Merge pull request #1164 from WorksButNotTested/fix

Fix

8 files changed, 91 insertions, 14 deletions

diff --git a/frida_mode/src/asan/asan.c b/frida_mode/src/asan/asan.c
index d649bd76..fae1d655 100644
--- a/frida_mode/src/asan/asan.c
+++ b/frida_mode/src/asan/asan.c
@@ -1,6 +1,7 @@
 #include "frida-gumjs.h"
 
 #include "asan.h"
+#include "ranges.h"
 #include "util.h"
 
 static gboolean asan_enabled = FALSE;
@@ -32,3 +33,34 @@ void asan_init(void) {
 
 }
 
+gboolean asan_exclude_range(const GumRangeDetails *details,
+                            gpointer               user_data) {
+
+  UNUSED_PARAMETER(user_data);
+
+  FOKF("Exclude ASAN: 0x%016lx-0x%016lx", details->range->base_address,
+       details->range->base_address + details->range->size);
+
+  ranges_add_exclude((GumMemoryRange *)details->range);
+
+}
+
+static gboolean asan_exclude_module(const GumModuleDetails *details,
+                                    gpointer                user_data) {
+
+  gchar *    symbol_name = (gchar *)user_data;
+  GumAddress address;
+
+  address = gum_module_find_export_by_name(details->name, symbol_name);
+  if (address == 0) { return TRUE; }
+
+  gum_process_enumerate_ranges(GUM_PAGE_NO_ACCESS, asan_exclude_range, NULL);
+
+}
+
+void asan_exclude_module_by_symbol(gchar *symbol_name) {
+
+  gum_process_enumerate_modules(asan_exclude_module, "__asan_loadN");
+
+}
+
diff --git a/frida_mode/src/asan/asan_arm64.c b/frida_mode/src/asan/asan_arm64.c
index 88c76535..b2adfa52 100644
--- a/frida_mode/src/asan/asan_arm64.c
+++ b/frida_mode/src/asan/asan_arm64.c
@@ -88,6 +88,8 @@ void asan_arch_init(void) {
 
   }
 
+  asan_exclude_module_by_symbol("__asan_loadN");
+
 }
 
 #endif
diff --git a/frida_mode/src/asan/asan_x64.c b/frida_mode/src/asan/asan_x64.c
index c7b70967..a287ea34 100644
--- a/frida_mode/src/asan/asan_x64.c
+++ b/frida_mode/src/asan/asan_x64.c
@@ -85,6 +85,8 @@ void asan_arch_init(void) {
 
   }
 
+  asan_exclude_module_by_symbol("__asan_loadN");
+
 }
 
 #endif
diff --git a/frida_mode/src/asan/asan_x86.c b/frida_mode/src/asan/asan_x86.c
index afc89936..331d026b 100644
--- a/frida_mode/src/asan/asan_x86.c
+++ b/frida_mode/src/asan/asan_x86.c
@@ -85,6 +85,8 @@ void asan_arch_init(void) {
 
   }
 
+  asan_exclude_module_by_symbol("__asan_loadN");
+
 }
 
 #endif
diff --git a/frida_mode/src/cmplog/cmplog.c b/frida_mode/src/cmplog/cmplog.c
index 81e1a4b0..443baa1d 100644
--- a/frida_mode/src/cmplog/cmplog.c
+++ b/frida_mode/src/cmplog/cmplog.c
@@ -33,8 +33,22 @@ static gboolean cmplog_range(const GumRangeDetails *details,
 
 static gint cmplog_sort(gconstpointer a, gconstpointer b) {
 
-  return ((GumMemoryRange *)b)->base_address -
-         ((GumMemoryRange *)a)->base_address;
+  GumMemoryRange *ra = (GumMemoryRange *)a;
+  GumMemoryRange *rb = (GumMemoryRange *)b;
+
+  if (ra->base_address < rb->base_address) {
+
+    return -1;
+
+  } else if (ra->base_address > rb->base_address) {
+
+    return 1;
+
+  } else {
+
+    return 0;
+
+  }
 
 }
 
diff --git a/frida_mode/src/js/js_api.c b/frida_mode/src/js/js_api.c
index 102423d9..4221fb80 100644
--- a/frida_mode/src/js/js_api.c
+++ b/frida_mode/src/js/js_api.c
@@ -11,6 +11,10 @@
 #include "stats.h"
 #include "util.h"
 
+typedef uint8_t u8;
+
+extern void __afl_set_persistent_mode(u8 mode);
+
 __attribute__((visibility("default"))) void js_api_done() {
 
   js_done = TRUE;
@@ -47,13 +51,7 @@ __attribute__((visibility("default"))) void js_api_set_persistent_address(
 
   persistent_start = GPOINTER_TO_SIZE(address);
 
-  if (getenv("__AFL_PERSISTENT") == NULL) {
-
-    FATAL(
-        "You must set __AFL_PERSISTENT manually if using persistent mode "
-        "configured using JS");
-
-  }
+  __afl_set_persistent_mode(1);
 
 }
 
diff --git a/frida_mode/src/ranges.c b/frida_mode/src/ranges.c
index 027417ee..9844c74c 100644
--- a/frida_mode/src/ranges.c
+++ b/frida_mode/src/ranges.c
@@ -166,8 +166,22 @@ static void convert_token(gchar *token, GumMemoryRange *range) {
 
 gint range_sort(gconstpointer a, gconstpointer b) {
 
-  return ((GumMemoryRange *)a)->base_address -
-         ((GumMemoryRange *)b)->base_address;
+  GumMemoryRange *ra = (GumMemoryRange *)a;
+  GumMemoryRange *rb = (GumMemoryRange *)b;
+
+  if (ra->base_address < rb->base_address) {
+
+    return -1;
+
+  } else if (ra->base_address > rb->base_address) {
+
+    return 1;
+
+  } else {
+
+    return 0;
+
+  }
 
 }
 
@@ -249,7 +263,7 @@ static void check_for_overlaps(GArray *array) {
     GumAddress      curr_limit = curr->base_address + curr->size;
     if (prev_limit > curr->base_address) {
 
-      FFATAL("OVerlapping ranges 0x%016" G_GINT64_MODIFIER
+      FFATAL("Overlapping ranges 0x%016" G_GINT64_MODIFIER
              "x-0x%016" G_GINT64_MODIFIER "x 0x%016" G_GINT64_MODIFIER
              "x-0x%016" G_GINT64_MODIFIER "x",
              prev->base_address, prev_limit, curr->base_address, curr_limit);
diff --git a/frida_mode/src/stalker.c b/frida_mode/src/stalker.c
index 65ed5d50..b4dd5a47 100644
--- a/frida_mode/src/stalker.c
+++ b/frida_mode/src/stalker.c
@@ -111,10 +111,23 @@ void stalker_init(void) {
   }
 
 #endif
-
   if (stalker_ic_entries == 0) { stalker_ic_entries = 32; }
 
-  if (stalker_adjacent_blocks == 0) { stalker_adjacent_blocks = 32; }
+  if (instrument_coverage_filename == NULL) {
+
+    if (stalker_adjacent_blocks == 0) { stalker_adjacent_blocks = 32; }
+
+  } else {
+
+    if (stalker_adjacent_blocks != 0) {
+
+      FFATAL(
+          "AFL_FRIDA_STALKER_ADJACENT_BLOCKS and AFL_FRIDA_INST_COVERAGE_FILE "
+          "are incompatible");
+
+    }
+
+  }
 
 #if defined(__x86_64__) || defined(__i386__)
   stalker = g_object_new(GUM_TYPE_STALKER, "ic-entries", stalker_ic_entries,