ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-08 08:11:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

hook update

Browse Source
This commit is contained in:
vanhauser-thc 2021-07-06 19:38:20 +02:00
parent 4a02118fda
commit 0662c5580b
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
frida_mode/hook/hook.c
View File

@ -1,3 +1,12 @@
/*
*
* Modify this file to set the right registers with the fuzz input and length.
* It is a good idea to check input_buf_len to be not larger than the
* destination buffer!
*
*/
#include <stdint.h>
#include <string.h>
@ -8,6 +17,8 @@
__attribute__((visibility("default"))) void afl_persistent_hook(
GumCpuContext *regs, uint8_t *input_buf, uint32_t input_buf_len) {
// do a length check matching the target!
memcpy((void *)regs->rdi, input_buf, input_buf_len);
regs->rsi = input_buf_len;
@ -18,6 +29,8 @@ __attribute__((visibility("default"))) void afl_persistent_hook(
__attribute__((visibility("default"))) void afl_persistent_hook(
GumCpuContext *regs, uint8_t *input_buf, uint32_t input_buf_len) {
// do a length check matching the target!
void **esp = (void **)regs->esp;
void * arg1 = esp[0];
void **arg2 = &esp[1];
@ -31,6 +44,8 @@ __attribute__((visibility("default"))) void afl_persistent_hook(
__attribute__((visibility("default"))) void afl_persistent_hook(
GumCpuContext *regs, uint8_t *input_buf, uint32_t input_buf_len) {
// do a length check matching the target!
memcpy((void *)regs->x[0], input_buf, input_buf_len);
regs->x[1] = input_buf_len;