david.venhoff/libnyx-fork
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #25 from NoRelect/fix/remove-hardcoded-values

Browse Source 
Remove hardcoded configuration values
This commit is contained in:
Sergej Schumilo 2024-01-20 20:51:50 +01:00 committed by GitHub
commit 6833d236df
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
fuzz_runner/src/nyx/params.rs
View File

@ -1,3 +1,4 @@
use std::time::Duration;
use crate::{config::{Config, FuzzRunnerConfig, QemuNyxRole}, QemuProcess}; use crate::{config::{Config, FuzzRunnerConfig, QemuNyxRole}, QemuProcess};
pub struct QemuParams { pub struct QemuParams {
@ -15,6 +16,7 @@ pub struct QemuParams {
pub hprintf_fd: Option<i32>, pub hprintf_fd: Option<i32>,
pub aux_buffer_size: usize, pub aux_buffer_size: usize,
pub time_limit: Duration,
} }
impl QemuParams { impl QemuParams {
@ -46,7 +48,7 @@ impl QemuParams {
FuzzRunnerConfig::QemuSnapshot(x) => { FuzzRunnerConfig::QemuSnapshot(x) => {
cmd.push(x.qemu_binary.to_string()); cmd.push(x.qemu_binary.to_string());
cmd.push("-drive".to_string()); cmd.push("-drive".to_string());
cmd.push(format!("file={},format=raw,index=0,media=disk", x.hda.to_string())); cmd.push(format!("file={},index=0,media=disk", x.hda.to_string()));
}, },
} }
@ -148,8 +150,11 @@ impl QemuParams {
match fuzzer_config.runtime.process_role() { match fuzzer_config.runtime.process_role() {
QemuNyxRole::StandAlone => { QemuNyxRole::StandAlone => {
cmd.push("-fast_vm_reload".to_string()); cmd.push("-fast_vm_reload".to_string());
cmd.push(format!("path={}/snapshot/,load=off,pre_path={},skip_serialization=on", workdir, x.presnapshot)); if x.presnapshot.is_empty() {
cmd.push(format!("path={}/snapshot/,load=off,skip_serialization=on", workdir));
} else {
cmd.push(format!("path={}/snapshot/,load=off,pre_path={},skip_serialization=on", workdir, x.presnapshot));
}
}, },
QemuNyxRole::Parent => { QemuNyxRole::Parent => {
cmd.push("-fast_vm_reload".to_string()); cmd.push("-fast_vm_reload".to_string());
@ -191,6 +196,7 @@ impl QemuParams {
cow_primary_size: fuzzer_config.fuzz.cow_primary_size, cow_primary_size: fuzzer_config.fuzz.cow_primary_size,
hprintf_fd: fuzzer_config.runtime.hprintf_fd(), hprintf_fd: fuzzer_config.runtime.hprintf_fd(),
aux_buffer_size: fuzzer_config.runtime.aux_buffer_size(), aux_buffer_size: fuzzer_config.runtime.aux_buffer_size(),
time_limit: fuzzer_config.fuzz.time_limit
} }
} }

8
fuzz_runner/src/nyx/qemu_process.rs
View File

@ -205,7 +205,7 @@ impl QemuProcess {
return Err(format!("cannot launch QEMU-Nyx...")); return Err(format!("cannot launch QEMU-Nyx..."));
} }
let mut aux_buffer = { let aux_buffer = {
let aux_shm_f = OpenOptions::new() let aux_shm_f = OpenOptions::new()
.read(true) .read(true)
.write(true) .write(true)
@ -291,12 +291,12 @@ impl QemuProcess {
1 => println!("[!] libnyx: coverage mode: compile-time instrumentation"), 1 => println!("[!] libnyx: coverage mode: compile-time instrumentation"),
_ => panic!("unkown aux_buffer.cap.agent_trace_bitmap value"), _ => panic!("unkown aux_buffer.cap.agent_trace_bitmap value"),
}; };
println!("[!] libnyx: qemu #{} is ready:", params.qemu_id); println!("[!] libnyx: qemu #{} is ready:", params.qemu_id);
aux_buffer.config.reload_mode = 1; aux_buffer.config.reload_mode = 1;
aux_buffer.config.timeout_sec = 0; aux_buffer.config.timeout_sec = params.time_limit.as_secs() as u8;
aux_buffer.config.timeout_usec = 500_000; aux_buffer.config.timeout_usec = params.time_limit.subsec_micros();
aux_buffer.config.changed = 1; aux_buffer.config.changed = 1;
return Ok(QemuProcess { return Ok(QemuProcess {