From 4a6b751b93c135ac524bcad6e9d223e144fe0bd3 Mon Sep 17 00:00:00 2001 From: Giovanni Di Santi Date: Sun, 21 Jul 2024 18:26:13 +0200 Subject: frida_mode: fix fasan operand access order --- frida_mode/src/asan/asan_arm64.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'frida_mode/src') diff --git a/frida_mode/src/asan/asan_arm64.c b/frida_mode/src/asan/asan_arm64.c index 94729939..c1d5c10f 100644 --- a/frida_mode/src/asan/asan_arm64.c +++ b/frida_mode/src/asan/asan_arm64.c @@ -39,15 +39,15 @@ static void asan_callout(GumCpuContext *ctx, gpointer user_data) { address = base + index + mem->disp; - if ((operand->access & CS_AC_READ) == CS_AC_READ) { + if ((operand->access & CS_AC_WRITE) == CS_AC_WRITE) { - asan_loadN(address, asan_ctx->size); + asan_storeN(address, asan_ctx->size); } - if ((operand->access & CS_AC_WRITE) == CS_AC_WRITE) { + if ((operand->access & CS_AC_READ) == CS_AC_READ) { - asan_storeN(address, asan_ctx->size); + asan_loadN(address, asan_ctx->size); } -- cgit 1.4.1 From bb72cc752a1db07144e16bb7ca4020ea6eb62445 Mon Sep 17 00:00:00 2001 From: killerra <25255685+killerra@users.noreply.github.com> Date: Tue, 23 Jul 2024 17:31:13 +0200 Subject: Fixed frida unstable coverage for instances not named "default" --- frida_mode/src/instrument/instrument_coverage.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'frida_mode/src') diff --git a/frida_mode/src/instrument/instrument_coverage.c b/frida_mode/src/instrument/instrument_coverage.c index ff2f4024..6ab55e0e 100644 --- a/frida_mode/src/instrument/instrument_coverage.c +++ b/frida_mode/src/instrument/instrument_coverage.c @@ -818,6 +818,9 @@ void instrument_coverage_unstable_find_output(void) { GDir *dir = g_dir_open(fds_name, 0, NULL); + gchar *path_tmp = getenv("AFL_CUSTOM_INFO_OUT"); + gchar *instance_name = g_path_get_basename(path_tmp); + FVERBOSE("Coverage Unstable - fds: %s", fds_name); for (const gchar *filename = g_dir_read_name(dir); filename != NULL; @@ -829,7 +832,7 @@ void instrument_coverage_unstable_find_output(void) { if (link == NULL) { FFATAL("Failed to read link: %s", fullname); } gchar *basename = g_path_get_basename(link); - if (g_strcmp0(basename, "default") != 0) { + if (g_strcmp0(basename, instance_name) != 0) { g_free(basename); g_free(link); @@ -849,7 +852,7 @@ void instrument_coverage_unstable_find_output(void) { relative = g_build_path("/", link, NULL); } - + gchar *cmdline = g_build_path("/", relative, "cmdline", NULL); if (!g_file_test(cmdline, G_FILE_TEST_EXISTS)) { -- cgit 1.4.1 From 5bfe0c1a15994c5abaeb2240a187a5e7291ed9dd Mon Sep 17 00:00:00 2001 From: killerra <25255685+killerra@users.noreply.github.com> Date: Tue, 23 Jul 2024 20:52:15 +0100 Subject: added free for new strings --- frida_mode/src/instrument/instrument_coverage.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'frida_mode/src') diff --git a/frida_mode/src/instrument/instrument_coverage.c b/frida_mode/src/instrument/instrument_coverage.c index 6ab55e0e..a546dc24 100644 --- a/frida_mode/src/instrument/instrument_coverage.c +++ b/frida_mode/src/instrument/instrument_coverage.c @@ -852,7 +852,7 @@ void instrument_coverage_unstable_find_output(void) { relative = g_build_path("/", link, NULL); } - + gchar *cmdline = g_build_path("/", relative, "cmdline", NULL); if (!g_file_test(cmdline, G_FILE_TEST_EXISTS)) { @@ -877,6 +877,8 @@ void instrument_coverage_unstable_find_output(void) { } g_dir_close(dir); + g_free(instance_name); + g_free(path_tmp); g_free(fds_name); if (unstable_coverage_fuzzer_stats == NULL) { -- cgit 1.4.1