diff options
| author | van Hauser <vh@thc.org> | 2022-08-08 15:27:07 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-08-08 15:27:07 +0200 |
| commit | 3e2986dd78dbc45035b47a34eedd7dd1b9a4d0b3 (patch) | |
| tree | 051a91a2a36a1c768870591634eca83c62e6053c /frida_mode/src/main.c | |
| parent | a2f3c3ee519c19935039d1fe1e8b77cdc32fa375 (diff) | |
| parent | 1f06b55a8b558bd8da0296134c29c21c4849a4bd (diff) | |
| download | afl++-3e2986dd78dbc45035b47a34eedd7dd1b9a4d0b3.tar.gz | |
Merge pull request #1489 from AFLplusplus/dev 4.02c
push to stable
Diffstat (limited to 'frida_mode/src/main.c')
| -rw-r--r-- | frida_mode/src/main.c | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/frida_mode/src/main.c b/frida_mode/src/main.c index 844c42b9..c8c50b37 100644 --- a/frida_mode/src/main.c +++ b/frida_mode/src/main.c @@ -36,6 +36,18 @@ #ifdef __APPLE__ extern mach_port_t mach_task_self(); extern GumAddress gum_darwin_find_entrypoint(mach_port_t task); +#elif defined(__ANDROID__) +typedef struct { + + void (**preinit_array)(void); + void (**init_array)(void); + void (**fini_array)(void); + +} structors_array_t; + +extern void __libc_init(void *raw_args, void (*onexit)(void) __unused, + int (*slingshot)(int, char **, char **), + structors_array_t const *const structors); #else extern int __libc_start_main(int (*main)(int, char **, char **), int argc, char **ubp_av, void (*init)(void), @@ -69,7 +81,11 @@ static void on_main_os(int argc, char **argv, char **envp) { GumInterceptor *interceptor = gum_interceptor_obtain(); gum_interceptor_begin_transaction(interceptor); + #if defined(__ANDROID__) + gum_interceptor_revert(interceptor, __libc_init); + #else gum_interceptor_revert(interceptor, __libc_start_main); + #endif gum_interceptor_end_transaction(interceptor); gum_interceptor_flush(interceptor); @@ -277,6 +293,24 @@ static void intercept_main(void) { } +#elif defined(__ANDROID__) +static void on_libc_init(void *raw_args, void (*onexit)(void) __unused, + int (*slingshot)(int, char **, char **), + structors_array_t const *const structors) { + + main_fn = slingshot; + intercept_unhook_self(); + intercept_hook(slingshot, on_main, NULL); + return __libc_init(raw_args, onexit, slingshot, structors); + +} + +static void intercept_main(void) { + + intercept_hook(__libc_init, on_libc_init, NULL); + +} + #else static int on_libc_start_main(int (*main)(int, char **, char **), int argc, char **ubp_av, void (*init)(void), |