Merge pull request #845 from joeyjiaojg/dev

Dev

5 files changed, 168 insertions, 23 deletions

diff --git a/Android.bp b/Android.bp
index ee076d1e..64794e19 100644
--- a/Android.bp
+++ b/Android.bp
@@ -1,8 +1,5 @@
 cc_defaults {
   name: "afl-defaults",
-  sanitize: {
-    never: true,
-  },
 
   local_include_dirs: [
     "include",
@@ -23,18 +20,45 @@ cc_defaults {
     "-DBIN_PATH=\"out/host/linux-x86/bin\"",
     "-DDOC_PATH=\"out/host/linux-x86/shared/doc/afl\"",
     "-D__USE_GNU",
-    "-D__aarch64__",
     "-DDEBUG_BUILD",
     "-U_FORTIFY_SOURCE",
     "-ggdb3",
     "-g",
     "-O0",
     "-fno-omit-frame-pointer",
+    "-fPIC",
   ],
+
+  target: {
+    android_arm64: {
+      cflags: [
+        "-D__aarch64__",
+        "-D__ANDROID__",
+      ],
+    },
+    android_arm: {
+      cflags: [
+        "-D__ANDROID__",
+      ],
+    },
+    android_x86_64: {
+      cflags: [
+        "-D__ANDROID__",
+      ],
+    },
+    android_x86: {
+      cflags: [
+        "-D__ANDROID__",
+      ],
+    },
+  },
 }
 
 cc_binary {
   name: "afl-fuzz",
+  sanitize: {
+    never: true,
+  },
   host_supported: true,
   compile_multilib: "64",
 
@@ -128,7 +152,6 @@ cc_binary_host {
   ],
 
   cflags: [
-    "-D__ANDROID__",
     "-DAFL_PATH=\"out/host/linux-x86/lib64\"",
     "-DAFL_CLANG_FLTO=\"-flto=full\"",
     "-DUSE_BINDIR=1",
@@ -199,6 +222,7 @@ cc_library_headers {
 
   export_include_dirs: [
     "include",
+    "instrumentation",
   ],
 }
 
@@ -268,6 +292,116 @@ cc_binary {
   ],
 }
 
+cc_binary {
+  name: "afl-fuzz-32",
+  sanitize: {
+    never: true,
+  },
+  host_supported: true,
+  compile_multilib: "32",
+
+  defaults: [
+    "afl-defaults",
+  ],
+
+  srcs: [
+    "src/afl-fuzz*.c",
+    "src/afl-common.c",
+    "src/afl-sharedmem.c",
+    "src/afl-forkserver.c",
+    "src/afl-performance.c",
+  ],
+}
+
+cc_binary_host {
+  name: "afl-cc-32",
+  compile_multilib: "32",
+  static_executable: true,
+
+  defaults: [
+    "afl-defaults",
+  ],
+
+  cflags: [
+    "-DAFL_PATH=\"out/host/linux-x86/lib64\"",
+    "-DAFL_CLANG_FLTO=\"-flto=full\"",
+    "-DUSE_BINDIR=1",
+    "-DLLVM_BINDIR=\"prebuilts/clang/host/linux-x86/clang-r383902b/bin\"",
+    "-DLLVM_LIBDIR=\"prebuilts/clang/host/linux-x86/clang-r383902b/lib64\"",
+    "-DCLANGPP_BIN=\"prebuilts/clang/host/linux-x86/clang-r383902b/bin/clang++\"",
+    "-DAFL_REAL_LD=\"prebuilts/clang/host/linux-x86/clang-r383902b/bin/ld.lld\"",
+    "-DLLVM_LTO=1",
+    "-DLLVM_MAJOR=11",
+    "-DLLVM_MINOR=2",
+  ],
+
+  srcs: [
+    "src/afl-cc.c",
+    "src/afl-common.c",
+  ],
+
+  symlinks: [
+    "afl-clang-fast-32",
+    "afl-clang-fast++-32",
+  ],
+}
+
+cc_library_static {
+  name: "afl-llvm-rt-32",
+  compile_multilib: "32",
+  vendor_available: true,
+  host_supported: true,
+  recovery_available: true,
+  sdk_version: "9",
+
+  apex_available: [
+    "com.android.adbd",
+    "com.android.appsearch",
+    "com.android.art",
+    "com.android.bluetooth.updatable",
+    "com.android.cellbroadcast",
+    "com.android.conscrypt",
+    "com.android.extservices",
+    "com.android.cronet",
+    "com.android.neuralnetworks",
+    "com.android.media",
+    "com.android.media.swcodec",
+    "com.android.mediaprovider",
+    "com.android.permission",
+    "com.android.runtime",
+    "com.android.resolv",
+    "com.android.tethering",
+    "com.android.wifi",
+    "com.android.sdkext",
+    "com.android.os.statsd",
+    "//any",
+  ],
+
+  defaults: [
+    "afl-defaults",
+  ],
+
+  srcs: [
+    "instrumentation/afl-compiler-rt.o.c",
+  ],
+}
+
+cc_prebuilt_library_static {
+  name: "libfrida-gum-32",
+  compile_multilib: "32",
+  strip: {
+    none: true,
+  },
+
+  srcs: [
+    "utils/afl_frida/android/arm/libfrida-gum.a",
+  ],
+
+  export_include_dirs: [
+    "utils/afl_frida/android/arm",
+  ],
+}
+
 subdirs = [
   "custom_mutators",
 ]
diff --git a/custom_mutators/Android.bp b/custom_mutators/Android.bp
index 89abc3e9..5c7e06e3 100644
--- a/custom_mutators/Android.bp
+++ b/custom_mutators/Android.bp
@@ -10,6 +10,8 @@ cc_library_shared {
     "-fPIC",
     "-fpermissive",
     "-std=c++11",
+    "-Wno-unused-parameter",
+    "-Wno-unused-variable",
   ],
 
   srcs: [
@@ -77,6 +79,8 @@ cc_library_shared {
     "-O0",
     "-funroll-loops",
     "-fPIC",
+    "-Wno-unused-parameter",
+    "-Wno-unused-function",
   ],
 
   srcs: [
@@ -99,6 +103,8 @@ cc_library_shared {
     "-O0",
     "-funroll-loops",
     "-fPIC",
+    "-Wno-unused-parameter",
+    "-Wno-pointer-sign",
   ],
 
   srcs: [
diff --git a/custom_mutators/libprotobuf-mutator-example/Android.bp b/custom_mutators/libprotobuf-mutator-example/Android.bp
index 01f1c23e..4f579735 100644
--- a/custom_mutators/libprotobuf-mutator-example/Android.bp
+++ b/custom_mutators/libprotobuf-mutator-example/Android.bp
@@ -8,6 +8,7 @@ cc_library_shared {
     "-O0",
     "-fPIC",
     "-Wall",
+    "-Wno-unused-parameter",
   ],
 
   srcs: [
@@ -29,4 +30,9 @@ cc_binary {
   srcs: [
     "vuln.c",
   ],
+
+  cflags: [
+    "-Wno-unused-result",
+    "-Wno-unused-parameter",
+  ],
 }
diff --git a/include/android-ashmem.h b/include/android-ashmem.h
index 91699b27..44fe556a 100644
--- a/include/android-ashmem.h
+++ b/include/android-ashmem.h
@@ -2,32 +2,31 @@
   #ifndef _ANDROID_ASHMEM_H
     #define _ANDROID_ASHMEM_H
 
+    #define _GNU_SOURCE
+    #include <sys/syscall.h>
+    #include <unistd.h>
     #include <fcntl.h>
     #include <linux/ashmem.h>
     #include <sys/ioctl.h>
     #include <sys/mman.h>
-
-    #if __ANDROID_API__ >= 26
-      #define shmat bionic_shmat
-      #define shmctl bionic_shmctl
-      #define shmdt bionic_shmdt
-      #define shmget bionic_shmget
-    #endif
     #include <sys/shm.h>
-    #undef shmat
-    #undef shmctl
-    #undef shmdt
-    #undef shmget
     #include <stdio.h>
-
     #define ASHMEM_DEVICE "/dev/ashmem"
 
+int shmdt(const void* address) {
+#if defined(SYS_shmdt)
+  return syscall(SYS_shmdt, address);
+#else
+  return syscall(SYS_ipc, SHMDT, 0, 0, 0, address, 0);
+#endif
+}
+
 int shmctl(int __shmid, int __cmd, struct shmid_ds *__buf) {
 
   int ret = 0;
   if (__cmd == IPC_RMID) {
 
-    int               length = ioctl(__shmid, ASHMEM_GET_SIZE, NULL);
+    int length = ioctl(__shmid, ASHMEM_GET_SIZE, NULL);
     struct ashmem_pin pin = {0, length};
     ret = ioctl(__shmid, ASHMEM_UNPIN, &pin);
     close(__shmid);
@@ -78,6 +77,6 @@ void *shmat(int __shmid, const void *__shmaddr, int __shmflg) {
 
 }
 
-  #endif                                              /* !_ANDROID_ASHMEM_H */
-#endif                                                      /* !__ANDROID__ */
+  #endif /* !_ANDROID_ASHMEM_H */
+#endif /* !__ANDROID__ */
 
diff --git a/src/afl-cc.c b/src/afl-cc.c
index 1b4edbb9..3f75c549 100644
--- a/src/afl-cc.c
+++ b/src/afl-cc.c
@@ -587,9 +587,9 @@ static void edit_params(u32 argc, char **argv, char **envp) {
       if (instrument_mode == INSTRUMENT_PCGUARD) {
 
 #if LLVM_MAJOR > 10 || (LLVM_MAJOR == 10 && LLVM_MINOR > 0)
-  #ifdef __ANDROID__
+  #if defined __ANDROID__ || ANDROID
         cc_params[cc_par_cnt++] = "-fsanitize-coverage=trace-pc-guard";
-        instrument_mode != INSTRUMENT_LLVMNATIVE;
+        instrument_mode = INSTRUMENT_LLVMNATIVE;
   #else
         if (have_instr_list) {
 
@@ -1995,7 +1995,7 @@ int main(int argc, char **argv, char **envp) {
   if (!be_quiet && cmplog_mode)
     printf("CmpLog mode by <andreafioraldi@gmail.com>\n");
 
-#ifndef __ANDROID__
+#if !defined(__ANDROID__) && !defined(ANDROID)
   ptr = find_object("afl-compiler-rt.o", argv[0]);
 
   if (!ptr) {