AFLplusplus · tokatoka · Dec 16, 2023 · Dec 16, 2023 · Dec 16, 2023 · Dec 16, 2023
diff --git a/fuzzers/frida_executable_libpng/Cargo.toml b/fuzzers/frida_executable_libpng/Cargo.toml
@@ -28,7 +28,6 @@ reqwest = { version = "0.11.4", features = ["blocking"] }
 [dependencies]
 libafl = { path = "../../libafl/", features = [ "std", "llmp_compression", "llmp_bind_public", "frida_cli" ] } #,  "llmp_small_maps", "llmp_debug"]}
 libafl_bolts = { path = "../../libafl_bolts/" }
-capstone = "0.11.0"
 frida-gum = { version = "0.13.2", features = [ "auto-download", "event-sink", "invocation-listener"] }
 libafl_frida = { path = "../../libafl_frida", features = ["cmplog"] }
 libafl_targets = { path = "../../libafl_targets", features = ["sancov_cmplog"] }

diff --git a/fuzzers/frida_executable_libpng/Makefile.toml b/fuzzers/frida_executable_libpng/Makefile.toml
@@ -21,7 +21,7 @@ condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Library

diff --git a/fuzzers/frida_libpng/Makefile.toml b/fuzzers/frida_libpng/Makefile.toml
@@ -22,7 +22,7 @@ condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Library

diff --git a/fuzzers/fuzzbench_fork_qemu/Makefile.toml b/fuzzers/fuzzbench_fork_qemu/Makefile.toml
@@ -22,7 +22,7 @@ condition = { files_not_exist = [ "./libpng-1.6.37" ] }
 script_runner="@shell"
 script='''
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # fuzzer

diff --git a/fuzzers/fuzzbench_qemu/Makefile.toml b/fuzzers/fuzzbench_qemu/Makefile.toml
@@ -22,7 +22,7 @@ condition = { files_not_exist = [ "./libpng-1.6.37" ] }
 script_runner="@shell"
 script='''
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # fuzzer

diff --git a/fuzzers/libfuzzer_libpng/Makefile.toml b/fuzzers/libfuzzer_libpng/Makefile.toml
@@ -25,8 +25,8 @@ windows_alias = "unsupported"
 condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
-curl https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz --output libpng-1.6.37.tar.xz
-tar -xvf libpng-1.6.37.tar.xz
+wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Compilers

diff --git a/fuzzers/libfuzzer_libpng/README.md b/fuzzers/libfuzzer_libpng/README.md
@@ -27,7 +27,7 @@ The compiler wrappers, `libafl_cc` and `libafl_cxx`, will end up in `./target/re
 Then download libpng, and unpack the archive:
 ```bash
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 ```
 
 Now compile libpng, using the libafl_cc compiler wrapper:

diff --git a/fuzzers/libfuzzer_libpng_accounting/Makefile.toml b/fuzzers/libfuzzer_libpng_accounting/Makefile.toml
@@ -26,7 +26,7 @@ condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Compilers

diff --git a/fuzzers/libfuzzer_libpng_accounting/README.md b/fuzzers/libfuzzer_libpng_accounting/README.md
@@ -20,7 +20,7 @@ In addition, it will also build two C and C++ compiler wrappers (bin/libafl_c(li
 Then download libpng, and unpack the archive:
 ```bash
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 ```
 
 Now compile libpng, using the libafl_cc compiler wrapper:

diff --git a/fuzzers/libfuzzer_libpng_aflpp_ui/Makefile.toml b/fuzzers/libfuzzer_libpng_aflpp_ui/Makefile.toml
@@ -25,8 +25,8 @@ windows_alias = "unsupported"
 condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
-curl https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz --output libpng-1.6.37.tar.xz
-tar -xvf libpng-1.6.37.tar.xz
+wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Compilers

diff --git a/fuzzers/libfuzzer_libpng_aflpp_ui/README.md b/fuzzers/libfuzzer_libpng_aflpp_ui/README.md
@@ -20,7 +20,7 @@ The compiler wrappers, `libafl_cc` and `libafl_cxx`, will end up in `./target/re
 Then download libpng, and unpack the archive:
 ```bash
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 ```
 
 Now compile libpng, using the libafl_cc compiler wrapper:

diff --git a/fuzzers/libfuzzer_libpng_centralized/Makefile.toml b/fuzzers/libfuzzer_libpng_centralized/Makefile.toml
@@ -26,7 +26,7 @@ condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Compilers

diff --git a/fuzzers/libfuzzer_libpng_centralized/README.md b/fuzzers/libfuzzer_libpng_centralized/README.md
@@ -20,7 +20,7 @@ In addition, it will also build two C and C++ compiler wrappers (bin/libafl_c(li
 Then download libpng, and unpack the archive:
 ```bash
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 ```
 
 Now compile libpng, using the libafl_cc compiler wrapper:

diff --git a/fuzzers/libfuzzer_libpng_cmin/Makefile.toml b/fuzzers/libfuzzer_libpng_cmin/Makefile.toml
@@ -25,8 +25,8 @@ windows_alias = "unsupported"
 condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
-curl https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz --output libpng-1.6.37.tar.xz
-tar -xvf libpng-1.6.37.tar.xz
+wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Compilers

diff --git a/fuzzers/libfuzzer_libpng_cmin/README.md b/fuzzers/libfuzzer_libpng_cmin/README.md
@@ -27,7 +27,7 @@ The compiler wrappers, `libafl_cc` and libafl_cxx`, will end up in `./target/rel
 Then download libpng, and unpack the archive:
 ```bash
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 ```
 
 Now compile libpng, using the libafl_cc compiler wrapper:

diff --git a/fuzzers/libfuzzer_libpng_ctx/Makefile.toml b/fuzzers/libfuzzer_libpng_ctx/Makefile.toml
@@ -26,7 +26,7 @@ condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Compilers

diff --git a/fuzzers/libfuzzer_libpng_ctx/README.md b/fuzzers/libfuzzer_libpng_ctx/README.md
@@ -20,7 +20,7 @@ In addition, it will also build two C and C++ compiler wrappers (bin/libafl_c(li
 Then download libpng, and unpack the archive:
 ```bash
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 ```
 
 Now compile libpng, using the libafl_cc compiler wrapper:

diff --git a/fuzzers/libfuzzer_libpng_launcher/Makefile.toml b/fuzzers/libfuzzer_libpng_launcher/Makefile.toml
@@ -27,7 +27,7 @@ condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Compilers

diff --git a/fuzzers/libfuzzer_libpng_launcher/README.md b/fuzzers/libfuzzer_libpng_launcher/README.md
@@ -20,7 +20,7 @@ In addition, it will also build two C and C++ compiler wrappers (bin/libafl_c(li
 Then download libpng, and unpack the archive:
 ```bash
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 ```
 
 Now compile libpng, using the libafl_cc compiler wrapper:

diff --git a/fuzzers/libfuzzer_libpng_norestart/Makefile.toml b/fuzzers/libfuzzer_libpng_norestart/Makefile.toml
@@ -26,7 +26,7 @@ condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Compilers

diff --git a/fuzzers/libfuzzer_libpng_norestart/README.md b/fuzzers/libfuzzer_libpng_norestart/README.md
@@ -20,7 +20,7 @@ In addition, it will also build two C and C++ compiler wrappers (bin/libafl_c(li
 Then download libpng, and unpack the archive:
 ```bash
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 ```
 
 Now compile libpng, using the libafl_cc compiler wrapper:

diff --git a/fuzzers/libfuzzer_libpng_tcp_manager/Makefile.toml b/fuzzers/libfuzzer_libpng_tcp_manager/Makefile.toml
@@ -25,8 +25,8 @@ windows_alias = "unsupported"
 condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
-curl https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz --output libpng-1.6.37.tar.xz
-tar -xvf libpng-1.6.37.tar.xz
+wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Compilers

diff --git a/fuzzers/libfuzzer_libpng_tcp_manager/README.md b/fuzzers/libfuzzer_libpng_tcp_manager/README.md
@@ -27,7 +27,7 @@ The compiler wrappers, `libafl_cc` and `libafl_cxx`, will end up in `./target/re
 Then download libpng, and unpack the archive:
 ```bash
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 ```
 
 Now compile libpng, using the libafl_cc compiler wrapper:

diff --git a/fuzzers/libfuzzer_reachability/README.md b/fuzzers/libfuzzer_reachability/README.md
@@ -26,7 +26,7 @@ The compiler wrappers, `libafl_cc` and `libafl_cxx`, will end up in `./target/re
 Then download libpng, and unpack the archive:
 ```bash
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 ```
 Run `patch libpng-1.6.37/png.c diff.patch` before compiling the libpng
 Now compile libpng, using the libafl_cc compiler wrapper:

diff --git a/fuzzers/nautilus_sync/Makefile.toml b/fuzzers/nautilus_sync/Makefile.toml
@@ -26,7 +26,7 @@ condition = { files_not_exist = ["./libpng-1.6.37"]}
 script_runner="@shell"
 script='''
 wget https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
-tar -xvf libpng-1.6.37.tar.xz
+tar -xvf v1.6.37.tar.gz
 '''
 
 # Compilers

diff --git a/fuzzers/qemu_cmin/Makefile.toml b/fuzzers/qemu_cmin/Makefile.toml
@@ -145,11 +145,11 @@ condition = { files_not_exist = [ "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/lib
 script_runner="@shell"
 script='''
 wget \
-    -O "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/libpng-1.6.37.tar.xz" \
+    -O "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/v1.6.37.tar.gz" \
     https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
 
 tar \
-    -xvf "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/libpng-1.6.37.tar.xz" \
+    -xvf "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/v1.6.37.tar.gz" \
     -C ${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/
 '''
 

diff --git a/fuzzers/qemu_coverage/Makefile.toml b/fuzzers/qemu_coverage/Makefile.toml
@@ -145,11 +145,11 @@ condition = { files_not_exist = [ "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/lib
 script_runner="@shell"
 script='''
 wget \
-    -O "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/libpng-1.6.37.tar.xz" \
+    -O "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/v1.6.37.tar.gz" \
     https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
 
 tar \
-    -xvf "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/libpng-1.6.37.tar.xz" \
+    -xvf "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/v1.6.37.tar.gz" \
     -C ${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/
 '''
 

diff --git a/fuzzers/qemu_launcher/Makefile.toml b/fuzzers/qemu_launcher/Makefile.toml
@@ -145,11 +145,11 @@ condition = { files_not_exist = [ "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/lib
 script_runner="@shell"
 script='''
 wget \
-    -O "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/libpng-1.6.37.tar.xz" \
+    -O "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/v1.6.37.tar.gz" \
     https://github.com/glennrp/libpng/archive/refs/tags/v1.6.37.tar.gz
 
 tar \
-    -xvf "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/libpng-1.6.37.tar.xz" \
+    -xvf "${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/v1.6.37.tar.gz" \
     -C ${CARGO_MAKE_CRATE_TARGET_DIRECTORY}/deps/
 '''
 

diff --git a/libafl_frida/Cargo.toml b/libafl_frida/Cargo.toml
@@ -32,7 +32,7 @@ cc = { version = "1.0", features = ["parallel"] }
 yaxpeax-arm = "0.2.4"
 
 [target.'cfg(target_arch = "x86_64")'.dependencies]
-yaxpeax-x86 = { git = "https://github.com/tokatoka/yaxpeax-x86/" } # replace this with origin later
+yaxpeax-x86 = { git = "https://github.com/iximeow/yaxpeax-x86/", rev = "85668b2" } # replace this with origin later
 
 [dependencies]
 libafl = { path = "../libafl", default-features = false, version = "0.11.1", features = [

diff --git a/libafl_frida/src/asan/asan_rt.rs b/libafl_frida/src/asan/asan_rt.rs
@@ -41,7 +41,7 @@ use yaxpeax_arm::armv8::a64::{ARMv8, InstDecoder, Opcode, Operand, ShiftStyle, S
 #[cfg(target_arch = "x86_64")]
 use yaxpeax_x86::amd64::{InstDecoder, Instruction, Opcode};
 
-#[cfg(any(target_arch = "x86_64"))]
+#[cfg(target_arch = "x86_64")]
 use crate::utils::frida_to_cs;
 #[cfg(target_arch = "aarch64")]
 use crate::utils::{instruction_width, writer_register};
@@ -2138,8 +2138,6 @@ impl AsanRuntime {
         u32,                     //load/store size
         Option<(ShiftStyle, u8)>, //(shift type, shift size)
     )> {
-        // We need to re-decode frida-internal capstone values to upstream capstone
-
         let instr = disas_count(&decoder, instr.bytes(), 1)[0];
         // We have to ignore these instructions. Simulating them with their side effects is
         // complex, to say the least.
@@ -2235,7 +2233,6 @@ impl AsanRuntime {
         _address: u64,
         instr: &Insn,
     ) -> Option<(u8, X86Register, X86Register, u8, i32)> {
-        // We need to re-decode frida-internal capstone values to upstream capstone
         let cs_instr = frida_to_cs(decoder, instr);
         let mut operands = vec![];
         for operand_idx in 0..cs_instr.operand_count() {

diff --git a/libafl_frida/src/utils.rs b/libafl_frida/src/utils.rs
@@ -2,7 +2,7 @@
 use frida_gum::instruction_writer::Aarch64Register;
 #[cfg(target_arch = "x86_64")]
 use frida_gum::instruction_writer::X86Register;
-#[cfg(any(target_arch = "x86_64"))]
+#[cfg(target_arch = "x86_64")]
 use frida_gum_sys;
 #[cfg(target_arch = "aarch64")]
 use num_traits::cast::FromPrimitive;
@@ -162,7 +162,6 @@ const X86_64_REGS: [(RegSpec, X86Register); 34] = [
 
 /// The writer registers
 /// frida registers: <https://docs.rs/frida-gum/0.4.0/frida_gum/instruction_writer/enum.X86Register.html>
-/// capstone registers: <https://docs.rs/capstone-sys/0.14.0/capstone_sys/x86_reg/index.html>
 #[cfg(all(target_arch = "x86_64", unix))]
 #[must_use]
 #[inline]
@@ -177,9 +176,8 @@ pub fn writer_register(reg: RegSpec) -> X86Register {
     X86Register::None
 }
 
-/// Translates a frida instruction to a capstone instruction.
-/// Returns a [`capstone::Instructions`] with a single [`capstone::Insn`] inside.
-#[cfg(any(target_arch = "x86_64"))]
+/// Translates a frida instruction to a disassembled instruction.
+#[cfg(target_arch = "x86_64")]
 pub(crate) fn frida_to_cs(decoder: InstDecoder, frida_insn: &frida_gum_sys::Insn) -> Instruction {
     decoder.decode_slice(frida_insn.bytes()).unwrap()
 }