SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

set size and function from env

Browse Source
This commit is contained in:
Alwin Berger 2022-11-02 14:47:00 +01:00
parent 83b03ceeea
commit efef29f877
1 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
fuzzers/qemu_fret/src/fuzzer.rs
View File

@ -44,9 +44,13 @@ use libafl_qemu::{
Regs,
};
pub const MAX_INPUT_SIZE: usize = 1048576; // 1MB
// pub const MAX_INPUT_SIZE: usize = 1048576; // 1MB
pub fn fuzz() {
let MAX_INPUT_SIZE: usize = match env::var("FUZZ_SIZE") {
Ok(s) => str::parse::<usize>(&s).expect("FUZZ_SIZE was not a number"),
_ => 1048576,
}; // 1MB
// Hardcoded parameters
let timeout = Duration::from_secs(1);
let broker_port = 1337;
@ -63,10 +67,15 @@ pub fn fuzz() {
let mut elf_buffer = Vec::new();
let elf = EasyElf::from_file(emu.binary_path(), &mut elf_buffer).unwrap();
let test_one_input_ptr = elf
let test_one_input_ptr = match env::var("MAIN_FUNC") {
Ok(s) => elf
.resolve_symbol(&s, emu.load_addr())
.expect(&format!("Symbol {} not found",s)),
Err(e) => elf
.resolve_symbol("LLVMFuzzerTestOneInput", emu.load_addr())
.expect("Symbol LLVMFuzzerTestOneInput not found");
println!("LLVMFuzzerTestOneInput @ {:#x}", test_one_input_ptr);
.expect("Symbol LLVMFuzzerTestOneInput not found"),
};
println!("Main funtion @ {:#x}", test_one_input_ptr);
emu.set_breakpoint(test_one_input_ptr); // LLVMFuzzerTestOneInput
unsafe { emu.run() };