From ee9eb3eef17f04866377fefc332bb304e7bf4bc3 Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Sun, 1 Oct 2023 14:46:21 +0200 Subject: [PATCH] Revert "Update cmplog-routines-pass.cc (#1589)" (#1591) This reverts commit d2ff88f6ff6ec38c16200e9ee59c180412430120. --- libafl_cc/src/cmplog-routines-pass.cc | 204 +------------------------- 1 file changed, 6 insertions(+), 198 deletions(-) diff --git a/libafl_cc/src/cmplog-routines-pass.cc b/libafl_cc/src/cmplog-routines-pass.cc index b072bf9bb0..437917d3f0 100644 --- a/libafl_cc/src/cmplog-routines-pass.cc +++ b/libafl_cc/src/cmplog-routines-pass.cc @@ -172,14 +172,12 @@ char CmpLogRoutines::ID = 0; #endif bool CmpLogRoutines::hookRtns(Module &M) { - std::vector calls, llvmStdStd, llvmStdC, gccStdStd, gccStdC, - Memcmp, Strcmp, Strncmp; - LLVMContext &C = M.getContext(); + std::vector calls, llvmStdStd, llvmStdC, gccStdStd, gccStdC; + LLVMContext &C = M.getContext(); Type *VoidTy = Type::getVoidTy(C); // PointerType *VoidPtrTy = PointerType::get(VoidTy, 0); IntegerType *Int8Ty = IntegerType::getInt8Ty(C); - IntegerType *Int64Ty = IntegerType::getInt64Ty(C); PointerType *i8PtrTy = PointerType::get(Int8Ty, 0); #if LLVM_VERSION_MAJOR < 9 @@ -271,60 +269,6 @@ bool CmpLogRoutines::hookRtns(Module &M) { FunctionCallee cmplogGccStdC = c4; #endif -#if LLVM_VERSION_MAJOR >= 9 - FunctionCallee -#else - Constant * -#endif - c5 = M.getOrInsertFunction("__cmplog_rtn_hook_n", VoidTy, i8PtrTy, - i8PtrTy, Int64Ty -#if LLVM_VERSION_MAJOR < 5 - , - NULL -#endif - ); -#if LLVM_VERSION_MAJOR >= 9 - FunctionCallee cmplogHookFnN = c5; -#else - Function *cmplogHookFnN = cast(c5); -#endif - -#if LLVM_VERSION_MAJOR >= 9 - FunctionCallee -#else - Constant * -#endif - c6 = M.getOrInsertFunction("__cmplog_rtn_hook_strn", VoidTy, i8PtrTy, - i8PtrTy, Int64Ty -#if LLVM_VERSION_MAJOR < 5 - , - NULL -#endif - ); -#if LLVM_VERSION_MAJOR >= 9 - FunctionCallee cmplogHookFnStrN = c6; -#else - Function *cmplogHookFnStrN = cast(c6); -#endif - -#if LLVM_VERSION_MAJOR >= 9 - FunctionCallee -#else - Constant * -#endif - c7 = M.getOrInsertFunction("__cmplog_rtn_hook_str", VoidTy, i8PtrTy, - i8PtrTy -#if LLVM_VERSION_MAJOR < 5 - , - NULL -#endif - ); -#if LLVM_VERSION_MAJOR >= 9 - FunctionCallee cmplogHookFnStr = c7; -#else - Function *cmplogHookFnStr = cast(c7); -#endif - /* iterate over all functions, bbs and instruction and add suitable calls */ for (auto &F : M) { if (isIgnoreFunction(&F)) { continue; } @@ -339,87 +283,12 @@ bool CmpLogRoutines::hookRtns(Module &M) { if (callInst->getCallingConv() != llvm::CallingConv::C) { continue; } FunctionType *FT = Callee->getFunctionType(); - std::string FuncName = Callee->getName().str(); bool isPtrRtn = FT->getNumParams() >= 2 && !FT->getReturnType()->isVoidTy() && FT->getParamType(0) == FT->getParamType(1) && FT->getParamType(0)->isPointerTy(); - bool isPtrRtnN = FT->getNumParams() >= 3 && - !FT->getReturnType()->isVoidTy() && - FT->getParamType(0) == FT->getParamType(1) && - FT->getParamType(0)->isPointerTy() && - FT->getParamType(2)->isIntegerTy(); - if (isPtrRtnN) { - auto intTyOp = - dyn_cast(callInst->getArgOperand(2)->getType()); - if (intTyOp) { - if (intTyOp->getBitWidth() != 32 && - intTyOp->getBitWidth() != 64) { - isPtrRtnN = false; - } - } - } - - bool isMemcmp = - (!FuncName.compare("memcmp") || !FuncName.compare("bcmp") || - !FuncName.compare("CRYPTO_memcmp") || - !FuncName.compare("OPENSSL_memcmp") || - !FuncName.compare("memcmp_const_time") || - !FuncName.compare("memcmpct")); - isMemcmp &= FT->getNumParams() == 3 && - FT->getReturnType()->isIntegerTy(32) && - FT->getParamType(0)->isPointerTy() && - FT->getParamType(1)->isPointerTy() && - FT->getParamType(2)->isIntegerTy(); - - bool isStrcmp = - (!FuncName.compare("strcmp") || !FuncName.compare("xmlStrcmp") || - !FuncName.compare("xmlStrEqual") || - !FuncName.compare("g_strcmp0") || - !FuncName.compare("curl_strequal") || - !FuncName.compare("strcsequal") || - !FuncName.compare("strcasecmp") || - !FuncName.compare("stricmp") || - !FuncName.compare("ap_cstr_casecmp") || - !FuncName.compare("OPENSSL_strcasecmp") || - !FuncName.compare("xmlStrcasecmp") || - !FuncName.compare("g_strcasecmp") || - !FuncName.compare("g_ascii_strcasecmp") || - !FuncName.compare("Curl_strcasecompare") || - !FuncName.compare("Curl_safe_strcasecompare") || - !FuncName.compare("cmsstrcasecmp") || - !FuncName.compare("strstr") || - !FuncName.compare("g_strstr_len") || - !FuncName.compare("ap_strcasestr") || - !FuncName.compare("xmlStrstr") || - !FuncName.compare("xmlStrcasestr") || - !FuncName.compare("g_str_has_prefix") || - !FuncName.compare("g_str_has_suffix")); - isStrcmp &= - FT->getNumParams() == 2 && FT->getReturnType()->isIntegerTy(32) && - FT->getParamType(0) == FT->getParamType(1) && - FT->getParamType(0) == IntegerType::getInt8PtrTy(M.getContext()); - - bool isStrncmp = (!FuncName.compare("strncmp") || - !FuncName.compare("xmlStrncmp") || - !FuncName.compare("curl_strnequal") || - !FuncName.compare("strncasecmp") || - !FuncName.compare("strnicmp") || - !FuncName.compare("ap_cstr_casecmpn") || - !FuncName.compare("OPENSSL_strncasecmp") || - !FuncName.compare("xmlStrncasecmp") || - !FuncName.compare("g_ascii_strncasecmp") || - !FuncName.compare("Curl_strncasecompare") || - !FuncName.compare("g_strncasecmp")); - isStrncmp &= FT->getNumParams() == 3 && - FT->getReturnType()->isIntegerTy(32) && - FT->getParamType(0) == FT->getParamType(1) && - FT->getParamType(0) == - IntegerType::getInt8PtrTy(M.getContext()) && - FT->getParamType(2)->isIntegerTy(); - bool isGccStdStringStdString = Callee->getName().find("__is_charIT_EE7__value") != std::string::npos && @@ -467,13 +336,10 @@ bool CmpLogRoutines::hookRtns(Module &M) { */ if (isGccStdStringCString || isGccStdStringStdString || - isLlvmStdStringStdString || isLlvmStdStringCString || isMemcmp || - isStrcmp || isStrncmp) { - isPtrRtnN = isPtrRtn = false; + isLlvmStdStringStdString || isLlvmStdStringCString) { + isPtrRtn = false; } - if (isPtrRtnN) { isPtrRtn = false; } - if (isPtrRtn) { calls.push_back(callInst); } if (isGccStdStringStdString) { gccStdStd.push_back(callInst); } if (isGccStdStringCString) { gccStdC.push_back(callInst); } @@ -485,9 +351,9 @@ bool CmpLogRoutines::hookRtns(Module &M) { } if (!calls.size() && !gccStdStd.size() && !gccStdC.size() && - !llvmStdStd.size() && !llvmStdC.size() && !Memcmp.size() && - Strcmp.size() && Strncmp.size()) + !llvmStdStd.size() && !llvmStdC.size()) { return false; + } for (auto &callInst : calls) { Value *v1P = callInst->getArgOperand(0), *v2P = callInst->getArgOperand(1); @@ -506,64 +372,6 @@ bool CmpLogRoutines::hookRtns(Module &M) { // errs() << callInst->getCalledFunction()->getName() << "\n"; } - for (auto &callInst : Memcmp) { - Value *v1P = callInst->getArgOperand(0), *v2P = callInst->getArgOperand(1), - *v3P = callInst->getArgOperand(2); - - IRBuilder<> IRB(callInst->getParent()); - - std::vector args; - Value *v1Pcasted = IRB.CreatePointerCast(v1P, i8PtrTy); - Value *v2Pcasted = IRB.CreatePointerCast(v2P, i8PtrTy); - Value *v3Pbitcast = IRB.CreateBitCast( - v3P, IntegerType::get(C, v3P->getType()->getPrimitiveSizeInBits())); - Value *v3Pcasted = - IRB.CreateIntCast(v3Pbitcast, IntegerType::get(C, 64), false); - args.push_back(v1Pcasted); - args.push_back(v2Pcasted); - args.push_back(v3Pcasted); - - IRB.CreateCall(cmplogHookFnN, args); - - // errs() << callInst->getCalledFunction()->getName() << "\n"; - } - - for (auto &callInst : Strcmp) { - Value *v1P = callInst->getArgOperand(0), *v2P = callInst->getArgOperand(1); - - IRBuilder<> IRB(callInst->getParent()); - std::vector args; - Value *v1Pcasted = IRB.CreatePointerCast(v1P, i8PtrTy); - Value *v2Pcasted = IRB.CreatePointerCast(v2P, i8PtrTy); - args.push_back(v1Pcasted); - args.push_back(v2Pcasted); - - IRB.CreateCall(cmplogHookFnStr, args); - - // errs() << callInst->getCalledFunction()->getName() << "\n"; - } - - for (auto &callInst : Strncmp) { - Value *v1P = callInst->getArgOperand(0), *v2P = callInst->getArgOperand(1), - *v3P = callInst->getArgOperand(2); - - IRBuilder<> IRB(callInst->getParent()); - std::vector args; - Value *v1Pcasted = IRB.CreatePointerCast(v1P, i8PtrTy); - Value *v2Pcasted = IRB.CreatePointerCast(v2P, i8PtrTy); - Value *v3Pbitcast = IRB.CreateBitCast( - v3P, IntegerType::get(C, v3P->getType()->getPrimitiveSizeInBits())); - Value *v3Pcasted = - IRB.CreateIntCast(v3Pbitcast, IntegerType::get(C, 64), false); - args.push_back(v1Pcasted); - args.push_back(v2Pcasted); - args.push_back(v3Pcasted); - - IRB.CreateCall(cmplogHookFnStrN, args); - - // errs() << callInst->getCalledFunction()->getName() << "\n"; - } - for (auto &callInst : gccStdStd) { Value *v1P = callInst->getArgOperand(0), *v2P = callInst->getArgOperand(1);