Merge pull request #1101 from AFLplusplus/dev

Dev
author: van Hauser <vh@thc.org> 2021-12-09 11:55:36 +0100
committer: GitHub <noreply@github.com> 2021-12-09 11:55:36 +0100
commit: 08ca4d54a55fe73e64a994c41a12af61f52e497e (patch)
tree: 2d0f060cf98afbe80f5bf810fd6b167a5152be81 /frida_mode/include
parent: 773baf9391ff5f1793deb7968366819e7fa07adc (diff)
parent: 4c6d94ea5f854071277ed9729de2d4ef7d07cc84 (diff)
download: afl++-08ca4d54a55fe73e64a994c41a12af61f52e497e.tar.gz
8 files changed, 142 insertions, 17 deletions
diff --git a/frida_mode/include/asan.h b/frida_mode/include/asan.h
index 67d33591..6745eb02 100644
--- a/frida_mode/include/asan.h
+++ b/frida_mode/include/asan.h
@@ -9,6 +9,7 @@ void asan_config(void);
 void asan_init(void);
 void asan_arch_init(void);
 void asan_instrument(const cs_insn *instr, GumStalkerIterator *iterator);
+void asan_exclude_module_by_symbol(gchar *symbol_name);
 
 #endif
 
diff --git a/frida_mode/include/entry.h b/frida_mode/include/entry.h
index 3f0a4ecc..edc41467 100644
--- a/frida_mode/include/entry.h
+++ b/frida_mode/include/entry.h
@@ -4,6 +4,7 @@
 #include "frida-gumjs.h"
 
 extern guint64  entry_point;
+extern gboolean traceable;
 extern gboolean entry_compiled;
 extern gboolean entry_run;
 
@@ -15,5 +16,7 @@ void entry_start(void);
 
 void entry_prologue(GumStalkerIterator *iterator, GumStalkerOutput *output);
 
+void entry_on_fork(void);
+
 #endif
 
diff --git a/frida_mode/include/instrument.h b/frida_mode/include/instrument.h
index 909b2a2c..a5d52616 100644
--- a/frida_mode/include/instrument.h
+++ b/frida_mode/include/instrument.h
@@ -29,13 +29,15 @@ GumStalkerTransformer *instrument_get_transformer(void);
 /* Functions to be implemented by the different architectures */
 gboolean instrument_is_coverage_optimize_supported(void);
 
+void instrument_coverage_optimize_init(void);
 void instrument_coverage_optimize(const cs_insn *   instr,
                                   GumStalkerOutput *output);
 
 void     instrument_debug_config(void);
 void     instrument_debug_init(void);
 void     instrument_debug_start(uint64_t address, GumStalkerOutput *output);
-void     instrument_debug_instruction(uint64_t address, uint16_t size);
+void     instrument_debug_instruction(uint64_t address, uint16_t size,
+                                      GumStalkerOutput *output);
 void     instrument_debug_end(GumStalkerOutput *output);
 void     instrument_flush(GumStalkerOutput *output);
 gpointer instrument_cur(GumStalkerOutput *output);
diff --git a/frida_mode/include/js.h b/frida_mode/include/js.h
index a5ecb712..39aa0573 100644
--- a/frida_mode/include/js.h
+++ b/frida_mode/include/js.h
@@ -7,11 +7,14 @@ typedef gboolean (*js_api_stalker_callback_t)(const cs_insn *insn,
                                               gboolean begin, gboolean excluded,
                                               GumStalkerOutput *output);
 
+typedef int (*js_main_hook_t)(int argc, char **argv, char **envp);
+
 extern unsigned char api_js[];
 extern unsigned int  api_js_len;
 
 extern gboolean                  js_done;
 extern js_api_stalker_callback_t js_user_callback;
+extern js_main_hook_t            js_main_hook;
 
 /* Frida Mode */
 
diff --git a/frida_mode/include/ranges.h b/frida_mode/include/ranges.h
index 0220a59d..3bd9eaa6 100644
--- a/frida_mode/include/ranges.h
+++ b/frida_mode/include/ranges.h
@@ -10,6 +10,8 @@ extern gboolean ranges_inst_jit;
 void ranges_config(void);
 void ranges_init(void);
 
+void ranges_print_debug_maps(void);
+
 gboolean range_is_excluded(GumAddress address);
 
 void ranges_exclude();
diff --git a/frida_mode/include/seccomp.h b/frida_mode/include/seccomp.h
index 2c037ff7..7e8a7d25 100644
--- a/frida_mode/include/seccomp.h
+++ b/frida_mode/include/seccomp.h
@@ -1,15 +1,95 @@
 #ifndef _SECCOMP_H
 #define _SECCOMP_H
 
-#include <linux/seccomp.h>
+#ifndef __APPLE__
 
-#include "frida-gumjs.h"
+  #include <stdint.h>
+  #include <linux/filter.h>
 
-#define SECCOMP_SOCKET_SEND_FD 0x1D3
-#define SECCOMP_SOCKET_RECV_FD 0x1D4
+  #include "frida-gumjs.h"
 
-#define SECCOMP_OUTPUT_FILE_FD 0x1D5
-#define SECCOMP_PARENT_EVENT_FD 0x1D6
+  /******************************************************************************/
+  #define PR_SET_NO_NEW_PRIVS 38
+
+  #define SECCOMP_SET_MODE_STRICT 0
+  #define SECCOMP_SET_MODE_FILTER 1
+  #define SECCOMP_GET_ACTION_AVAIL 2
+  #define SECCOMP_GET_NOTIF_SIZES 3
+
+  #define SECCOMP_IOC_MAGIC '!'
+  #define SECCOMP_IO(nr) _IO(SECCOMP_IOC_MAGIC, nr)
+  #define SECCOMP_IOR(nr, type) _IOR(SECCOMP_IOC_MAGIC, nr, type)
+  #define SECCOMP_IOW(nr, type) _IOW(SECCOMP_IOC_MAGIC, nr, type)
+  #define SECCOMP_IOWR(nr, type) _IOWR(SECCOMP_IOC_MAGIC, nr, type)
+
+  /* Flags for seccomp notification fd ioctl. */
+  #define SECCOMP_IOCTL_NOTIF_RECV SECCOMP_IOWR(0, struct seccomp_notif)
+  #define SECCOMP_IOCTL_NOTIF_SEND SECCOMP_IOWR(1, struct seccomp_notif_resp)
+  #define SECCOMP_IOCTL_NOTIF_ID_VALID SECCOMP_IOW(2, __u64)
+
+  #define SECCOMP_FILTER_FLAG_NEW_LISTENER (1UL << 3)
+  #define SECCOMP_RET_ALLOW 0x7fff0000U
+  #define SECCOMP_RET_USER_NOTIF 0x7fc00000U
+
+  #define SYS_seccomp __NR_seccomp
+  #ifndef __NR_seccomp
+    #if defined(__arm__)
+      #define __NR_seccomp 383
+    #elif defined(__aarch64__)
+      #define __NR_seccomp 277
+    #elif defined(__x86_64__)
+      #define __NR_seccomp 317
+    #elif defined(__i386__)
+      #define __NR_seccomp 354
+    #else
+      #pragma error "Unsupported architecture"
+    #endif
+  #endif
+
+  #define SECCOMP_USER_NOTIF_FLAG_CONTINUE (1UL << 0)
+
+struct seccomp_notif_resp {
+
+  __u64 id;
+  __s64 val;
+  __s32 error;
+  __u32 flags;
+
+};
+
+struct seccomp_data {
+
+  int   nr;
+  __u32 arch;
+  __u64 instruction_pointer;
+  __u64 args[6];
+
+};
+
+struct seccomp_notif {
+
+  __u64               id;
+  __u32               pid;
+  __u32               flags;
+  struct seccomp_data data;
+
+};
+
+struct seccomp_notif_sizes {
+
+  __u16 seccomp_notif;
+  __u16 seccomp_notif_resp;
+  __u16 seccomp_data;
+
+};
+
+  /******************************************************************************/
+
+  #define SECCOMP_SOCKET_SEND_FD 0x1D3
+  #define SECCOMP_SOCKET_RECV_FD 0x1D4
+
+  #define SECCOMP_OUTPUT_FILE_FD 0x1D5
+  #define SECCOMP_PARENT_EVENT_FD 0x1D6
 
 enum {
 
@@ -319,23 +399,19 @@ enum {
 
 };
 
-extern char *seccomp_filename;
-
 typedef void (*seccomp_child_func_t)(int event_fd, void *ctx);
 
 typedef void (*seccomp_filter_callback_t)(struct seccomp_notif *     req,
                                           struct seccomp_notif_resp *resp,
                                           GumReturnAddressArray *    frames);
 
-void seccomp_config(void);
-void seccomp_init(void);
-void seccomp_on_fork(void);
-void seccomp_print(char *format, ...);
-
 void seccomp_atomic_set(volatile bool *ptr, bool val);
 bool seccomp_atomic_try_set(volatile bool *ptr, bool val);
 void seccomp_atomic_wait(volatile bool *ptr, bool val);
 
+void seccomp_callback_parent(void);
+void seccomp_callback_initialize(void);
+
 void seccomp_child_run(seccomp_child_func_t child_func, void *ctx, pid_t *child,
                        int *event_fd);
 void seccomp_child_wait(int event_fd);
@@ -349,6 +425,8 @@ int  seccomp_filter_install(pid_t child);
 void seccomp_filter_child_install(void);
 void seccomp_filter_run(int fd, seccomp_filter_callback_t callback);
 
+void seccomp_print(char *format, ...);
+
 void seccomp_socket_create(int *sock);
 void seccomp_socket_send(int sockfd, int fd);
 int  seccomp_socket_recv(int sockfd);
@@ -356,4 +434,11 @@ int  seccomp_socket_recv(int sockfd);
 char *seccomp_syscall_lookup(int id);
 
 #endif
+extern char *seccomp_filename;
+
+void seccomp_config(void);
+void seccomp_init(void);
+void seccomp_on_fork(void);
+
+#endif
 
diff --git a/frida_mode/include/stalker.h b/frida_mode/include/stalker.h
index 955f3913..666787e9 100644
--- a/frida_mode/include/stalker.h
+++ b/frida_mode/include/stalker.h
@@ -3,7 +3,9 @@
 
 #include "frida-gumjs.h"
 
-extern guint stalker_ic_entries;
+extern guint    stalker_ic_entries;
+extern gboolean backpatch_enable;
+extern guint    stalker_adjacent_blocks;
 
 void        stalker_config(void);
 void        stalker_init(void);
diff --git a/frida_mode/include/util.h b/frida_mode/include/util.h
index 525e9d40..4dc05f20 100644
--- a/frida_mode/include/util.h
+++ b/frida_mode/include/util.h
@@ -3,12 +3,39 @@
 
 #include "frida-gumjs.h"
 
+#include "debug.h"
+
 #define UNUSED_PARAMETER(x) (void)(x)
 #define IGNORED_RETURN(x) (void)!(x)
 
-guint64 util_read_address(char *key);
+guint64  util_read_address(char *key, guint64 default_value);
+guint64  util_read_num(char *key, guint64 default_value);
+gboolean util_output_enabled(void);
+gsize    util_rotate(gsize val, gsize shift, gsize size);
+gsize    util_log2(gsize val);
+
+#define FOKF(x...)                         \
+  do {                                     \
+                                           \
+    if (!util_output_enabled()) { break; } \
+                                           \
+    OKF(x);                                \
+                                           \
+  } while (0)
+
+#define FWARNF(x...) \
+  do {               \
+                     \
+    WARNF(x);        \
+                     \
+  } while (0)
 
-guint64 util_read_num(char *key);
+#define FFATAL(x...) \
+  do {               \
+                     \
+    FATAL(x);        \
+                     \
+  } while (0)
 
 #endif
author	van Hauser <vh@thc.org>	2021-12-09 11:55:36 +0100
committer	GitHub <noreply@github.com>	2021-12-09 11:55:36 +0100
commit	08ca4d54a55fe73e64a994c41a12af61f52e497e (patch)
tree	2d0f060cf98afbe80f5bf810fd6b167a5152be81 /frida_mode/include
parent	773baf9391ff5f1793deb7968366819e7fa07adc (diff)
parent	4c6d94ea5f854071277ed9729de2d4ef7d07cc84 (diff)
download	afl++-08ca4d54a55fe73e64a994c41a12af61f52e497e.tar.gz