ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-09 08:41:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Changes to default CMOV instrumentation to off

Browse Source
This commit is contained in:
Your Name 2022-02-18 08:10:19 +00:00
parent cb1256499f
commit 5f45f380c3
9 changed files with 30 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
frida_mode/README.md
View File

@ -170,11 +170,11 @@ instances run CMPLOG mode and instrumentation of the binary is less frequent
*** ***
``` ```
* `AFL_FRIDA_INST_INSN` - Generate instrumentation for conditional
instructions (e.g. `CMOV` instructions on x64).
* `AFL_FRIDA_INST_JIT` - Enable the instrumentation of Just-In-Time compiled * `AFL_FRIDA_INST_JIT` - Enable the instrumentation of Just-In-Time compiled
code. Code is considered to be JIT if the executable segment is not backed by code. Code is considered to be JIT if the executable segment is not backed by
a file. a file.
* `AFL_FRIDA_INST_NO_INSN` - Don't generate instrumentation for conditional
instructions (e.g. `CMOV` instructions on x64).
* `AFL_FRIDA_INST_NO_OPTIMIZE` - Don't use optimized inline assembly coverage * `AFL_FRIDA_INST_NO_OPTIMIZE` - Don't use optimized inline assembly coverage
instrumentation (the default where available). Required to use instrumentation (the default where available). Required to use
`AFL_FRIDA_INST_TRACE`. `AFL_FRIDA_INST_TRACE`.

2
frida_mode/frida.map
View File

@ -15,7 +15,7 @@
js_api_set_instrument_debug_file; js_api_set_instrument_debug_file;
js_api_set_instrument_jit; js_api_set_instrument_jit;
js_api_set_instrument_libraries; js_api_set_instrument_libraries;
js_api_set_instrument_no_instructions; js_api_set_instrument_instructions;
js_api_set_instrument_no_optimize; js_api_set_instrument_no_optimize;
js_api_set_instrument_seed; js_api_set_instrument_seed;
js_api_set_instrument_trace; js_api_set_instrument_trace;

4
frida_mode/src/instrument/instrument.c
View File

@ -276,7 +276,7 @@ void instrument_config(void) {
instrument_fixed_seed = util_read_num("AFL_FRIDA_INST_SEED", 0); instrument_fixed_seed = util_read_num("AFL_FRIDA_INST_SEED", 0);
instrument_coverage_unstable_filename = instrument_coverage_unstable_filename =
(getenv("AFL_FRIDA_INST_UNSTABLE_COVERAGE_FILE")); (getenv("AFL_FRIDA_INST_UNSTABLE_COVERAGE_FILE"));
instrument_coverage_insn = (getenv("AFL_FRIDA_INST_NO_INSN") == NULL); instrument_coverage_insn = (getenv("AFL_FRIDA_INST_INSN") != NULL);
instrument_debug_config(); instrument_debug_config();
instrument_coverage_config(); instrument_coverage_config();
@ -302,6 +302,8 @@ void instrument_init(void) {
instrument_coverage_unstable_filename == NULL instrument_coverage_unstable_filename == NULL
? " " ? " "
: instrument_coverage_unstable_filename); : instrument_coverage_unstable_filename);
FOKF(cBLU "Instrumentation" cRST " - " cGRN "instructions:" cYEL " [%c]",
instrument_coverage_insn ? 'X' : ' ');
if (instrument_tracing && instrument_optimize) { if (instrument_tracing && instrument_optimize) {

14
frida_mode/src/js/api.js
View File

@ -113,6 +113,12 @@ class Afl {
static setInstrumentEnableTracing() { static setInstrumentEnableTracing() {
Afl.jsApiSetInstrumentTrace(); Afl.jsApiSetInstrumentTrace();
} }
/**
* See `AFL_FRIDA_INST_INSN`
*/
static setInstrumentInstructions() {
Afl.jsApiSetInstrumentInstructions();
}
/** /**
* See `AFL_FRIDA_INST_JIT`. * See `AFL_FRIDA_INST_JIT`.
*/ */
@ -125,12 +131,6 @@ class Afl {
static setInstrumentLibraries() { static setInstrumentLibraries() {
Afl.jsApiSetInstrumentLibraries(); Afl.jsApiSetInstrumentLibraries();
} }
/**
* See `AFL_FRIDA_INST_NO_INSN`
*/
static setInstrumentNoInstructions() {
Afl.jsApiSetInstrumentNoInstructions();
}
/** /**
* See `AFL_FRIDA_INST_NO_OPTIMIZE` * See `AFL_FRIDA_INST_NO_OPTIMIZE`
*/ */
@ -303,9 +303,9 @@ Afl.jsApiSetDebugMaps = Afl.jsApiGetFunction("js_api_set_debug_maps", "void", []
Afl.jsApiSetEntryPoint = Afl.jsApiGetFunction("js_api_set_entrypoint", "void", ["pointer"]); Afl.jsApiSetEntryPoint = Afl.jsApiGetFunction("js_api_set_entrypoint", "void", ["pointer"]);
Afl.jsApiSetInstrumentCoverageFile = Afl.jsApiGetFunction("js_api_set_instrument_coverage_file", "void", ["pointer"]); Afl.jsApiSetInstrumentCoverageFile = Afl.jsApiGetFunction("js_api_set_instrument_coverage_file", "void", ["pointer"]);
Afl.jsApiSetInstrumentDebugFile = Afl.jsApiGetFunction("js_api_set_instrument_debug_file", "void", ["pointer"]); Afl.jsApiSetInstrumentDebugFile = Afl.jsApiGetFunction("js_api_set_instrument_debug_file", "void", ["pointer"]);
Afl.jsApiSetInstrumentInstructions = Afl.jsApiGetFunction("js_api_set_instrument_instructions", "void", []);
Afl.jsApiSetInstrumentJit = Afl.jsApiGetFunction("js_api_set_instrument_jit", "void", []); Afl.jsApiSetInstrumentJit = Afl.jsApiGetFunction("js_api_set_instrument_jit", "void", []);
Afl.jsApiSetInstrumentLibraries = Afl.jsApiGetFunction("js_api_set_instrument_libraries", "void", []); Afl.jsApiSetInstrumentLibraries = Afl.jsApiGetFunction("js_api_set_instrument_libraries", "void", []);
Afl.jsApiSetInstrumentNoInstructions = Afl.jsApiGetFunction("js_api_set_instrument_no_instructions", "void", []);
Afl.jsApiSetInstrumentNoOptimize = Afl.jsApiGetFunction("js_api_set_instrument_no_optimize", "void", []); Afl.jsApiSetInstrumentNoOptimize = Afl.jsApiGetFunction("js_api_set_instrument_no_optimize", "void", []);
Afl.jsApiSetInstrumentSeed = Afl.jsApiGetFunction("js_api_set_instrument_seed", "void", ["uint64"]); Afl.jsApiSetInstrumentSeed = Afl.jsApiGetFunction("js_api_set_instrument_seed", "void", ["uint64"]);
Afl.jsApiSetInstrumentTrace = Afl.jsApiGetFunction("js_api_set_instrument_trace", "void", []); Afl.jsApiSetInstrumentTrace = Afl.jsApiGetFunction("js_api_set_instrument_trace", "void", []);

6
frida_mode/src/js/js_api.c
View File

@ -142,10 +142,10 @@ js_api_set_prefetch_backpatch_disable(void) {
} }
__attribute__((visibility("default"))) void __attribute__((visibility("default"))) void js_api_set_instrument_instructions(
js_api_set_instrument_no_instructions(void) { void) {
instrument_coverage_insn = FALSE; instrument_coverage_insn = TRUE;
} }

2
frida_mode/src/ranges.c
View File

@ -595,8 +595,6 @@ void ranges_init(void) {
ranges_inst_jit ? 'X' : ' '); ranges_inst_jit ? 'X' : ' ');
FOKF(cBLU "Ranges" cRST " - " cGRN "instrument libraries:" cYEL " [%c]", FOKF(cBLU "Ranges" cRST " - " cGRN "instrument libraries:" cYEL " [%c]",
ranges_inst_libs ? 'X' : ' '); ranges_inst_libs ? 'X' : ' ');
FOKF(cBLU "Ranges" cRST " - " cGRN "instrument libraries:" cYEL " [%c]",
ranges_inst_libs ? 'X' : ' ');
print_ranges("include", include_ranges); print_ranges("include", include_ranges);
print_ranges("exclude", exclude_ranges); print_ranges("exclude", exclude_ranges);

2
frida_mode/test/cmov/GNUmakefile
View File

@ -46,6 +46,7 @@ $(DUMMY_DATA_FILE): | $(BUILD_DIR)
dd if=/dev/zero bs=1048576 count=1 of=$@ dd if=/dev/zero bs=1048576 count=1 of=$@
frida: $(TEST_CMOV_OBJ) $(CMP_LOG_INPUT) $(DUMMY_DATA_FILE) frida: $(TEST_CMOV_OBJ) $(CMP_LOG_INPUT) $(DUMMY_DATA_FILE)
AFL_FRIDA_INST_INSN=1 \
AFL_FRIDA_PERSISTENT_CNT=1000000 \ AFL_FRIDA_PERSISTENT_CNT=1000000 \
AFL_FRIDA_PERSISTENT_HOOK=$(AFLPP_FRIDA_DRIVER_HOOK_OBJ) \ AFL_FRIDA_PERSISTENT_HOOK=$(AFLPP_FRIDA_DRIVER_HOOK_OBJ) \
AFL_FRIDA_PERSISTENT_ADDR=$(AFL_FRIDA_PERSISTENT_ADDR) \ AFL_FRIDA_PERSISTENT_ADDR=$(AFL_FRIDA_PERSISTENT_ADDR) \
@ -60,7 +61,6 @@ frida: $(TEST_CMOV_OBJ) $(CMP_LOG_INPUT) $(DUMMY_DATA_FILE)
$(TEST_CMOV_OBJ) $(DUMMY_DATA_FILE) $(TEST_CMOV_OBJ) $(DUMMY_DATA_FILE)
frida_noinst: $(TEST_CMOV_OBJ) $(CMP_LOG_INPUT) $(DUMMY_DATA_FILE) frida_noinst: $(TEST_CMOV_OBJ) $(CMP_LOG_INPUT) $(DUMMY_DATA_FILE)
AFL_FRIDA_INST_NO_INSN=1 \
AFL_FRIDA_PERSISTENT_CNT=1000000 \ AFL_FRIDA_PERSISTENT_CNT=1000000 \
AFL_FRIDA_PERSISTENT_HOOK=$(AFLPP_FRIDA_DRIVER_HOOK_OBJ) \ AFL_FRIDA_PERSISTENT_HOOK=$(AFLPP_FRIDA_DRIVER_HOOK_OBJ) \
AFL_FRIDA_PERSISTENT_ADDR=$(AFL_FRIDA_PERSISTENT_ADDR) \ AFL_FRIDA_PERSISTENT_ADDR=$(AFL_FRIDA_PERSISTENT_ADDR) \

24
frida_mode/ts/lib/afl.ts
View File

@ -135,6 +135,13 @@ class Afl {
Afl.jsApiSetInstrumentTrace(); Afl.jsApiSetInstrumentTrace();
} }
/**
* See `AFL_FRIDA_INST_INSN`
*/
public static setInstrumentInstructions(): void {
Afl.jsApiSetInstrumentInstructions();
}
/** /**
* See `AFL_FRIDA_INST_JIT`. * See `AFL_FRIDA_INST_JIT`.
*/ */
@ -149,13 +156,6 @@ class Afl {
Afl.jsApiSetInstrumentLibraries(); Afl.jsApiSetInstrumentLibraries();
} }
/**
* See `AFL_FRIDA_INST_NO_INSN`
*/
public static setInstrumentNoInstructions(): void {
Afl.jsApiSetInstrumentNoInstructions();
}
/** /**
* See `AFL_FRIDA_INST_NO_OPTIMIZE` * See `AFL_FRIDA_INST_NO_OPTIMIZE`
*/ */
@ -374,6 +374,11 @@ class Afl {
"void", "void",
["pointer"]); ["pointer"]);
private static readonly jsApiSetInstrumentInstructions = Afl.jsApiGetFunction(
"js_api_set_instrument_instructions",
"void",
[]);
private static readonly jsApiSetInstrumentJit = Afl.jsApiGetFunction( private static readonly jsApiSetInstrumentJit = Afl.jsApiGetFunction(
"js_api_set_instrument_jit", "js_api_set_instrument_jit",
"void", "void",
@ -384,11 +389,6 @@ class Afl {
"void", "void",
[]); []);
private static readonly jsApiSetInstrumentNoInstructions = Afl.jsApiGetFunction(
"js_api_set_instrument_no_instructions",
"void",
[]);
private static readonly jsApiSetInstrumentNoOptimize = Afl.jsApiGetFunction( private static readonly jsApiSetInstrumentNoOptimize = Afl.jsApiGetFunction(
"js_api_set_instrument_no_optimize", "js_api_set_instrument_no_optimize",
"void", "void",

2
include/envs.h
View File

@ -59,8 +59,8 @@ static char *afl_environment_variables[] = {
"AFL_FRIDA_EXCLUDE_RANGES", "AFL_FRIDA_EXCLUDE_RANGES",
"AFL_FRIDA_INST_COVERAGE_FILE", "AFL_FRIDA_INST_COVERAGE_FILE",
"AFL_FRIDA_INST_DEBUG_FILE", "AFL_FRIDA_INST_DEBUG_FILE",
"AFL_FRIDA_INST_INSN",
"AFL_FRIDA_INST_JIT", "AFL_FRIDA_INST_JIT",
"AFL_FRIDA_INST_NO_INSN",
"AFL_FRIDA_INST_NO_OPTIMIZE", "AFL_FRIDA_INST_NO_OPTIMIZE",
"AFL_FRIDA_INST_NO_PREFETCH", "AFL_FRIDA_INST_NO_PREFETCH",
"AFL_FRIDA_INST_NO_PREFETCH_BACKPATCH", "AFL_FRIDA_INST_NO_PREFETCH_BACKPATCH",