SYS-OSS/FRET-qemu
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add physical memory access

Browse Source
This commit is contained in:
Alwin Berger 2022-01-03 00:13:33 +01:00
parent 18a87dfe40
commit 11e5d5be6a
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
softmmu/main.c
View File

@ -49,6 +49,7 @@ int main(int argc, char **argv)
#include "migration/snapshot.h"
#include "hw/core/cpu.h"
#include "qapi/error.h"
#include "exec/memory.h"
void libafl_qemu_main_loop( void );
void libafl_qemu_sys_init(int argc, char **argv, char **envp);
void libafl_qemu_cleanup( void );
@ -58,6 +59,8 @@ void libafl_qemu_cleanup( void ) { qemu_cleanup(); }
void libafl_qemu_set_breakpoint( vaddr );
void libafl_snapshot_save( const char* );
void libafl_snapshot_load( const char* );
void libafl_phys_read(vaddr, uint8_t*, int);
void libafl_phys_write(vaddr, uint8_t*, int);
void libafl_qemu_main_loop( void )
{
@ -85,13 +88,27 @@ void libafl_snapshot_load( const char* name )
load_snapshot(name, NULL, false, NULL, &err);
}
void libafl_phys_read(vaddr addr, uint8_t* buf, int len)
{
cpu_physical_memory_read(addr, buf, len);
}
void libafl_phys_write(vaddr addr, uint8_t* buf, int len)
{
cpu_physical_memory_write(addr, buf, len);
}
#ifndef AS_SHARED_LIB
int main(int argc, char **argv, char **envp)
{
// qemu_init(argc, argv, envp);
// qemu_main_loop();
// qemu_cleanup();
// 2000010c
unsigned char buf[4096] = {3};
libafl_qemu_sys_init(argc, argv, envp);
libafl_phys_write(0x00006de4+0xc, buf,1);
libafl_phys_read(0x00006de4+0xc, buf,1);
printf("FUZZ_INPUT[0]: %x\n", buf[0]);
libafl_qemu_set_breakpoint(0x00004f5c);
libafl_snapshot_save("Start");
do {