small fixes and enhancements (AFLplusplus#1731)

* nits * first steps * different approach * fixes * remove temps * remove temp --------- Co-authored-by: Dongjia "toka" Zhang <[email protected]>
rmalmain · Dec 17, 2023 · 63e1523 · 63e1523
1 parent ef8ebd5
commit 63e1523
Show file tree

Hide file tree

Showing 6 changed files with 16 additions and 6 deletions.
diff --git a/fuzzers/qemu_launcher/src/harness.rs b/fuzzers/qemu_launcher/src/harness.rs
@@ -79,7 +79,9 @@ impl<'a> Harness<'a> {
         self.emu
             .write_function_argument(CallingConvention::Cdecl, 1, len)
             .map_err(|e| Error::unknown(format!("Failed to write argument 1: {e:}")))?;
-        unsafe { self.emu.run() };
+        unsafe {
+            let _ = self.emu.run();
+        };
         Ok(())
     }
 }
diff --git a/fuzzers/qemu_launcher/src/instance.rs b/fuzzers/qemu_launcher/src/instance.rs
@@ -186,7 +186,7 @@ impl<'a> Instance<'a> {
             let mut executor = TimeoutExecutor::new(executor, self.options.timeout);
 
             // Setup an havoc mutator with a mutational stage
-            let mutator = StdScheduledMutator::new(havoc_mutations());
+            let mutator = StdScheduledMutator::new(havoc_mutations().merge(tokens_mutations()));
             let mut stages = tuple_list!(StdMutationalStage::new(mutator));
 
             self.fuzz(&mut state, &mut fuzzer, &mut executor, &mut stages)

diff --git a/fuzzers/qemu_launcher/src/options.rs b/fuzzers/qemu_launcher/src/options.rs
@@ -18,10 +18,10 @@ use crate::version::Version;
     long_about = "Binary fuzzer using QEMU binary instrumentation"
 )]
 pub struct FuzzerOptions {
-    #[arg(long, help = "Input directory")]
+    #[arg(short, long, help = "Input directory")]
     pub input: String,
 
-    #[arg(long, help = "Output directory")]
+    #[arg(short, long, help = "Output directory")]
     pub output: String,
 
     #[arg(long, help = "Tokens file")]

diff --git a/libafl_qemu/src/elf.rs b/libafl_qemu/src/elf.rs
@@ -12,6 +12,14 @@ pub struct EasyElf<'a> {
 }
 
 impl<'a> EasyElf<'a> {
+    pub fn get_needed(&self) -> Result<Vec<&'a str>, Error> {
+        let mut v: Vec<&str> = Vec::new();
+        for dyn_lib in &self.elf.libraries {
+            v.push(dyn_lib);
+        }
+        Ok(v)
+    }
+
     pub fn from_file<P>(path: P, buffer: &'a mut Vec<u8>) -> Result<Self, Error>
     where
         P: AsRef<Path>,

diff --git a/libafl_qemu/src/emu.rs b/libafl_qemu/src/emu.rs
@@ -982,7 +982,7 @@ impl Emulator {
     }
 
     #[must_use]
-    pub(crate) fn new_empty() -> Emulator {
+    pub fn new_empty() -> Emulator {
         Emulator { _private: () }
     }
 

diff --git a/libafl_qemu/src/snapshot.rs b/libafl_qemu/src/snapshot.rs
@@ -493,7 +493,7 @@ where
         QT: QemuHelperTuple<S>,
     {
         if hooks.match_helper::<QemuAsanHelper>().is_none() {
-            // The ASan helper, if present, will call the tracer hook for the snpahsot helper as opt
+            // The ASan helper, if present, will call the tracer hook for the snapshot helper as opt
             hooks.writes(
                 Hook::Empty,
                 Hook::Function(trace_write1_snapshot::<QT, S>),