Use 'all' to select all available /// cores. 'none' to run a client without binding to any core. /// ex: '1,2-4,6' selects the cores 1, 2, 3, 4, and 6. #[cfg(feature = "frida_cli")] - #[clap(long, default_value = "0", parse(try_from_str = Cores::from_cmdline), help_heading = "ASAN Options")] + #[arg(long, default_value = "0", value_parser = Cores::from_cmdline, help_heading = "ASAN Options")] pub asan_cores: Cores, /// number of fuzz iterations to perform - #[clap(short = 'I', long, help_heading = "Fuzz Options", default_value = "0")] + #[arg(short = 'I', long, help_heading = "Fuzz Options", default_value = "0")] pub iterations: usize, /// path to the harness - #[clap(short = 'H', long, parse(from_os_str), help_heading = "Fuzz Options")] + #[arg(short = 'H', long, help_heading = "Fuzz Options")] pub harness: Option, /// trailing arguments (after "--"); can be passed directly to the harness #[cfg(not(feature = "qemu_cli"))] - #[clap(last = true, name = "HARNESS_ARGS")] + #[arg(last = true, value_name = "HARNESS_ARGS")] pub harness_args: Vec, /// harness function to call #[cfg(feature = "frida_cli")] - #[clap( + #[arg( short = 'F', long, default_value = "LLVMFuzzerTestOneInput", @@ -165,17 +165,17 @@ pub struct FuzzerOptions { /// additional libraries to instrument #[cfg(feature = "frida_cli")] - #[clap(short, long, help_heading = "Frida Options")] + #[arg(short, long, help_heading = "Frida Options")] pub libs_to_instrument: Vec, /// enable CmpLog instrumentation #[cfg_attr( feature = "frida_cli", - clap(short = 'C', long, help_heading = "Frida Options") + arg(short = 'C', long, help_heading = "Frida Options") )] #[cfg_attr( not(feature = "frida_cli"), - clap(short = 'C', long, help_heading = "Fuzz Options") + arg(short = 'C', long, help_heading = "Fuzz Options") )] pub cmplog: bool, @@ -183,27 +183,27 @@ pub struct FuzzerOptions { /// cores. 'none' to run a client without binding to any core. /// ex: '1,2-4,6' selects the cores 1, 2, 3, 4, and 6. #[cfg(feature = "frida_cli")] - #[clap(long, default_value = "0", parse(try_from_str = Cores::from_cmdline), help_heading = "Frida Options")] + #[arg(long, default_value = "0", value_parser = Cores::from_cmdline, help_heading = "Frida Options")] pub cmplog_cores: Cores, /// enable ASAN leak detection #[cfg(feature = "frida_cli")] - #[clap(short, long, help_heading = "ASAN Options")] + #[arg(short, long, help_heading = "ASAN Options")] pub detect_leaks: bool, /// instruct ASAN to continue after a memory error is detected #[cfg(feature = "frida_cli")] - #[clap(long, help_heading = "ASAN Options")] + #[arg(long, help_heading = "ASAN Options")] pub continue_on_error: bool, /// instruct ASAN to gather (and report) allocation-/free-site backtraces #[cfg(feature = "frida_cli")] - #[clap(long, help_heading = "ASAN Options")] + #[arg(long, help_heading = "ASAN Options")] pub allocation_backtraces: bool, /// the maximum size that the ASAN allocator should allocate #[cfg(feature = "frida_cli")] - #[clap( + #[arg( short, long, default_value = "1073741824", // 1_usize << 30 @@ -213,7 +213,7 @@ pub struct FuzzerOptions { /// the maximum total allocation size that the ASAN allocator should allocate #[cfg(feature = "frida_cli")] - #[clap( + #[arg( short = 'M', long, default_value = "4294967296", // 1_usize << 32 @@ -223,56 +223,47 @@ pub struct FuzzerOptions { /// instruct ASAN to panic if the max ASAN allocation size is exceeded #[cfg(feature = "frida_cli")] - #[clap(long, help_heading = "ASAN Options")] + #[arg(long, help_heading = "ASAN Options")] pub max_allocation_panics: bool, /// disable coverage #[cfg(feature = "frida_cli")] - #[clap(long, help_heading = "Frida Options")] + #[arg(long, help_heading = "Frida Options")] pub disable_coverage: bool, /// enable DrCov (aarch64 only) #[cfg(feature = "frida_cli")] - #[clap(long, help_heading = "Frida Options")] + #[arg(long, help_heading = "Frida Options")] pub drcov: bool, /// locations which will not be instrumented for ASAN or coverage purposes (ex: mod_name@0x12345) #[cfg(feature = "frida_cli")] - #[clap(short = 'D', long, help_heading = "Frida Options", parse(try_from_str = parse_instrumentation_location), multiple_occurrences = true)] + #[arg(short = 'D', long, help_heading = "Frida Options", value_parser = parse_instrumentation_location)] pub dont_instrument: Vec<(String, usize)>, /// trailing arguments (after "--"); can be passed directly to QEMU #[cfg(feature = "qemu_cli")] - #[clap(last = true)] + #[arg(last = true)] pub qemu_args: Vec, /// paths to fuzzer token files (aka 'dictionaries') - #[clap( - short = 'x', - long, - multiple_values = true, - parse(from_os_str), - help_heading = "Fuzz Options" - )] + #[arg(short = 'x', long, help_heading = "Fuzz Options")] pub tokens: Vec, /// input corpus directories - #[clap( + #[arg( short, long, default_values = &["corpus/"], - multiple_values = true, - parse(from_os_str), help_heading = "Corpus Options" )] pub input: Vec, /// output solutions directory - #[clap( + #[arg( short, long, default_value = "solutions/", - parse(from_os_str), help_heading = "Corpus Options" )] pub output: PathBuf, @@ -280,27 +271,26 @@ pub struct FuzzerOptions { /// Spawn a client in each of the provided cores. Use 'all' to select all available /// cores. 'none' to run a client without binding to any core. /// ex: '1,2-4,6' selects the cores 1, 2, 3, 4, and 6. - #[clap(short = 'c', long, default_value = "0", parse(try_from_str = Cores::from_cmdline))] + #[arg(short = 'c', long, default_value = "0", value_parser = Cores::from_cmdline)] pub cores: Cores, /// port on which the broker should listen - #[clap(short = 'p', long, default_value = "1337", name = "PORT")] + #[arg(short = 'p', long, default_value = "1337", value_name = "PORT")] pub broker_port: u16, /// ip:port where a remote broker is already listening - #[clap(short = 'a', long, parse(try_from_str), name = "REMOTE")] + #[arg(short = 'a', long, value_name = "REMOTE")] pub remote_broker_addr: Option, /// path to file that should be sent to the harness for crash reproduction - #[clap(short, long, parse(from_os_str), help_heading = "Replay Options")] + #[arg(short, long, help_heading = "Replay Options")] pub replay: Option, /// Run the same replay input multiple times - #[clap( + #[arg( short = 'R', long, default_missing_value = "1", - min_values = 0, help_heading = "Replay Options", requires = "replay" )] @@ -319,10 +309,10 @@ impl FuzzerOptions { /// fn custom_func(_: &str) {} // not relevant; just for illustrative purposes /// /// #[derive(Parser, Debug)] - /// #[clap(name = "custom")] // the name of the new subcommand + /// #[arg(name = "custom")] // the name of the new subcommand /// struct CustomFooParser { /// /// a very cromulent option - /// #[clap(short, long)] + /// #[arg(short, long)] /// bar: String, /// } /// @@ -342,7 +332,7 @@ impl FuzzerOptions { /// /// // process the results /// if let Some(("custom", sub_matches)) = matches.subcommand() { - /// custom_func(sub_matches.value_of("bar").unwrap()) + /// custom_func(sub_matches.get_one::("bar").unwrap()) /// } /// /// println!("{:?}", matches); diff --git a/libafl/src/bolts/core_affinity.rs b/libafl/src/bolts/core_affinity.rs index 1622c3fbf5..92da456129 100644 --- a/libafl/src/bolts/core_affinity.rs +++ b/libafl/src/bolts/core_affinity.rs @@ -384,7 +384,7 @@ mod windows { let mut outga = GROUP_AFFINITY::default(); - let result = SetThreadGroupAffinity(GetCurrentThread(), &ga, &mut outga); + let result = SetThreadGroupAffinity(GetCurrentThread(), &ga, Some(&mut outga)); if result.0 == 0 { Err(Error::unknown("Failed to set_for_current")) } else { diff --git a/libafl/src/bolts/rands.rs b/libafl/src/bolts/rands.rs index ccc6491aaa..9aab25294d 100644 --- a/libafl/src/bolts/rands.rs +++ b/libafl/src/bolts/rands.rs @@ -443,6 +443,7 @@ pub mod pybind { use crate::bolts::{current_nanos, rands::StdRand}; #[pyclass(unsendable, name = "StdRand")] + #[allow(clippy::unsafe_derive_deserialize)] #[derive(Serialize, Deserialize, Debug, Clone)] /// Python class for StdRand pub struct PythonStdRand { @@ -478,6 +479,7 @@ pub mod pybind { /// Rand Trait binding #[pyclass(unsendable, name = "Rand")] + #[allow(clippy::unsafe_derive_deserialize)] #[derive(Serialize, Deserialize, Debug, Clone)] pub struct PythonRand { wrapper: PythonRandWrapper, diff --git a/libafl/src/bolts/shmem.rs b/libafl/src/bolts/shmem.rs index b1aecbf005..47542bbf17 100644 --- a/libafl/src/bolts/shmem.rs +++ b/libafl/src/bolts/shmem.rs @@ -1159,7 +1159,7 @@ pub mod win32_shmem { use core::{ ffi::c_void, fmt::{self, Debug, Formatter}, - ptr, slice, + slice, }; use uuid::Uuid; @@ -1214,7 +1214,7 @@ pub mod win32_shmem { map_str_bytes[19] = 0; // Trucate to size 20 let handle = CreateFileMappingA( HANDLE(INVALID_HANDLE_VALUE), - ptr::null_mut(), + None, PAGE_READWRITE, 0, map_size as u32, diff --git a/libafl/src/corpus/cached.rs b/libafl/src/corpus/cached.rs index 328540dda3..0ce2680e47 100644 --- a/libafl/src/corpus/cached.rs +++ b/libafl/src/corpus/cached.rs @@ -150,6 +150,7 @@ pub mod pybind { }; #[pyclass(unsendable, name = "CachedOnDiskCorpus")] + #[allow(clippy::unsafe_derive_deserialize)] #[derive(Serialize, Deserialize, Debug, Clone)] /// Python class for CachedOnDiskCorpus pub struct PythonCachedOnDiskCorpus { diff --git a/libafl/src/corpus/inmemory.rs b/libafl/src/corpus/inmemory.rs index 367cd43500..c442c9d424 100644 --- a/libafl/src/corpus/inmemory.rs +++ b/libafl/src/corpus/inmemory.rs @@ -104,6 +104,7 @@ pub mod pybind { }; #[pyclass(unsendable, name = "InMemoryCorpus")] + #[allow(clippy::unsafe_derive_deserialize)] #[derive(Serialize, Deserialize, Debug, Clone)] /// Python class for InMemoryCorpus pub struct PythonInMemoryCorpus { diff --git a/libafl/src/corpus/ondisk.rs b/libafl/src/corpus/ondisk.rs index 2b042b75fa..63edb3c13e 100644 --- a/libafl/src/corpus/ondisk.rs +++ b/libafl/src/corpus/ondisk.rs @@ -247,6 +247,7 @@ pub mod pybind { }; #[pyclass(unsendable, name = "OnDiskCorpus")] + #[allow(clippy::unsafe_derive_deserialize)] #[derive(Serialize, Deserialize, Debug, Clone)] /// Python class for OnDiskCorpus pub struct PythonOnDiskCorpus { diff --git a/libafl/src/executors/mod.rs b/libafl/src/executors/mod.rs index 382623c14e..dd151fb37c 100644 --- a/libafl/src/executors/mod.rs +++ b/libafl/src/executors/mod.rs @@ -205,6 +205,7 @@ pub mod pybind { }; #[pyclass(unsendable, name = "ExitKind")] + #[allow(clippy::unsafe_derive_deserialize)] #[derive(Clone, Debug, Serialize, Deserialize)] pub struct PythonExitKind { pub inner: ExitKind, diff --git a/libafl/src/executors/timeout.rs b/libafl/src/executors/timeout.rs index f061355a24..2d48439e9f 100644 --- a/libafl/src/executors/timeout.rs +++ b/libafl/src/executors/timeout.rs @@ -232,8 +232,8 @@ impl TimeoutExecutor { let tp_timer = unsafe { CreateThreadpoolTimer( Some(timeout_handler), - addr_of_mut!(GLOBAL_STATE) as *mut c_void, - &TP_CALLBACK_ENVIRON_V3::default(), + Some(addr_of_mut!(GLOBAL_STATE) as *mut c_void), + Some(&TP_CALLBACK_ENVIRON_V3::default()), ) }; let mut critical = RTL_CRITICAL_SECTION::default(); @@ -301,7 +301,7 @@ where LeaveCriticalSection(&mut self.critical); compiler_fence(Ordering::SeqCst); - SetThreadpoolTimer(self.tp_timer, &ft, 0, 0); + SetThreadpoolTimer(self.tp_timer, Some(&ft), 0, 0); let ret = self.executor.run_target(fuzzer, state, mgr, input); @@ -326,7 +326,7 @@ where /// Will dereference the given `tp_timer` pointer, unchecked. fn post_run_reset(&mut self) { unsafe { - SetThreadpoolTimer(self.tp_timer, core::ptr::null(), 0, 0); + SetThreadpoolTimer(self.tp_timer, None, 0, 0); } self.executor.post_run_reset(); } diff --git a/libafl/src/observers/map.rs b/libafl/src/observers/map.rs index 6400b7f181..5afea59d9f 100644 --- a/libafl/src/observers/map.rs +++ b/libafl/src/observers/map.rs @@ -2009,6 +2009,7 @@ pub mod pybind { } #[pyclass(unsendable, name = $py_name2)] + #[allow(clippy::unsafe_derive_deserialize)] #[derive(Serialize, Deserialize, Debug, Clone)] /// Python class for OwnedMapObserver (i.e. StdMapObserver with owned map) pub struct $struct_name2 { @@ -2079,6 +2080,7 @@ pub mod pybind { // Should not be exposed to user #[pyclass(unsendable, name = $py_name_trait)] + #[allow(clippy::unsafe_derive_deserialize)] #[derive(Serialize, Deserialize, Debug, Clone)] /// MapObserver + Observer Trait binding pub struct $struct_name_trait { diff --git a/libafl/src/observers/mod.rs b/libafl/src/observers/mod.rs index 755520c653..b73d8fad03 100644 --- a/libafl/src/observers/mod.rs +++ b/libafl/src/observers/mod.rs @@ -458,6 +458,7 @@ pub mod pybind { } #[pyclass(unsendable, name = "Observer")] + #[allow(clippy::unsafe_derive_deserialize)] #[derive(Serialize, Deserialize, Clone, Debug)] /// Observer Trait binding pub struct PythonObserver { @@ -797,6 +798,7 @@ pub mod pybind { } #[derive(Serialize, Deserialize, Clone, Debug)] + #[allow(clippy::unsafe_derive_deserialize)] #[pyclass(unsendable, name = "ObserversTuple")] pub struct PythonObserversTuple { list: Vec, diff --git a/libafl_concolic/symcc_runtime/Cargo.toml b/libafl_concolic/symcc_runtime/Cargo.toml index d1f7bc6650..016da18ee5 100644 --- a/libafl_concolic/symcc_runtime/Cargo.toml +++ b/libafl_concolic/symcc_runtime/Cargo.toml @@ -26,7 +26,7 @@ libafl = {path = "../../libafl", version="0.8", default-features=false, features [build-dependencies] cmake = "0.1" -bindgen = "0.60" +bindgen = "0.61" regex = "1" lazy_static = "1.4" which = "4.2" diff --git a/libafl_concolic/test/dump_constraints/Cargo.toml b/libafl_concolic/test/dump_constraints/Cargo.toml index 20b647e863..b24a232f3b 100644 --- a/libafl_concolic/test/dump_constraints/Cargo.toml +++ b/libafl_concolic/test/dump_constraints/Cargo.toml @@ -15,4 +15,4 @@ categories = ["development-tools::testing", "emulators", "embedded", "os", "no-s [dependencies] libafl = {path = "../../../libafl"} -clap = { version = "3.2", features = ["derive"] } +clap = { version = "4.0", features = ["derive"] } diff --git a/libafl_concolic/test/dump_constraints/src/main.rs b/libafl_concolic/test/dump_constraints/src/main.rs index 6488309398..efb7f89cc2 100644 --- a/libafl_concolic/test/dump_constraints/src/main.rs +++ b/libafl_concolic/test/dump_constraints/src/main.rs @@ -11,7 +11,7 @@ use std::{ string::ToString, }; -use clap::{self, StructOpt}; +use clap::{self, Parser}; use libafl::{ bolts::{ shmem::{ShMem, ShMemProvider, StdShMemProvider}, @@ -23,38 +23,38 @@ use libafl::{ }, }; -#[derive(Debug, StructOpt)] -#[clap( +#[derive(Debug, Parser)] +#[command( name = "dump_constraints", about = "Dump tool for concolic constraints." )] struct Opt { /// Outputs plain text instead of binary - #[clap(short, long)] + #[arg(short, long)] plain_text: bool, /// Outputs coverage information to the given file - #[clap(short, long)] + #[arg(short, long)] coverage_file: Option, /// Symbolizes only the given input file offsets. - #[clap(short, long)] + #[arg(short, long)] symbolize_offsets: Option>, /// Concretize all floating point operations. - #[clap(long)] + #[arg(long)] no_float: bool, /// Prune expressions from high-frequency code locations. - #[clap(long)] + #[arg(long)] prune: bool, /// Trace file path, "trace" by default. - #[clap(parse(from_os_str), short, long)] + #[arg(short, long)] output: Option, /// Target program and arguments - #[clap(last = true)] + #[arg(last = true)] program: Vec, } diff --git a/libafl_frida/Cargo.toml b/libafl_frida/Cargo.toml index 66bce72304..7c6c2a6eaa 100644 --- a/libafl_frida/Cargo.toml +++ b/libafl_frida/Cargo.toml @@ -22,7 +22,7 @@ cc = { version = "1.0", features = ["parallel"] } libafl = { path = "../libafl", version = "0.8.2", features = ["std", "libafl_derive", "frida_cli"] } libafl_targets = { path = "../libafl_targets", version = "0.8.2", features = ["std", "sancov_cmplog"] } -nix = "0.24" +nix = "0.25" libc = "0.2" hashbrown = "0.12" libloading = "0.7" diff --git a/libafl_nyx/Cargo.toml b/libafl_nyx/Cargo.toml index 1133c797c3..db42f2457e 100644 --- a/libafl_nyx/Cargo.toml +++ b/libafl_nyx/Cargo.toml @@ -15,5 +15,5 @@ categories = ["development-tools::testing", "emulators", "embedded", "os", "no-s [target.'cfg(target_os = "linux")'.dependencies] libnyx = {git = "https://github.com/nyx-fuzz/libnyx.git",rev = "acaf7f6"} -libafl = { path = "../libafl", version = "0.8.0", features = ["std", "libafl_derive", "frida_cli" ]} -libafl_targets = { path = "../libafl_targets", version = "0.8.0", features = ["std", "sancov_cmplog"] } +libafl = { path = "../libafl", version = "0.8.2", features = ["std", "libafl_derive", "frida_cli" ]} +libafl_targets = { path = "../libafl_targets", version = "0.8.2", features = ["std", "sancov_cmplog"] } diff --git a/libafl_qemu/Cargo.toml b/libafl_qemu/Cargo.toml index e24dd23fdc..132d2738b9 100644 --- a/libafl_qemu/Cargo.toml +++ b/libafl_qemu/Cargo.toml @@ -44,12 +44,12 @@ bio = "0.41" thread_local = "1.1.4" capstone = "0.11.0" #pyo3 = { version = "0.15", features = ["extension-module"], optional = true } -pyo3 = { version = "0.15", optional = true } +pyo3 = { version = "0.17", features = ["pyproto"], optional = true } [build-dependencies] cc = { version = "1.0" } which = "4.2" -pyo3-build-config = { version = "0.16", optional = true } +pyo3-build-config = { version = "0.15", optional = true } [lib] name = "libafl_qemu" diff --git a/libafl_sugar/Cargo.toml b/libafl_sugar/Cargo.toml index c8bd9dbe77..5f779f588f 100644 --- a/libafl_sugar/Cargo.toml +++ b/libafl_sugar/Cargo.toml @@ -24,7 +24,7 @@ arm = ["libafl_qemu/arm"] # build qemu for arm aarch64 = ["libafl_qemu/aarch64"] # build qemu for aarch64 [build-dependencies] -pyo3-build-config = { version = "0.16", optional = true } +pyo3-build-config = { version = "0.15", optional = true } [dependencies] libafl = { path = "../libafl", version = "0.8.2" } @@ -32,8 +32,8 @@ libafl_targets = { path = "../libafl_targets", version = "0.8.2" } libafl_qemu = { path = "../libafl_qemu", version = "0.8.2" } typed-builder = "0.10.0" # Implement the builder pattern at compiletime -#pyo3 = { version = "0.15", features = ["extension-module"], optional = true } -pyo3 = { version = "0.15", optional = true } +#pyo3 = { version = "0.17", features = ["extension-module"], optional = true } +pyo3 = { version = "0.17", optional = true } [lib] name = "libafl_sugar" diff --git a/utils/gramatron/construct_automata/Cargo.toml b/utils/gramatron/construct_automata/Cargo.toml index 9cab5e557b..677ba968cd 100644 --- a/utils/gramatron/construct_automata/Cargo.toml +++ b/utils/gramatron/construct_automata/Cargo.toml @@ -20,4 +20,4 @@ regex = "1" postcard = "1.0" lazy_static = "1.4.0" libafl = { path = "../../../libafl" } -clap = { version = "3.2", features = ["derive"] } +clap = { version = "4.0", features = ["derive"] } diff --git a/utils/gramatron/construct_automata/src/main.rs b/utils/gramatron/construct_automata/src/main.rs index d1615dec33..e5420a4b2c 100644 --- a/utils/gramatron/construct_automata/src/main.rs +++ b/utils/gramatron/construct_automata/src/main.rs @@ -6,21 +6,20 @@ use std::{ rc::Rc, }; -use clap::{self, StructOpt}; +use clap::{self, Parser}; use lazy_static::lazy_static; use libafl::generators::gramatron::{Automaton, Trigger}; use regex::Regex; use serde_json::Value; -#[derive(Debug, StructOpt)] -#[clap( +#[derive(Debug, Parser)] +#[command( name = "construct_automata", about = "Generate a serialized Automaton using a json GNF grammar", author = "Andrea Fioraldi " )] struct Opt { - #[clap( - parse(try_from_str), + #[arg( short, long = "grammar-file", name = "GRAMMAR", @@ -28,8 +27,7 @@ struct Opt { )] grammar: PathBuf, - #[clap( - parse(try_from_str), + #[arg( short, long, name = "LIMIT", @@ -38,13 +36,7 @@ struct Opt { )] limit: usize, - #[clap( - parse(try_from_str), - short, - long, - help = "Set the output file", - name = "OUTPUT" - )] + #[arg(short, long, help = "Set the output file", name = "OUTPUT")] output: PathBuf, } diff --git a/utils/libafl_benches/Cargo.toml b/utils/libafl_benches/Cargo.toml index 6f89b43d6c..19822a9865 100644 --- a/utils/libafl_benches/Cargo.toml +++ b/utils/libafl_benches/Cargo.toml @@ -1,7 +1,7 @@ [package] authors = ["Andrea Fioraldi ", "Dominik Maier "] name = "libafl_benches" -version = "0.8.2" +version.workspace = true edition = "2021" description = "LibAFL Benchmarks" documentation = "https://docs.rs/libafl" @@ -13,7 +13,7 @@ categories = ["development-tools::testing", "emulators", "embedded", "os", "no-s [dev-dependencies] criterion = "0.3" # Benchmarking -ahash = { version = "0.7", default-features=false, features=["compile-time-rng"] } # The hash function already used in hashbrown +ahash = { version = "0.7", default-features=false } # The hash function already used in hashbrown rustc-hash = { version = "1.1", default-features=false } # yet another hash xxhash-rust = { version = "0.8.5", features = ["xxh3"] } # xxh3 hashing for rust libafl = { path = "../../libafl", default-features=false } # libafl