Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update ForkserverBytesCoverageSugar to use parse_afl_cmdline #1343

Merged
merged 6 commits into from
Jul 12, 2023
Merged

update ForkserverBytesCoverageSugar to use parse_afl_cmdline #1343

merged 6 commits into from
Jul 12, 2023

Conversation

epi052
Copy link
Contributor

@epi052 epi052 commented Jul 4, 2023

Updates ForkserverBytesCoverageSugar to use parse_afl_cmdline when using ForkserverExecutorBuilder to create a ForkserverExecutor.

The current impl uses args which don't account for "@@".

@domenukk
Copy link
Member

domenukk commented Jul 4, 2023

I think we should also use:

        .is_deferred_frksrv(true)
        .is_persistent(true)
        .autotokens(&mut tokens)

@domenukk
Copy link
Member

domenukk commented Jul 4, 2023
edited
Loading

Also it should use build_dynamic_map, (basically this, see

LibAFL/fuzzers/fuzzbench_forkserver/src/main.rs

Line 312 in e5b3e5a

let forkserver = ForkserverExecutor::builder()
)

@epi052
Copy link
Contributor Author

epi052 commented Jul 4, 2023
edited
Loading

Also it should use build_dynamic_map, (basically this, see

If we move the sugar wrapper to use build_dynamic_map, is there any use for the MAP_SIZE generic?

impl<'a, const MAP_SIZE: usize> ForkserverBytesCoverageSugar<'a, MAP_SIZE>

domenukk
domenukk reviewed Jul 4, 2023
View reviewed changes
libafl_sugar/src/forkserver.rs Outdated
@@ -177,17 +173,33 @@ impl<'a, const MAP_SIZE: usize> ForkserverBytesCoverageSugar<'a, MAP_SIZE> {
ForkserverExecutorBuilder::new()
.program(self.program.clone())
.parse_afl_cmdline(self.arguments)
.is_deferred_frksrv(true)
Copy link
Member

@domenukk domenukk Jul 4, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tokatoka pointed out that this won't work for some targets, so it's better to not use deferred forkserver by default here (afl++ solves this by scanning the binary, but we don't want to do that imho)

@domenukk
Copy link
Member

domenukk commented Jul 4, 2023

Also it should use build_dynamic_map, (basically this, see

If we move the sugar wrapper to use build_dynamic_map, is there any use for the MAP_SIZE generic?

impl<'a, const MAP_SIZE: usize> ForkserverBytesCoverageSugar<'a, MAP_SIZE>

I didn't look into it, so not sure?

@epi052
Copy link
Contributor Author

epi052 commented Jul 5, 2023

once all the tests run, i think this is ready for a look.

I tested it without the generic / with the build_dynamic using exercise-3 (which uses ASAN and a map size of 86217) and it worked.

@domenukk
Copy link
Member

Looks good, thanks! <3
(sorry I was on holidays)

@domenukk domenukk merged commit 72e54ac into AFLplusplus:main Jul 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@domenukk domenukk domenukk left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@epi052 @domenukk