SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update book

Browse Source
This commit is contained in:
Andrea Fioraldi 2021-07-08 17:01:35 +02:00
parent 4b4773998c
commit fe57c5ecd6
9 changed files with 58 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/src/SUMMARY.md
View File

@ -14,8 +14,4 @@
- [Design](./design/design.md) - [Design](./design/design.md)
- [Core Concepts](./design/core_concepts.md) - [Core Concepts](./design/core_concepts.md)
- [Architecture](./design/architecture.md) - [Architecture](./design/architecture.md)
- [Metadata](./design/metadata.md)
- [Understanding Metadata](./medatata/metadata.md)
- [Definition](./medatata/definition.md)
- [(De)Serialization](./medatata/de_serialization.md)
- [Usage](./medatata/usage.md)

2
docs/src/baby_fuzzer.md
View File

@ -318,4 +318,4 @@ Waiting for broker...
Bye! Bye!
``` ```
As you can see, after the panic message, the `objectives` count of the log increased by one and you will find the crashing input in `crashes/id_0`. As you can see, after the panic message, the `objectives` count of the log increased by one and you will find the crashing input in `crashes/`.

41
docs/src/design/metadata.md Normal file
View File

@ -0,0 +1,41 @@
# Metadata
A metadata in LibAFL is a self contained structure that holds associated data to the State or to a Testcase.
In terms of code, a metadata can be defined as a Rust struct registered in the SerdeAny register.
```rust
use libafl::SerdeAny;
use serde::{Serialize, Deserialize};
#[derive(Serialize, Deserialize, SerdeAny)]
pub struct MyMetadata {
...
}
```
The struct must be static, so it cannot hold references to borrowed objects.
As an alternative to `derive(SerdeAny)` that is a proc-macro in `libafl_derive` the user can use `libafl::impl_serdeany!(MyMetadata);`.
## Usage
Metadata objects are primarly intended to be used inside [`SerdeAnyMap`](https://docs.rs/libafl/0.5.0/libafl/bolts/serdeany/serdeany_registry/struct.SerdeAnyMap.html) and [`NamedSerdeAnyMap`](https://docs.rs/libafl/0.5.0/libafl/bolts/serdeany/serdeany_registry/struct.NamedSerdeAnyMap.html).
With these maps, the user can retrieve instances by type (and name). Internally, the instances are stored as SerdeAny trait objects.
Structs that want to have a set of metadata must implement the [`HasMetadata`](https://docs.rs/libafl/0.5.0/libafl/state/trait.HasMetadata.html) trait.
By default, Testcase and State implement it and hold a SerdeAnyMap testcase.
## (De)Serialization
We are interested to store State's Metadata to not lose them in case of crash or stop of a fuzzer. To do that, they must be serialized and unserialized using Serde.
As Metadata are stored in a SerdeAnyMap as trait objects, they cannot be deserialized using Serde by default.
To cope with this problem, in LibAFL each SerdeAny struct must be registered in a global registry that keeps track of types and allows the (de)serialization of the registered types.
Normally, the `impl_serdeany` macro does that for the user creating a constructor function that fills the registry. However, when using LibAFL in no_std mode, this operation must be carried out manually before any other operation in the `main` function.
To do that, the developer needs to know each metadata type that is used inside the fuzzer and call `RegistryBuilder::register::<MyMetadata>()` for each of them at the beginning of `main`.

1
docs/src/design/usage.md Normal file
View File

@ -0,0 +1 @@
# Metadata

14
docs/src/getting_started/crates.md
View File

@ -38,3 +38,17 @@ Currently, the supported flags are:
This is a library that provides some utils to wrap compilers and create source level fuzzers. This is a library that provides some utils to wrap compilers and create source level fuzzers.
At the moment, only the Clang compiler is supported. At the moment, only the Clang compiler is supported.
### libafl_frida
This library bridges libafl with Frida as instrumentation backend.
With this crate you can instrument targets on Linux/macOS/Windows/Android for coverage collection.
The CmpLog and AddressSanitizer instrumentation and runtimes are currently supported only for ARM64.
### libafl_qemu
This library bridges libafl with QEMU user-mode to fuzz ELF binaries.
It works on Linux and can collect edge coverage withotu collisions.

3
docs/src/medatata/de_serialization.md
View File

@ -1,3 +0,0 @@
# (De)Serialization
TODO describe the SerdeAny registry

19
docs/src/medatata/definition.md
View File

@ -1,19 +0,0 @@
# Definition
A metadata in LibAFL is a self contained structure that holds associated data to the State or to a Testcase.
In terms of code, a metadata can be defined as a Rust struct registered in the SerdeAny register.
```rust
use libafl::SerdeAny;
use serde::{Serialize, Deserialize};
#[derive(Serialize, Deserialize, SerdeAny)]
pub struct MyMetadata {
...
}
```
The struct must be static, so it cannot hold references to borrowed objects.

3
docs/src/medatata/metadata.md
View File

@ -1,3 +0,0 @@
# Understanding Metadata
In this chapter, we discuss in depth the metadata system of LibAFL and its usage.

3
docs/src/medatata/usage.md
View File

@ -1,3 +0,0 @@
# Usage
TODO describe the HasMetadata interface