diff --git a/nyx/helpers.c b/nyx/helpers.c index 13f9bca3a9..054c9d39e5 100644 --- a/nyx/helpers.c +++ b/nyx/helpers.c @@ -1,6 +1,7 @@ #include "qemu/osdep.h" #include +#include #include #include #include @@ -17,10 +18,19 @@ #include "nyx/memory_access.h" #include "nyx/state/state.h" -void nyx_abort(char *msg) +void nyx_abort(const char *fmt, ...) { + static char msg[512]; + uint32_t msglen = 0; + va_list ap; + + va_start(ap, fmt); + msglen = vsnprintf(msg, sizeof(msg), fmt, ap); + va_end(ap); + + nyx_error("%s\n", msg); set_abort_reason_auxiliary_buffer(GET_GLOBAL_STATE()->auxilary_buffer, msg, - strlen(msg)); + msglen); synchronization_lock(); exit(1); } @@ -28,11 +38,7 @@ void nyx_abort(char *msg) bool is_called_in_fuzzing_mode(const char *hypercall) { if (GET_GLOBAL_STATE()->in_fuzzing_mode) { - char *tmp = NULL; - assert(asprintf(&tmp, "Hypercall <%s> called during fuzzing...", hypercall) != - -1); - nyx_abort((char *)tmp); - free(tmp); + nyx_abort("Hypercall <%s> not allowed during fuzzing!", hypercall); return true; } return false; diff --git a/nyx/helpers.h b/nyx/helpers.h index 648aed02ad..87a960ae97 100644 --- a/nyx/helpers.h +++ b/nyx/helpers.h @@ -7,7 +7,7 @@ typedef struct nyx_coverage_bitmap_copy_s { void *ijon_bitmap_buffer; } nyx_coverage_bitmap_copy_t; -void nyx_abort(char *msg); +void nyx_abort(const char *fmt, ...) __attribute__((format(printf, 1, 2))); bool is_called_in_fuzzing_mode(const char *hypercall); nyx_coverage_bitmap_copy_t *new_coverage_bitmaps(void); diff --git a/nyx/hypercall/debug.c b/nyx/hypercall/debug.c index 64531d3e52..0c16f949cc 100644 --- a/nyx/hypercall/debug.c +++ b/nyx/hypercall/debug.c @@ -109,11 +109,6 @@ void handle_hypercall_kafl_debug_tmp_snapshot(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg) { - fprintf(stderr, "[QEMU-Nyx] Error: HYPERCALL_KAFL_DEBUG_TMP not enabled!\n"); - set_abort_reason_auxiliary_buffer( - GET_GLOBAL_STATE()->auxilary_buffer, - (char *)"HYPERCALL_KAFL_DEBUG_TMP is not enabled.", - strlen("HYPERCALL_KAFL_DEBUG_TMP is not enabled.")); - synchronization_lock(); + nyx_abort("Error: HYPERCALL_KAFL_DEBUG_TMP not enabled!\n"); } -#endif \ No newline at end of file +#endif diff --git a/nyx/hypercall/hypercall.c b/nyx/hypercall/hypercall.c index 243039c3c7..5e744f6ce2 100644 --- a/nyx/hypercall/hypercall.c +++ b/nyx/hypercall/hypercall.c @@ -105,8 +105,7 @@ bool handle_hypercall_kafl_next_payload(struct kvm_run *run, } else { if (GET_GLOBAL_STATE()->set_agent_config_done == false) { - nyx_abort( - (char *)"KVM_EXIT_KAFL_SET_AGENT_CONFIG was not called..."); + nyx_abort("KVM_EXIT_KAFL_SET_AGENT_CONFIG was not called."); return false; } @@ -175,7 +174,7 @@ static void handle_hypercall_get_payload(struct kvm_run *run, } if (GET_GLOBAL_STATE()->get_host_config_done == false) { - nyx_abort((char *)"KVM_EXIT_KAFL_GET_HOST_CONFIG was not called..."); + nyx_abort("KVM_EXIT_KAFL_GET_HOST_CONFIG was not called..."); return; } @@ -189,9 +188,7 @@ static void handle_hypercall_get_payload(struct kvm_run *run, // print_48_pagetables(GET_GLOBAL_STATE()->parent_cr3); if (hypercall_arg & 0xFFF) { - fprintf(stderr, "[QEMU-Nyx] Error: Payload buffer is not page-aligned! (0x%lx)\n", - hypercall_arg); - abort(); + nyx_abort("Payload buffer at 0x%lx is not page-aligned!", hypercall_arg); } remap_payload_buffer(hypercall_arg, cpu); @@ -518,8 +515,7 @@ void handle_hypercall_kafl_panic(struct kvm_run *run, } synchronization_lock_crash_found(); } else { - nyx_abort( - (char *)"Agent has crashed before initializing the fuzzing loop..."); + nyx_abort("Agent has crashed before initializing the fuzzing loop..."); } } } @@ -545,22 +541,17 @@ static void handle_hypercall_kafl_panic_extended(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg) { + read_virtual_memory(hypercall_arg, (uint8_t *)hprintf_buffer, HPRINTF_SIZE, cpu); + if (fast_reload_snapshot_exists(get_fast_reload_snapshot()) && GET_GLOBAL_STATE()->in_fuzzing_mode) { - read_virtual_memory(hypercall_arg, (uint8_t *)hprintf_buffer, HPRINTF_SIZE, - cpu); set_crash_reason_auxiliary_buffer(GET_GLOBAL_STATE()->auxilary_buffer, hprintf_buffer, strlen(hprintf_buffer)); synchronization_lock_crash_found(); } else { - read_virtual_memory(hypercall_arg, (uint8_t *)hprintf_buffer, HPRINTF_SIZE, - cpu); - char *report = NULL; - assert(asprintf(&report, - "Agent has crashed before initializing the fuzzing loop: %s", - hprintf_buffer) != -1); - nyx_abort(report); + nyx_abort("Agent has crashed before initializing the fuzzing loop: %s", + hprintf_buffer); } } @@ -870,13 +861,11 @@ int handle_kafl_hypercall(struct kvm_run *run, ret = 0; break; case KVM_EXIT_KAFL_GET_PROGRAM: - nyx_abort( - (char *)"Deprecated hypercall called (HYPERCALL_KAFL_GET_PROGRAM)..."); + nyx_abort("Hypercall is deprecated: HYPERCALL_KAFL_GET_PROGRAM"); ret = 0; break; case KVM_EXIT_KAFL_GET_ARGV: - nyx_abort( - (char *)"Deprecated hypercall called (HYPERCALL_KAFL_GET_ARGV)..."); + nyx_abort("Hypercall is deprecated: HYPERCALL_KAFL_GET_ARGV"); ret = 0; break; case KVM_EXIT_KAFL_RELEASE: @@ -908,7 +897,7 @@ int handle_kafl_hypercall(struct kvm_run *run, ret = 0; break; case KVM_EXIT_KAFL_INFO: - nyx_abort((char *)"Deprecated hypercall called (HYPERCALL_KAFL_INFO)..."); + nyx_abort("Hypercall is deprecated: HYPERCALL_KAFL_INFO"); ret = 0; break; case KVM_EXIT_KAFL_NEXT_PAYLOAD: @@ -920,12 +909,11 @@ int handle_kafl_hypercall(struct kvm_run *run, ret = 0; break; case KVM_EXIT_KAFL_PRINTK_ADDR: - nyx_abort( - (char *)"Deprecated hypercall called (KVM_EXIT_KAFL_PRINTK_ADDR)..."); + nyx_abort("Hypercall is deprecated: KVM_EXIT_KAFL_PRINTK_ADDR"); ret = 0; break; case KVM_EXIT_KAFL_PRINTK: - nyx_abort((char *)"Deprecated hypercall called (KVM_EXIT_KAFL_PRINTK)..."); + nyx_abort("Hypercall is deprecated: KVM_EXIT_KAFL_PRINTK"); ret = 0; break; case KVM_EXIT_KAFL_USER_RANGE_ADVISE: diff --git a/nyx/trace_dump.c b/nyx/trace_dump.c index 09736ac394..d7a780961c 100644 --- a/nyx/trace_dump.c +++ b/nyx/trace_dump.c @@ -30,9 +30,8 @@ void pt_trace_dump_init(char *filename) test_fd = open(filename, O_CREAT | O_TRUNC | O_WRONLY, 0644); if (test_fd < 0) - fprintf(stderr, "Error accessing pt_dump output path %s: %s", - pt_trace_dump_filename, strerror(errno)); - assert(test_fd >= 0); + nyx_abort("Error accessing pt_dump output path %s: %s", + pt_trace_dump_filename, strerror(errno)); pt_trace_dump_filename = strdup(filename); assert(pt_trace_dump_filename); @@ -47,9 +46,8 @@ void pt_truncate_pt_dump_file(void) fd = open(pt_trace_dump_filename, O_CREAT | O_TRUNC | O_WRONLY, 0644); if (fd < 0) { - fprintf(stderr, "Error truncating %s: %s\n", pt_trace_dump_filename, - strerror(errno)); - assert(0); + nyx_abort("Error truncating %s: %s\n", pt_trace_dump_filename, + strerror(errno)); } close(fd); } @@ -63,9 +61,8 @@ void pt_write_pt_dump_file(uint8_t *data, size_t bytes) fd = open(pt_trace_dump_filename, O_APPEND | O_WRONLY, 0644); if (fd < 0) { - fprintf(stderr, "Error writing pt_trace_dump to %s: %s\n", - pt_trace_dump_filename, strerror(errno)); - assert(0); + nyx_abort("Error writing pt_trace_dump to %s: %s\n", pt_trace_dump_filename, + strerror(errno)); } assert(bytes == write(fd, data, bytes)); close(fd);