Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added init gdb function to configspec #24

Merged
merged 1 commit into from
Jan 2, 2023
Merged

Added init gdb function to configspec #24

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
27 changes: 18 additions & 9 deletions unicorefuzz/configspec.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,7 @@ def nop_func(*args, **kwargs) -> None:
pass


def init_avatar_target(ucf: Unicorefuzz, avatar: Avatar) -> Target:
"""
Init the target used by the probe wrapper.
The probe_wrapper will set the breakpoint and forward regs and mem using this target.
:param ucf: Unicorefuzz instance, access config using ucf.config.
:param avatar: Initialized Avatar to add target to.
:return: An initialized target, added to Avatar.
"""
def init_avatar_target():
from avatar2 import GDBTarget

target = avatar.add_target(
Expand Down Expand Up @@ -170,9 +163,25 @@ def init_avatar_target(ucf: Unicorefuzz, avatar: Avatar) -> Target:
"init_avatar_target",
Callable[[Unicorefuzz, Avatar], Target],
lambda config: init_avatar_target,
init_avatar_target.__doc__,
"""
Init the target used by the probe wrapper.
The probe_wrapper will set the breakpoint and forward regs and mem using this target.
:param ucf: Unicorefuzz instance, access config using ucf.config.
:param avatar: Initialized Avatar to add target to.
:return: An initialized target, added to Avatar.
""",
"ucf, avatar",
),
Optional(
"init_gdb_target",
Callable[[Target], None],
lambda config: nop_func,
"""An initialization function called after attaching to the gdb target and before continuing its execution.
This function is useful to perform preliminary steps (e.g. disabling watchdogs, modifying memory etc.),
before running the target under gdb.
:param target: the avatar gdb target""",
"target",
),
] # type: List[Union[Required, Optional]]


Expand Down
3 changes: 3 additions & 0 deletions unicorefuzz/probe_wrapper.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,9 @@ def wrap_gdb_target(self, clear_state: bool = True) -> None:
print("[*] Initializing Avatar2")
target = self.config.init_avatar_target(self, avatar) # type: Target

print("[*] Initializing Avatar2 gdb target")
self.config.init_gdb_target(target)

target.set_breakpoint("*{}".format(breakaddress))
print("[+] Breakpoint set at {}".format(breakaddress))
print("[*] Waiting for bp hit...")
Expand Down