diff options
| author | Your Name <you@example.com> | 2022-10-11 18:15:51 +0100 |
|---|---|---|
| committer | Your Name <you@example.com> | 2022-10-11 18:15:51 +0100 |
| commit | fac6491ad0bbaee078352990eeb708d82aa412e3 (patch) | |
| tree | 5a100fdcdd4df1041f1ab647086c8411b547757d | |
| parent | 4bb4d6ebfdbbdc1ceb6ebf66474180a5e9020ed3 (diff) | |
| download | afl++-fac6491ad0bbaee078352990eeb708d82aa412e3.tar.gz | |
Bump FRIDA version
| -rw-r--r-- | frida_mode/GNUmakefile | 5 | ||||
| -rw-r--r-- | frida_mode/src/ctx/ctx_arm32.c | 2 | ||||
| -rw-r--r-- | frida_mode/src/instrument/instrument_arm32.c | 9 | ||||
| -rw-r--r-- | frida_mode/src/instrument/instrument_arm64.c | 29 | ||||
| -rw-r--r-- | frida_mode/src/prefetch.c | 1 | ||||
| -rw-r--r-- | frida_mode/src/stats/stats_arm32.c | 1 |
6 files changed, 34 insertions, 13 deletions
diff --git a/frida_mode/GNUmakefile b/frida_mode/GNUmakefile index 39c96d5b..5cd01ffd 100644 --- a/frida_mode/GNUmakefile +++ b/frida_mode/GNUmakefile @@ -57,7 +57,8 @@ ifdef DEBUG CFLAGS+=-Werror \ -Wall \ -Wextra \ - -Wpointer-arith + -Wpointer-arith \ + -Wno-unknown-pragmas else CFLAGS+=-Wno-pointer-arith endif @@ -142,7 +143,7 @@ ifndef OS $(error "Operating system unsupported") endif -GUM_DEVKIT_VERSION=15.2.1 +GUM_DEVKIT_VERSION=15.2.2 GUM_DEVKIT_FILENAME=frida-gumjs-devkit-$(GUM_DEVKIT_VERSION)-$(OS)-$(ARCH).tar.xz GUM_DEVKIT_URL="https://github.com/frida/frida/releases/download/$(GUM_DEVKIT_VERSION)/$(GUM_DEVKIT_FILENAME)" diff --git a/frida_mode/src/ctx/ctx_arm32.c b/frida_mode/src/ctx/ctx_arm32.c index 28fc706b..0e5b25a4 100644 --- a/frida_mode/src/ctx/ctx_arm32.c +++ b/frida_mode/src/ctx/ctx_arm32.c @@ -7,6 +7,8 @@ gsize ctx_read_reg(GumArmCpuContext *ctx, arm_reg reg) { + UNUSED_PARAMETER(ctx); + UNUSED_PARAMETER(reg); FFATAL("ctx_read_reg unimplemented for this architecture"); } diff --git a/frida_mode/src/instrument/instrument_arm32.c b/frida_mode/src/instrument/instrument_arm32.c index 5b6ddf09..44e37e11 100644 --- a/frida_mode/src/instrument/instrument_arm32.c +++ b/frida_mode/src/instrument/instrument_arm32.c @@ -137,8 +137,8 @@ gboolean instrument_is_coverage_optimize_supported(void) { static void instrument_coverage_switch(GumStalkerObserver *self, gpointer from_address, gpointer start_address, - const cs_insn * from_insn, - gpointer * target) { + void *from_insn, + gpointer *target) { UNUSED_PARAMETER(self); UNUSED_PARAMETER(from_address); UNUSED_PARAMETER(start_address); @@ -148,7 +148,7 @@ static void instrument_coverage_switch(GumStalkerObserver *self, return; } - *target += G_STRUCT_OFFSET(afl_log_code_asm_t, str_r0_sp_rz); + *target = (guint8 *)*target + G_STRUCT_OFFSET(afl_log_code_asm_t, str_r0_sp_rz); } static void instrument_coverage_suppress_init(void) { @@ -184,12 +184,9 @@ void instrument_coverage_optimize(const cs_insn *instr, guint64 area_offset = instrument_get_offset_hash(GUM_ADDRESS(instr->address)); gsize map_size_pow2; gsize area_offset_ror; - GumAddress code_addr = 0; instrument_coverage_suppress_init(); - code_addr = cw->pc; - block_start = GSIZE_TO_POINTER(GUM_ADDRESS(cw->code)); if (!g_hash_table_add(coverage_blocks, block_start)) { diff --git a/frida_mode/src/instrument/instrument_arm64.c b/frida_mode/src/instrument/instrument_arm64.c index 87811b38..fe70a8bb 100644 --- a/frida_mode/src/instrument/instrument_arm64.c +++ b/frida_mode/src/instrument/instrument_arm64.c @@ -156,26 +156,47 @@ static gboolean instrument_is_deterministic(const cs_insn *from_insn) { } +cs_insn * +instrument_disassemble (gconstpointer address) +{ + csh capstone; + cs_insn * insn = NULL; + + cs_open (CS_ARCH_ARM64, GUM_DEFAULT_CS_ENDIAN, &capstone); + cs_option (capstone, CS_OPT_DETAIL, CS_OPT_ON); + + cs_disasm (capstone, address, 16, GPOINTER_TO_SIZE (address), 1, &insn); + + cs_close (&capstone); + + return insn; +} + static void instrument_coverage_switch(GumStalkerObserver *self, gpointer from_address, gpointer start_address, - const cs_insn *from_insn, + void *from_insn, gpointer *target) { UNUSED_PARAMETER(self); UNUSED_PARAMETER(from_address); UNUSED_PARAMETER(start_address); + cs_insn * insn = NULL; + gboolean deterministic = FALSE; gsize fixup_offset; if (!g_hash_table_contains(coverage_blocks, GSIZE_TO_POINTER(*target)) && - !g_hash_table_contains(coverage_blocks, GSIZE_TO_POINTER(*target + 4))) { + !g_hash_table_contains(coverage_blocks, GSIZE_TO_POINTER((guint8 *)*target + 4))) { return; } - if (instrument_is_deterministic(from_insn)) { return; } + insn = instrument_disassemble (from_insn); + deterministic = instrument_is_deterministic(insn); + cs_free (insn, 1); + if (deterministic) { return; } /* * Since each block is prefixed with a restoration prologue, we need to be @@ -208,7 +229,7 @@ static void instrument_coverage_switch(GumStalkerObserver *self, */ fixup_offset = GUM_RESTORATION_PROLOG_SIZE + G_STRUCT_OFFSET(afl_log_code_asm_t, restoration_prolog); - *target += fixup_offset; + *target = (guint8 *)*target + fixup_offset; } diff --git a/frida_mode/src/prefetch.c b/frida_mode/src/prefetch.c index 905e0ae9..f093cd53 100644 --- a/frida_mode/src/prefetch.c +++ b/frida_mode/src/prefetch.c @@ -29,7 +29,6 @@ gboolean prefetch_enable = TRUE; gboolean prefetch_backpatch = TRUE; static prefetch_data_t *prefetch_data = NULL; -static int prefetch_shm_id = -1; static GHashTable *cant_prefetch = NULL; diff --git a/frida_mode/src/stats/stats_arm32.c b/frida_mode/src/stats/stats_arm32.c index bd652aa3..6c72a476 100644 --- a/frida_mode/src/stats/stats_arm32.c +++ b/frida_mode/src/stats/stats_arm32.c @@ -13,6 +13,7 @@ void starts_arch_init(void) { void stats_write_arch(stats_data_t *data) { + UNUSED_PARAMETER(data); FFATAL("Stats not supported on this architecture"); } |