Static analysis pass (AFLplusplus#2178)

* copy * fmt * aa * a * Goodbye z3, i hope i won't build you forever * doc * fmt
cube0x8 · May 15, 2024 · c7303ac · c7303ac
1 parent 6fe888d
commit c7303ac
Show file tree

Hide file tree

Showing 7 changed files with 888 additions and 4 deletions.
diff --git a/fuzzers/libfuzzer_libpng_cmin/Cargo.toml b/fuzzers/libfuzzer_libpng_cmin/Cargo.toml
@@ -21,6 +21,7 @@ cc = { version = "1.0", features = ["parallel"] }
 which = "4.4"
 
 [dependencies]
+env_logger = "0.10"
 libafl = { path = "../../libafl/", features = ["default", "cmin"] }
 # libafl = { path = "../../libafl/", features = ["default"] }
 libafl_bolts = { path = "../../libafl_bolts/" }

diff --git a/fuzzers/libfuzzer_libpng_cmin/Makefile.toml b/fuzzers/libfuzzer_libpng_cmin/Makefile.toml
@@ -104,7 +104,7 @@ windows_alias = "unsupported"
 
 [tasks.fuzzer_unix]
 command = "${CARGO_TARGET_DIR}/${PROFILE_DIR}/libafl_cxx"
-args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/libpng-1.6.37/.libs/libpng16.a", "-I", "${PROJECT_DIR}/libpng-1.6.37/", "-o", "${FUZZER_NAME}", "-lm", "-lz"]
+args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/libpng-1.6.37/.libs/libpng16.a", "-I", "${PROJECT_DIR}/libpng-1.6.37/", "-o", "${FUZZER_NAME}", "-lm", "-lz", "-lz3"]
 dependencies = [ "lib", "cxx", "cc" ]
 
 # Crashing Harness
@@ -115,7 +115,7 @@ windows_alias = "unsupported"
 
 [tasks.fuzzer_crash_unix]
 command = "${CARGO_TARGET_DIR}/${PROFILE_DIR}/libafl_cxx"
-args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/libpng-1.6.37/.libs/libpng16.a", "-I", "${PROJECT_DIR}/libpng-1.6.37/", "-o", "${FUZZER_NAME}_crash", "-lm", "-lz"]
+args = ["${PROJECT_DIR}/harness.cc", "${PROJECT_DIR}/libpng-1.6.37/.libs/libpng16.a", "-I", "${PROJECT_DIR}/libpng-1.6.37/", "-o", "${FUZZER_NAME}_crash", "-lm", "-lz", "-lz3"]
 dependencies = [ "crash_lib", "crash_cxx", "crash_cc" ]
 
 # Run the fuzzer

diff --git a/fuzzers/libfuzzer_libpng_cmin/src/bin/libafl_cc.rs b/fuzzers/libfuzzer_libpng_cmin/src/bin/libafl_cc.rs
@@ -18,6 +18,7 @@ pub fn main() {
             .expect("Failed to parse the command line")
             .link_staticlib(&dir, "libfuzzer_libpng")
             .add_arg("-fsanitize-coverage=trace-pc-guard")
+            .add_arg("-lz3")
             .run()
             .expect("Failed to run the wrapped compiler")
         {

diff --git a/fuzzers/libfuzzer_libpng_cmin/src/lib.rs b/fuzzers/libfuzzer_libpng_cmin/src/lib.rs
@@ -44,6 +44,7 @@ static GLOBAL: MiMalloc = MiMalloc;
 #[cfg(not(test))]
 #[no_mangle]
 pub extern "C" fn libafl_main() {
+    env_logger::init();
     // Registry the metadata types used in this fuzzer
     // Needed only on no_std
     // unsafe { RegistryBuilder::register::<Tokens>(); }

diff --git a/libafl/Cargo.toml b/libafl/Cargo.toml
@@ -179,7 +179,7 @@ tokio = { version = "1.28.1", optional = true, features = ["sync", "net", "rt",
 
 wait-timeout = { version = "0.2", optional = true } # used by CommandExecutor to wait for child process
 
-z3 = { version = "0.12.0", features = ["static-link-z3"], optional = true } # for concolic mutation
+z3 = { version = "0.12.0", optional = true } # for concolic mutation
 
 concat-idents = { version = "1.1.3", optional = true }