From 405382cbddea8b99543c3fddcaa5738b1ed3ade3 Mon Sep 17 00:00:00 2001 From: WorksButNotTested <62701594+WorksButNotTested@users.noreply.github.com> Date: Tue, 6 Jul 2021 20:15:30 +0100 Subject: Frida build fixes (#1010) Co-authored-by: Your Name --- frida_mode/hook/frida_hook.c | 65 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 frida_mode/hook/frida_hook.c (limited to 'frida_mode/hook/frida_hook.c') diff --git a/frida_mode/hook/frida_hook.c b/frida_mode/hook/frida_hook.c new file mode 100644 index 00000000..96446d6f --- /dev/null +++ b/frida_mode/hook/frida_hook.c @@ -0,0 +1,65 @@ +/* + * + * Modify this file to set the right registers with the fuzz input and length. + * It is a good idea to check input_buf_len to be not larger than the + * destination buffer! + * + */ + + +#include +#include + +#include "frida-gumjs.h" + +#if defined(__x86_64__) + +__attribute__((visibility("default"))) void afl_persistent_hook( + GumCpuContext *regs, uint8_t *input_buf, uint32_t input_buf_len) { + + // do a length check matching the target! + + memcpy((void *)regs->rdi, input_buf, input_buf_len); + regs->rsi = input_buf_len; + +} + +#elif defined(__i386__) + +__attribute__((visibility("default"))) void afl_persistent_hook( + GumCpuContext *regs, uint8_t *input_buf, uint32_t input_buf_len) { + + // do a length check matching the target! + + void **esp = (void **)regs->esp; + void * arg1 = esp[0]; + void **arg2 = &esp[1]; + memcpy(arg1, input_buf, input_buf_len); + *arg2 = (void *)input_buf_len; + +} + +#elif defined(__aarch64__) + +__attribute__((visibility("default"))) void afl_persistent_hook( + GumCpuContext *regs, uint8_t *input_buf, uint32_t input_buf_len) { + + // do a length check matching the target! + + memcpy((void *)regs->x[0], input_buf, input_buf_len); + regs->x[1] = input_buf_len; + +} + +#else + #pragma error "Unsupported architecture" +#endif + +__attribute__((visibility("default"))) int afl_persistent_hook_init(void) { + + // 1 for shared memory input (faster), 0 for normal input (you have to use + // read(), input_buf will be NULL) + return 1; + +} + -- cgit 1.4.1 From 161d763334a27c6b031d8c5b9a7b49280cb05796 Mon Sep 17 00:00:00 2001 From: WorksButNotTested <62701594+WorksButNotTested@users.noreply.github.com> Date: Wed, 7 Jul 2021 21:11:03 +0100 Subject: Changes to print stats more periodically rather than relying on a new block being instrumented (#1011) Co-authored-by: Your Name --- frida_mode/hook/frida_hook.c | 1 - frida_mode/include/stats.h | 1 + frida_mode/src/entry.c | 2 ++ frida_mode/src/stats/stats.c | 6 +++--- 4 files changed, 6 insertions(+), 4 deletions(-) (limited to 'frida_mode/hook/frida_hook.c') diff --git a/frida_mode/hook/frida_hook.c b/frida_mode/hook/frida_hook.c index 96446d6f..3bfdb207 100644 --- a/frida_mode/hook/frida_hook.c +++ b/frida_mode/hook/frida_hook.c @@ -6,7 +6,6 @@ * */ - #include #include diff --git a/frida_mode/include/stats.h b/frida_mode/include/stats.h index 1cfd6b8f..cd2350ea 100644 --- a/frida_mode/include/stats.h +++ b/frida_mode/include/stats.h @@ -28,6 +28,7 @@ gboolean stats_is_supported_arch(void); size_t stats_data_size_arch(void); void stats_collect_arch(const cs_insn *instr); void stats_write_arch(void); +void stats_on_fork(void); #endif diff --git a/frida_mode/src/entry.c b/frida_mode/src/entry.c index 1d3b3e43..f70e21fc 100644 --- a/frida_mode/src/entry.c +++ b/frida_mode/src/entry.c @@ -7,6 +7,7 @@ #include "persistent.h" #include "ranges.h" #include "stalker.h" +#include "stats.h" #include "util.h" extern void __afl_manual_init(); @@ -21,6 +22,7 @@ static void entry_launch(void) { /* Child here */ instrument_previous_pc = 0; + stats_on_fork(); } diff --git a/frida_mode/src/stats/stats.c b/frida_mode/src/stats/stats.c index 0dd8be70..91a58741 100644 --- a/frida_mode/src/stats/stats.c +++ b/frida_mode/src/stats/stats.c @@ -178,10 +178,12 @@ void stats_write(void) { } -static void stats_maybe_write(void) { +void stats_on_fork(void) { guint64 current_time; + if (stats_filename == NULL) { return; } + if (stats_interval == 0) { return; } current_time = g_get_monotonic_time(); @@ -208,7 +210,5 @@ void stats_collect(const cs_insn *instr, gboolean begin) { stats_collect_arch(instr); - stats_maybe_write(); - } -- cgit 1.4.1