LibAFL icon indicating copy to clipboard operation
LibAFL copied to clipboard
verified publisher icon AFLplusplus

Move test harness to inline c

Open mineo333 opened this issue 1 year ago • 10 comments

This change hopes to address some of the concerns described in https://github.com/AFLplusplus/LibAFL/issues/1799.

This PR moves the Frida ASAN test from an external cpp file to inline c. This is done by having the #inline_c_rs CFLAGS: "-shared" flag at the top which forces it to compile as a shared library. The shared library is then loaded via libloading.

Note that this may break the tests in https://github.com/AFLplusplus/LibAFL/pull/1607. However, if needed, more flags can be introduced.

mineo333 avatar Jan 17 '24 15:01 mineo333

Thanks!

I'd like to see:

  1. That we can build and run tests on windows too using cargo xwin with wine and/or native on-windows compilation.
  2. a macro for defining a test case, which generates the boiler plate necessary, when provided with a C++ block and some expectations.

s1341 avatar Jan 18 '24 05:01 s1341

Due to the substantial changes needed to inline-c, a fork has been created here: https://github.com/mineo333/libafl-inline-c-rs

Support for compiling as a shared library and cross-compilation is being added.

mineo333 avatar Jan 18 '24 20:01 mineo333

What's the benefit over simply having a c file lying around? Isn't this way more confusing for new developers joining the project? Also, we won't have clang format nor code completion for inline C, right?

domenukk avatar Jan 18 '24 21:01 domenukk

What's the benefit over simply having a c file lying around? Isn't this way more confusing for new developers joining the project? Also, we won't have clang format nor code completion for inline C, right?

I think it could be easier in the long term mainly because the cc stuff would be abstracted out via the inline_c_rs options at the top. We also wouldn't have a growing build script every time we need to have a test. However, there definitely would be a small learning curve when using this.

Also, clang format nor code completion would be available with this.

mineo333 avatar Jan 20 '24 16:01 mineo333

I agree... The C/C++ snippets are parts of the test fixture. It's very annoying when the test fixure is spread over mulitiple files/localtions.

With this, you have the whole test self-contained in a single location.

s1341 avatar Jan 22 '24 07:01 s1341

Maybe break it up into individual tests?

s1341 avatar Jan 22 '24 07:01 s1341

I agree... The C/C++ snippets are parts of the test fixture. It's very annoying when the test fixure is spread over mulitiple files/localtions.

With this, you have the whole test self-contained in a single location.

Personally I think fn test_frida_cmplog() in rust could just as easily map directly to something like ./tests/test_frida_cmplog.c, it wouldn't be much more friction to write, and get around all of the macro vodoo.. But ultimately I'll trust your judgement. :)

domenukk avatar Jan 22 '24 22:01 domenukk

Let's see how we can refine the test macro as we build out some tests...

s1341 avatar Jan 23 '24 07:01 s1341

What's the status?

domenukk avatar Jan 30 '24 16:01 domenukk

Right now, in terms of splitting the tests, there's a weird problem where because the frida hooks are not deinit'd, it is effectively impossible to create multiple frida helpers. The ideal solution for that is what @s1341 implemented in https://github.com/AFLplusplus/LibAFL/pull/1607/ with callouts, so I'm going to see what I can do with that.

mineo333 avatar Jan 30 '24 17:01 mineo333