From 02e8919cbc744064510f6cd99539f7662343073f Mon Sep 17 00:00:00 2001 From: Your Name Date: Tue, 9 Nov 2021 18:29:25 +0000 Subject: Suppress spurious output --- frida_mode/src/util.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'frida_mode/src/util.c') diff --git a/frida_mode/src/util.c b/frida_mode/src/util.c index 09e8a58b..2b0f7be6 100644 --- a/frida_mode/src/util.c +++ b/frida_mode/src/util.c @@ -1,7 +1,5 @@ #include "util.h" -#include "debug.h" - guint64 util_read_address(char *key) { char *value_str = getenv(key); @@ -66,3 +64,19 @@ guint64 util_read_num(char *key) { } +gboolean util_output_enabled(void) { + + static gboolean initialized = FALSE; + static gboolean enabled = TRUE; + + if (!initialized) { + + initialized = TRUE; + if (getenv("AFL_DEBUG_CHILD") == NULL) { enabled = FALSE; } + + } + + return enabled; + +} + -- cgit 1.4.1 From 7e1dba2e6b00f620d6ec3f1c2a75e69dcc7a82e5 Mon Sep 17 00:00:00 2001 From: Your Name Date: Wed, 10 Nov 2021 18:05:29 +0000 Subject: Fix block ID handling --- frida_mode/include/util.h | 2 ++ frida_mode/src/instrument/instrument.c | 12 +++++++----- frida_mode/src/instrument/instrument_x64.c | 7 ++++--- frida_mode/src/util.c | 21 +++++++++++++++++++++ 4 files changed, 34 insertions(+), 8 deletions(-) (limited to 'frida_mode/src/util.c') diff --git a/frida_mode/include/util.h b/frida_mode/include/util.h index 77fbda94..77491ea8 100644 --- a/frida_mode/include/util.h +++ b/frida_mode/include/util.h @@ -12,6 +12,8 @@ guint64 util_read_address(char *key); guint64 util_read_num(char *key); gboolean util_output_enabled(void); +gsize util_rotate(gsize val, gsize shift, gsize size); +gsize util_log2(gsize val); #define FOKF(x...) \ do { \ diff --git a/frida_mode/src/instrument/instrument.c b/frida_mode/src/instrument/instrument.c index 0262e461..d5823654 100644 --- a/frida_mode/src/instrument/instrument.c +++ b/frida_mode/src/instrument/instrument.c @@ -68,7 +68,8 @@ guint64 instrument_get_offset_hash(GumAddress current_rip) { guint64 area_offset = hash64((unsigned char *)¤t_rip, sizeof(GumAddress), instrument_hash_seed); - return area_offset &= MAP_SIZE - 1; + gsize map_size_pow2 = util_log2(__afl_map_size); + return area_offset &= ((1 << map_size_pow2) - 1); } @@ -134,8 +135,8 @@ __attribute__((hot)) static void on_basic_block(GumCpuContext *context, previous_rip = current_rip; previous_end = current_end; - instrument_previous_pc = ((current_pc & (MAP_SIZE - 1) >> 1)) | - ((current_pc & 0x1) << (MAP_SIZE_POW2 - 1)); + gsize map_size_pow2 = util_log2(__afl_map_size); + instrument_previous_pc = util_rotate(current_pc, 1, map_size_pow2); } @@ -303,7 +304,8 @@ void instrument_init(void) { if (instrument_unique) { - int shm_id = shmget(IPC_PRIVATE, MAP_SIZE, IPC_CREAT | IPC_EXCL | 0600); + int shm_id = + shmget(IPC_PRIVATE, __afl_map_size, IPC_CREAT | IPC_EXCL | 0600); if (shm_id < 0) { FATAL("shm_id < 0 - errno: %d\n", errno); } edges_notified = shmat(shm_id, NULL, 0); @@ -320,7 +322,7 @@ void instrument_init(void) { } /* Clear it, not sure it's necessary, just seems like good practice */ - memset(edges_notified, '\0', MAP_SIZE); + memset(edges_notified, '\0', __afl_map_size); } diff --git a/frida_mode/src/instrument/instrument_x64.c b/frida_mode/src/instrument/instrument_x64.c index e2cbb804..7273119b 100644 --- a/frida_mode/src/instrument/instrument_x64.c +++ b/frida_mode/src/instrument/instrument_x64.c @@ -351,7 +351,8 @@ void instrument_coverage_optimize(const cs_insn * instr, afl_log_code code = {0}; GumX86Writer *cw = output->writer.x86; guint64 area_offset = instrument_get_offset_hash(GUM_ADDRESS(instr->address)); - guint64 area_offset_ror; + gsize map_size_pow2; + gsize area_offset_ror; GumAddress code_addr = 0; instrument_coverage_suppress_init(); @@ -370,8 +371,8 @@ void instrument_coverage_optimize(const cs_insn * instr, offsetof(afl_log_code, code.mov_eax_curr_loc_shr_1) + sizeof(code.code.mov_eax_curr_loc_shr_1) - sizeof(guint32); - area_offset_ror = ((area_offset & (MAP_SIZE - 1) >> 1)) | - ((area_offset & 0x1) << (MAP_SIZE_POW2 - 1)); + map_size_pow2 = util_log2(__afl_map_size); + area_offset_ror = util_rotate(area_offset, 1, map_size_pow2); *((guint32 *)&code.bytes[curr_loc_shr_1_offset]) = (guint32)(area_offset_ror); diff --git a/frida_mode/src/util.c b/frida_mode/src/util.c index 2b0f7be6..d84b7065 100644 --- a/frida_mode/src/util.c +++ b/frida_mode/src/util.c @@ -80,3 +80,24 @@ gboolean util_output_enabled(void) { } +gsize util_rotate(gsize val, gsize shift, gsize size) { + + if (shift == 0) { return val; } + gsize result = ((val >> shift) | (val << (size - shift))); + result = result & ((1 << size) - 1); + return result; + +} + +gsize util_log2(gsize val) { + + for (gsize i = 0; i < 64; i++) { + + if (((gsize)1 << i) == val) { return i; } + + } + + FFATAL("Not a power of two"); + +} + -- cgit 1.4.1 From b0c51964b7f1ca57455268ab3c65117526ba9742 Mon Sep 17 00:00:00 2001 From: Your Name Date: Mon, 29 Nov 2021 17:38:06 +0000 Subject: Add support for parsing zero as a configuration setting --- frida_mode/include/util.h | 3 +-- frida_mode/src/util.c | 26 +++++++++++++++++++++++--- 2 files changed, 24 insertions(+), 5 deletions(-) (limited to 'frida_mode/src/util.c') diff --git a/frida_mode/include/util.h b/frida_mode/include/util.h index 77491ea8..bcbdde26 100644 --- a/frida_mode/include/util.h +++ b/frida_mode/include/util.h @@ -8,8 +8,7 @@ #define UNUSED_PARAMETER(x) (void)(x) #define IGNORED_RETURN(x) (void)!(x) -guint64 util_read_address(char *key); - +guint64 util_read_address(char *key); guint64 util_read_num(char *key); gboolean util_output_enabled(void); gsize util_rotate(gsize val, gsize shift, gsize size); diff --git a/frida_mode/src/util.c b/frida_mode/src/util.c index d84b7065..c9ef0edc 100644 --- a/frida_mode/src/util.c +++ b/frida_mode/src/util.c @@ -3,6 +3,7 @@ guint64 util_read_address(char *key) { char *value_str = getenv(key); + char *end_ptr; if (value_str == NULL) { return 0; } @@ -25,8 +26,17 @@ guint64 util_read_address(char *key) { } - guint64 value = g_ascii_strtoull(value_str2, NULL, 16); - if (value == 0) { + errno = 0; + + guint64 value = g_ascii_strtoull(value_str2, &end_ptr, 16); + + if (errno != 0) { + + FATAL("Error (%d) during conversion: %s", errno, value_str); + + } + + if (value == 0 && end_ptr == value_str2) { FATAL("Invalid address failed hex conversion: %s=%s\n", key, value_str2); @@ -39,6 +49,7 @@ guint64 util_read_address(char *key) { guint64 util_read_num(char *key) { char *value_str = getenv(key); + char *end_ptr; if (value_str == NULL) { return 0; } @@ -53,8 +64,17 @@ guint64 util_read_num(char *key) { } + errno = 0; + guint64 value = g_ascii_strtoull(value_str, NULL, 10); - if (value == 0) { + + if (errno != 0) { + + FATAL("Error (%d) during conversion: %s", errno, value_str); + + } + + if (value == 0 && end_ptr == value_str) { FATAL("Invalid address failed numeric conversion: %s=%s\n", key, value_str); -- cgit 1.4.1 From b48999f7c9e66e81899f8f5486c0931968bf3c77 Mon Sep 17 00:00:00 2001 From: Your Name Date: Mon, 29 Nov 2021 17:38:06 +0000 Subject: Changes to support defaults for configuration options --- frida_mode/include/util.h | 4 ++-- frida_mode/src/entry.c | 2 +- frida_mode/src/instrument/instrument.c | 2 +- frida_mode/src/persistent/persistent.c | 6 +++--- frida_mode/src/stalker.c | 22 +++++++++++----------- frida_mode/src/stats/stats.c | 6 +++--- frida_mode/src/util.c | 8 ++++---- 7 files changed, 25 insertions(+), 25 deletions(-) (limited to 'frida_mode/src/util.c') diff --git a/frida_mode/include/util.h b/frida_mode/include/util.h index bcbdde26..4dc05f20 100644 --- a/frida_mode/include/util.h +++ b/frida_mode/include/util.h @@ -8,8 +8,8 @@ #define UNUSED_PARAMETER(x) (void)(x) #define IGNORED_RETURN(x) (void)!(x) -guint64 util_read_address(char *key); -guint64 util_read_num(char *key); +guint64 util_read_address(char *key, guint64 default_value); +guint64 util_read_num(char *key, guint64 default_value); gboolean util_output_enabled(void); gsize util_rotate(gsize val, gsize shift, gsize size); gsize util_log2(gsize val); diff --git a/frida_mode/src/entry.c b/frida_mode/src/entry.c index 562e74eb..de645fdb 100644 --- a/frida_mode/src/entry.c +++ b/frida_mode/src/entry.c @@ -62,7 +62,7 @@ void entry_on_fork(void) { void entry_config(void) { - entry_point = util_read_address("AFL_ENTRYPOINT"); + entry_point = util_read_address("AFL_ENTRYPOINT", 0); if (getenv("AFL_FRIDA_TRACEABLE") != NULL) { traceable = TRUE; } } diff --git a/frida_mode/src/instrument/instrument.c b/frida_mode/src/instrument/instrument.c index d5823654..414dc84c 100644 --- a/frida_mode/src/instrument/instrument.c +++ b/frida_mode/src/instrument/instrument.c @@ -246,7 +246,7 @@ void instrument_config(void) { instrument_tracing = (getenv("AFL_FRIDA_INST_TRACE") != NULL); instrument_unique = (getenv("AFL_FRIDA_INST_TRACE_UNIQUE") != NULL); instrument_use_fixed_seed = (getenv("AFL_FRIDA_INST_SEED") != NULL); - instrument_fixed_seed = util_read_num("AFL_FRIDA_INST_SEED"); + instrument_fixed_seed = util_read_num("AFL_FRIDA_INST_SEED", 0); instrument_coverage_unstable_filename = (getenv("AFL_FRIDA_INST_UNSTABLE_COVERAGE_FILE")); diff --git a/frida_mode/src/persistent/persistent.c b/frida_mode/src/persistent/persistent.c index e62f25d0..817d9925 100644 --- a/frida_mode/src/persistent/persistent.c +++ b/frida_mode/src/persistent/persistent.c @@ -22,9 +22,9 @@ gboolean persistent_debug = FALSE; void persistent_config(void) { hook_name = getenv("AFL_FRIDA_PERSISTENT_HOOK"); - persistent_start = util_read_address("AFL_FRIDA_PERSISTENT_ADDR"); - persistent_count = util_read_num("AFL_FRIDA_PERSISTENT_CNT"); - persistent_ret = util_read_address("AFL_FRIDA_PERSISTENT_RET"); + persistent_start = util_read_address("AFL_FRIDA_PERSISTENT_ADDR", 0); + persistent_count = util_read_num("AFL_FRIDA_PERSISTENT_CNT", 0); + persistent_ret = util_read_address("AFL_FRIDA_PERSISTENT_RET", 0); if (getenv("AFL_FRIDA_PERSISTENT_DEBUG") != NULL) { persistent_debug = TRUE; } diff --git a/frida_mode/src/stalker.c b/frida_mode/src/stalker.c index 4ef52ee9..caa16b3f 100644 --- a/frida_mode/src/stalker.c +++ b/frida_mode/src/stalker.c @@ -61,9 +61,10 @@ void stalker_config(void) { backpatch_enable = (getenv("AFL_FRIDA_INST_NO_BACKPATCH") == NULL); - stalker_adjacent_blocks = util_read_num("AFL_FRIDA_STALKER_ADJACENT_BLOCKS"); + stalker_ic_entries = util_read_num("AFL_FRIDA_STALKER_IC_ENTRIES", 32); - stalker_ic_entries = util_read_num("AFL_FRIDA_STALKER_IC_ENTRIES"); + stalker_adjacent_blocks = + util_read_num("AFL_FRIDA_STALKER_ADJACENT_BLOCKS", 32); observer = g_object_new(GUM_TYPE_AFL_STALKER_OBSERVER, NULL); @@ -98,33 +99,32 @@ void stalker_init(void) { FOKF("Stalker - adjacent_blocks [%u]", stalker_adjacent_blocks); #if !(defined(__x86_64__) || defined(__i386__)) - if (stalker_ic_entries != 0) { + if (getenv("AFL_FRIDA_STALKER_IC_ENTRIES") != NULL) { FFATAL("AFL_FRIDA_STALKER_IC_ENTRIES not supported"); } - if (stalker_adjacent_blocks != 0) { + if (getenv("AFL_FRIDA_STALKER_ADJACENT_BLOCKS") != NULL) { FFATAL("AFL_FRIDA_STALKER_ADJACENT_BLOCKS not supported"); } #endif - if (stalker_ic_entries == 0) { stalker_ic_entries = 32; } - if (instrument_coverage_filename == NULL) { + if (instrument_coverage_filename != NULL) { - if (stalker_adjacent_blocks == 0) { stalker_adjacent_blocks = 32; } - - } else { - - if (stalker_adjacent_blocks != 0) { + if (getenv("AFL_FRIDA_STALKER_ADJACENT_BLOCKS") != NULL) { FFATAL( "AFL_FRIDA_STALKER_ADJACENT_BLOCKS and AFL_FRIDA_INST_COVERAGE_FILE " "are incompatible"); + } else { + + stalker_adjacent_blocks = 0; + } } diff --git a/frida_mode/src/stats/stats.c b/frida_mode/src/stats/stats.c index a61834d6..83ecf89a 100644 --- a/frida_mode/src/stats/stats.c +++ b/frida_mode/src/stats/stats.c @@ -323,7 +323,7 @@ static void stats_observer_init(GumStalkerObserver *observer) { void stats_config(void) { stats_filename = getenv("AFL_FRIDA_STATS_FILE"); - stats_interval = util_read_num("AFL_FRIDA_STATS_INTERVAL"); + stats_interval = util_read_num("AFL_FRIDA_STATS_INTERVAL", 10); } @@ -332,7 +332,8 @@ void stats_init(void) { FOKF("Stats - file [%s]", stats_filename); FOKF("Stats - interval [%" G_GINT64_MODIFIER "u]", stats_interval); - if (stats_interval != 0 && stats_filename == NULL) { + if (getenv("AFL_FRIDA_STATS_INTERVAL") != NULL && + getenv("AFL_FRIDA_STATS_FILE") == NULL) { FFATAL( "AFL_FRIDA_STATS_FILE must be specified if " @@ -340,7 +341,6 @@ void stats_init(void) { } - if (stats_interval == 0) { stats_interval = 10; } stats_interval_us = stats_interval * MICRO_TO_SEC; if (stats_filename == NULL) { return; } diff --git a/frida_mode/src/util.c b/frida_mode/src/util.c index c9ef0edc..6f52b6cb 100644 --- a/frida_mode/src/util.c +++ b/frida_mode/src/util.c @@ -1,11 +1,11 @@ #include "util.h" -guint64 util_read_address(char *key) { +guint64 util_read_address(char *key, guint64 default_value) { char *value_str = getenv(key); char *end_ptr; - if (value_str == NULL) { return 0; } + if (value_str == NULL) { return default_value; } if (!g_str_has_prefix(value_str, "0x")) { @@ -46,12 +46,12 @@ guint64 util_read_address(char *key) { } -guint64 util_read_num(char *key) { +guint64 util_read_num(char *key, guint64 default_value) { char *value_str = getenv(key); char *end_ptr; - if (value_str == NULL) { return 0; } + if (value_str == NULL) { return default_value; } for (char *c = value_str; *c != '\0'; c++) { -- cgit 1.4.1