diff options
Diffstat (limited to 'frida_mode/src/instrument')
| -rw-r--r-- | frida_mode/src/instrument/instrument.c | 5 | ||||
| -rw-r--r-- | frida_mode/src/instrument/instrument_debug.c | 88 |
2 files changed, 50 insertions, 43 deletions
diff --git a/frida_mode/src/instrument/instrument.c b/frida_mode/src/instrument/instrument.c index c4f18797..cd1ac0be 100644 --- a/frida_mode/src/instrument/instrument.c +++ b/frida_mode/src/instrument/instrument.c @@ -13,6 +13,7 @@ #include "prefetch.h" #include "ranges.h" #include "stalker.h" +#include "stats.h" #include "util.h" static gboolean tracing = false; @@ -113,6 +114,9 @@ static void instr_basic_block(GumStalkerIterator *iterator, * fork-server and thus start executing in the child. */ excluded = range_is_excluded(GSIZE_TO_POINTER(instr->address)); + + stats_collect(instr, begin); + if (unlikely(begin)) { instrument_debug_start(instr->address, output); @@ -180,6 +184,7 @@ void instrument_init(void) { transformer = gum_stalker_transformer_make_from_callback(instr_basic_block, NULL, NULL); + instrument_debug_init(); asan_init(); cmplog_init(); diff --git a/frida_mode/src/instrument/instrument_debug.c b/frida_mode/src/instrument/instrument_debug.c index 3a554ad0..124843d8 100644 --- a/frida_mode/src/instrument/instrument_debug.c +++ b/frida_mode/src/instrument/instrument_debug.c @@ -1,26 +1,34 @@ +#include <fcntl.h> #include <stdarg.h> #include <stdio.h> #include <unistd.h> #include "frida-gum.h" -#include "util.h" +#include "debug.h" -#ifdef FRIDA_DEBUG +#include "util.h" +static int debugging_fd = -1; static gpointer instrument_gen_start = NULL; static void instrument_debug(char *format, ...) { va_list ap; char buffer[4096] = {0}; + int ret; + int len; va_start(ap, format); - vsnprintf(buffer, sizeof(buffer) - 1, format, ap); + ret = vsnprintf(buffer, sizeof(buffer) - 1, format, ap); va_end(ap); - IGNORED_RETURN(write(STDOUT_FILENO, buffer, sizeof(buffer))); + if (ret < 0) { return; } + + len = strnlen(buffer, sizeof(buffer)); + + IGNORED_RETURN(write(debugging_fd, buffer, len)); } @@ -53,76 +61,70 @@ static void instrument_disasm(guint8 *code, guint size) { static gpointer instrument_cur(GumStalkerOutput *output) { - #if defined(__i386__) || defined(__x86_64__) +#if defined(__i386__) || defined(__x86_64__) return gum_x86_writer_cur(output->writer.x86); - #elif defined(__aarch64__) +#elif defined(__aarch64__) return gum_arm64_writer_cur(output->writer.arm64); - #elif defined(__arm__) +#elif defined(__arm__) return gum_arm_writer_cur(output->writer.arm); - #else - #error "Unsupported architecture" - #endif +#else + #error "Unsupported architecture" +#endif } -void instrument_debug_start(uint64_t address, GumStalkerOutput *output) { - - GumDebugSymbolDetails details; +void instrument_debug_init(void) { - instrument_gen_start = instrument_cur(output); + char *filename = getenv("AFL_FRIDA_INST_DEBUG_FILE"); + OKF("Instrumentation debugging - enabled [%c]", filename == NULL ? ' ' : 'X'); - if (gum_symbol_details_from_address(GSIZE_TO_POINTER(address), &details)) { + if (filename == NULL) { return; } - instrument_debug("\n\n***\n\nCreating block for 0x%" G_GINT64_MODIFIER - "x (%s!%s):\n", - address, details.module_name, details.symbol_name); + OKF("Instrumentation debugging - file [%s]", filename); - } else { + if (filename == NULL) { return; } - instrument_debug( - "\n\n***\n\nCreating block for 0x%" G_GINT64_MODIFIER "x:\n", address); + char *path = g_canonicalize_filename(filename, g_get_current_dir()); - } + OKF("Instrumentation debugging - path [%s]", path); -} + debugging_fd = open(path, O_RDWR | O_CREAT | O_TRUNC, + S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); -void instrument_debug_instruction(uint64_t address, uint16_t size) { + if (debugging_fd < 0) { FATAL("Failed to open stats file '%s'", path); } - uint8_t *start = (uint8_t *)GSIZE_TO_POINTER(address); - instrument_disasm(start, size); + g_free(path); } -void instrument_debug_end(GumStalkerOutput *output) { - - gpointer instrument_gen_end = instrument_cur(output); - uint16_t size = GPOINTER_TO_SIZE(instrument_gen_end) - - GPOINTER_TO_SIZE(instrument_gen_start); - - instrument_debug("\nGenerated block %p\n", instrument_gen_start); - instrument_disasm(instrument_gen_start, size); +void instrument_debug_start(uint64_t address, GumStalkerOutput *output) { -} + if (likely(debugging_fd < 0)) { return; } -#else -void instrument_debug_start(void *address) { + instrument_gen_start = instrument_cur(output); - UNUSED_PARAMETER(address); + instrument_debug("\n\n***\n\nCreating block for 0x%" G_GINT64_MODIFIER "x:\n", + address); } void instrument_debug_instruction(uint64_t address, uint16_t size) { - UNUSED_PARAMETER(address); - UNUSED_PARAMETER(size); + if (likely(debugging_fd < 0)) { return; } + uint8_t *start = (uint8_t *)GSIZE_TO_POINTER(address); + instrument_disasm(start, size); } void instrument_debug_end(GumStalkerOutput *output) { - UNUSED_PARAMETER(output); + if (likely(debugging_fd < 0)) { return; } + gpointer instrument_gen_end = instrument_cur(output); + uint16_t size = GPOINTER_TO_SIZE(instrument_gen_end) - + GPOINTER_TO_SIZE(instrument_gen_start); -} + instrument_debug("\nGenerated block %p\n", instrument_gen_start); + instrument_disasm(instrument_gen_start, size); -#endif +} |