better nyx_abort()
Let nyx_abort() take a format string and replace instances of fprintf/nyx_debug with subsequent nyx_abort / abort / assert.
This commit is contained in:
Steffen Schulz
Sergej Schumilo
parent
e6159806aa
commit
ab4fbeadef
@ -1,6 +1,7 @@
|
||||
#include "qemu/osdep.h"
|
||||
|
||||
#include <linux/kvm.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdint.h>
|
||||
#include <stdio.h>
|
||||
#include <sys/ioctl.h>
|
||||
@ -17,10 +18,19 @@
|
||||
#include "nyx/memory_access.h"
|
||||
#include "nyx/state/state.h"
|
||||
|
||||
void nyx_abort(char *msg)
|
||||
void nyx_abort(const char *fmt, ...)
|
||||
{
|
||||
static char msg[512];
|
||||
uint32_t msglen = 0;
|
||||
va_list ap;
|
||||
|
||||
va_start(ap, fmt);
|
||||
msglen = vsnprintf(msg, sizeof(msg), fmt, ap);
|
||||
va_end(ap);
|
||||
|
||||
nyx_error("%s\n", msg);
|
||||
set_abort_reason_auxiliary_buffer(GET_GLOBAL_STATE()->auxilary_buffer, msg,
|
||||
strlen(msg));
|
||||
msglen);
|
||||
synchronization_lock();
|
||||
exit(1);
|
||||
}
|
||||
@ -28,11 +38,7 @@ void nyx_abort(char *msg)
|
||||
bool is_called_in_fuzzing_mode(const char *hypercall)
|
||||
{
|
||||
if (GET_GLOBAL_STATE()->in_fuzzing_mode) {
|
||||
char *tmp = NULL;
|
||||
assert(asprintf(&tmp, "Hypercall <%s> called during fuzzing...", hypercall) !=
|
||||
-1);
|
||||
nyx_abort((char *)tmp);
|
||||
free(tmp);
|
||||
nyx_abort("Hypercall <%s> not allowed during fuzzing!", hypercall);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
|
||||
@ -7,7 +7,7 @@ typedef struct nyx_coverage_bitmap_copy_s {
|
||||
void *ijon_bitmap_buffer;
|
||||
} nyx_coverage_bitmap_copy_t;
|
||||
|
||||
void nyx_abort(char *msg);
|
||||
void nyx_abort(const char *fmt, ...) __attribute__((format(printf, 1, 2)));
|
||||
bool is_called_in_fuzzing_mode(const char *hypercall);
|
||||
|
||||
nyx_coverage_bitmap_copy_t *new_coverage_bitmaps(void);
|
||||
|
||||
@ -109,11 +109,6 @@ void handle_hypercall_kafl_debug_tmp_snapshot(struct kvm_run *run,
|
||||
CPUState *cpu,
|
||||
uint64_t hypercall_arg)
|
||||
{
|
||||
fprintf(stderr, "[QEMU-Nyx] Error: HYPERCALL_KAFL_DEBUG_TMP not enabled!\n");
|
||||
set_abort_reason_auxiliary_buffer(
|
||||
GET_GLOBAL_STATE()->auxilary_buffer,
|
||||
(char *)"HYPERCALL_KAFL_DEBUG_TMP is not enabled.",
|
||||
strlen("HYPERCALL_KAFL_DEBUG_TMP is not enabled."));
|
||||
synchronization_lock();
|
||||
nyx_abort("Error: HYPERCALL_KAFL_DEBUG_TMP not enabled!\n");
|
||||
}
|
||||
#endif
|
||||
@ -105,8 +105,7 @@ bool handle_hypercall_kafl_next_payload(struct kvm_run *run,
|
||||
|
||||
} else {
|
||||
if (GET_GLOBAL_STATE()->set_agent_config_done == false) {
|
||||
nyx_abort(
|
||||
(char *)"KVM_EXIT_KAFL_SET_AGENT_CONFIG was not called...");
|
||||
nyx_abort("KVM_EXIT_KAFL_SET_AGENT_CONFIG was not called.");
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -175,7 +174,7 @@ static void handle_hypercall_get_payload(struct kvm_run *run,
|
||||
}
|
||||
|
||||
if (GET_GLOBAL_STATE()->get_host_config_done == false) {
|
||||
nyx_abort((char *)"KVM_EXIT_KAFL_GET_HOST_CONFIG was not called...");
|
||||
nyx_abort("KVM_EXIT_KAFL_GET_HOST_CONFIG was not called...");
|
||||
return;
|
||||
}
|
||||
|
||||
@ -189,9 +188,7 @@ static void handle_hypercall_get_payload(struct kvm_run *run,
|
||||
// print_48_pagetables(GET_GLOBAL_STATE()->parent_cr3);
|
||||
|
||||
if (hypercall_arg & 0xFFF) {
|
||||
fprintf(stderr, "[QEMU-Nyx] Error: Payload buffer is not page-aligned! (0x%lx)\n",
|
||||
hypercall_arg);
|
||||
abort();
|
||||
nyx_abort("Payload buffer at 0x%lx is not page-aligned!", hypercall_arg);
|
||||
}
|
||||
|
||||
remap_payload_buffer(hypercall_arg, cpu);
|
||||
@ -518,8 +515,7 @@ void handle_hypercall_kafl_panic(struct kvm_run *run,
|
||||
}
|
||||
synchronization_lock_crash_found();
|
||||
} else {
|
||||
nyx_abort(
|
||||
(char *)"Agent has crashed before initializing the fuzzing loop...");
|
||||
nyx_abort("Agent has crashed before initializing the fuzzing loop...");
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -545,22 +541,17 @@ static void handle_hypercall_kafl_panic_extended(struct kvm_run *run,
|
||||
CPUState *cpu,
|
||||
uint64_t hypercall_arg)
|
||||
{
|
||||
read_virtual_memory(hypercall_arg, (uint8_t *)hprintf_buffer, HPRINTF_SIZE, cpu);
|
||||
|
||||
if (fast_reload_snapshot_exists(get_fast_reload_snapshot()) &&
|
||||
GET_GLOBAL_STATE()->in_fuzzing_mode)
|
||||
{
|
||||
read_virtual_memory(hypercall_arg, (uint8_t *)hprintf_buffer, HPRINTF_SIZE,
|
||||
cpu);
|
||||
set_crash_reason_auxiliary_buffer(GET_GLOBAL_STATE()->auxilary_buffer,
|
||||
hprintf_buffer, strlen(hprintf_buffer));
|
||||
synchronization_lock_crash_found();
|
||||
} else {
|
||||
read_virtual_memory(hypercall_arg, (uint8_t *)hprintf_buffer, HPRINTF_SIZE,
|
||||
cpu);
|
||||
char *report = NULL;
|
||||
assert(asprintf(&report,
|
||||
"Agent has crashed before initializing the fuzzing loop: %s",
|
||||
hprintf_buffer) != -1);
|
||||
nyx_abort(report);
|
||||
nyx_abort("Agent has crashed before initializing the fuzzing loop: %s",
|
||||
hprintf_buffer);
|
||||
}
|
||||
}
|
||||
|
||||
@ -870,13 +861,11 @@ int handle_kafl_hypercall(struct kvm_run *run,
|
||||
ret = 0;
|
||||
break;
|
||||
case KVM_EXIT_KAFL_GET_PROGRAM:
|
||||
nyx_abort(
|
||||
(char *)"Deprecated hypercall called (HYPERCALL_KAFL_GET_PROGRAM)...");
|
||||
nyx_abort("Hypercall is deprecated: HYPERCALL_KAFL_GET_PROGRAM");
|
||||
ret = 0;
|
||||
break;
|
||||
case KVM_EXIT_KAFL_GET_ARGV:
|
||||
nyx_abort(
|
||||
(char *)"Deprecated hypercall called (HYPERCALL_KAFL_GET_ARGV)...");
|
||||
nyx_abort("Hypercall is deprecated: HYPERCALL_KAFL_GET_ARGV");
|
||||
ret = 0;
|
||||
break;
|
||||
case KVM_EXIT_KAFL_RELEASE:
|
||||
@ -908,7 +897,7 @@ int handle_kafl_hypercall(struct kvm_run *run,
|
||||
ret = 0;
|
||||
break;
|
||||
case KVM_EXIT_KAFL_INFO:
|
||||
nyx_abort((char *)"Deprecated hypercall called (HYPERCALL_KAFL_INFO)...");
|
||||
nyx_abort("Hypercall is deprecated: HYPERCALL_KAFL_INFO");
|
||||
ret = 0;
|
||||
break;
|
||||
case KVM_EXIT_KAFL_NEXT_PAYLOAD:
|
||||
@ -920,12 +909,11 @@ int handle_kafl_hypercall(struct kvm_run *run,
|
||||
ret = 0;
|
||||
break;
|
||||
case KVM_EXIT_KAFL_PRINTK_ADDR:
|
||||
nyx_abort(
|
||||
(char *)"Deprecated hypercall called (KVM_EXIT_KAFL_PRINTK_ADDR)...");
|
||||
nyx_abort("Hypercall is deprecated: KVM_EXIT_KAFL_PRINTK_ADDR");
|
||||
ret = 0;
|
||||
break;
|
||||
case KVM_EXIT_KAFL_PRINTK:
|
||||
nyx_abort((char *)"Deprecated hypercall called (KVM_EXIT_KAFL_PRINTK)...");
|
||||
nyx_abort("Hypercall is deprecated: KVM_EXIT_KAFL_PRINTK");
|
||||
ret = 0;
|
||||
break;
|
||||
case KVM_EXIT_KAFL_USER_RANGE_ADVISE:
|
||||
|
||||
@ -30,9 +30,8 @@ void pt_trace_dump_init(char *filename)
|
||||
|
||||
test_fd = open(filename, O_CREAT | O_TRUNC | O_WRONLY, 0644);
|
||||
if (test_fd < 0)
|
||||
fprintf(stderr, "Error accessing pt_dump output path %s: %s",
|
||||
pt_trace_dump_filename, strerror(errno));
|
||||
assert(test_fd >= 0);
|
||||
nyx_abort("Error accessing pt_dump output path %s: %s",
|
||||
pt_trace_dump_filename, strerror(errno));
|
||||
|
||||
pt_trace_dump_filename = strdup(filename);
|
||||
assert(pt_trace_dump_filename);
|
||||
@ -47,9 +46,8 @@ void pt_truncate_pt_dump_file(void)
|
||||
|
||||
fd = open(pt_trace_dump_filename, O_CREAT | O_TRUNC | O_WRONLY, 0644);
|
||||
if (fd < 0) {
|
||||
fprintf(stderr, "Error truncating %s: %s\n", pt_trace_dump_filename,
|
||||
strerror(errno));
|
||||
assert(0);
|
||||
nyx_abort("Error truncating %s: %s\n", pt_trace_dump_filename,
|
||||
strerror(errno));
|
||||
}
|
||||
close(fd);
|
||||
}
|
||||
@ -63,9 +61,8 @@ void pt_write_pt_dump_file(uint8_t *data, size_t bytes)
|
||||
|
||||
fd = open(pt_trace_dump_filename, O_APPEND | O_WRONLY, 0644);
|
||||
if (fd < 0) {
|
||||
fprintf(stderr, "Error writing pt_trace_dump to %s: %s\n",
|
||||
pt_trace_dump_filename, strerror(errno));
|
||||
assert(0);
|
||||
nyx_abort("Error writing pt_trace_dump to %s: %s\n", pt_trace_dump_filename,
|
||||
strerror(errno));
|
||||
}
|
||||
assert(bytes == write(fd, data, bytes));
|
||||
close(fd);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user