From 14bec1377fc10800b44634c9ea126a4b7b2eaff7 Mon Sep 17 00:00:00 2001 From: novafacing Date: Fri, 9 Aug 2024 16:11:08 -0700 Subject: [PATCH 1/3] Restrict token permissions and add OpenSSF badge to repository --- .github/workflows/ci.yml | 3 +++ .github/workflows/scans.yml | 3 +++ README.md | 2 ++ 3 files changed, 8 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 27f7dfb1..c0bf8fd4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,6 +20,9 @@ env: MINGW_URL: "https://github.com/brechtsanders/winlibs_mingw/releases/download/13.2.0-16.0.6-11.0.0-ucrt-r1/winlibs-x86_64-posix-seh-gcc-13.2.0-llvm-16.0.6-mingw-w64ucrt-11.0.0-r1.7z" MINGW_VERSION: "13.2.0-16.0.6-11.0.0-ucrt-r1" +permissions: + contents: read + jobs: cache_craff: runs-on: ubuntu-latest diff --git a/.github/workflows/scans.yml b/.github/workflows/scans.yml index 5a3696a6..10fbf32e 100644 --- a/.github/workflows/scans.yml +++ b/.github/workflows/scans.yml @@ -7,6 +7,9 @@ on: pull_request: branches: ["main"] +permissions: + contents: read + jobs: super_lint: name: Run Super Linter diff --git a/README.md b/README.md index ed2b652a..543013d0 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9349/badge)](https://www.bestpractices.dev/projects/9349) + # TSFFS: Target Software Fuzzer For SIMICS TSFFS is a snapshotting, coverage-guided fuzzer built on the From 7cc7d3b77c3ea8ea93a92c8a08be8f6bd12bfc56 Mon Sep 17 00:00:00 2001 From: novafacing Date: Thu, 8 Aug 2024 14:52:31 -0700 Subject: [PATCH 2/3] Update yaxpeax-x86 and yaxpeax-x86_64 --- Cargo.toml | 12 +++---- src/arch/x86.rs | 80 ++++++++++++++++++------------------------ src/arch/x86_64.rs | 86 ++++++++++++++++++++-------------------------- 3 files changed, 77 insertions(+), 101 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 8cf56aee..ec2b5236 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -48,21 +48,21 @@ libafl_bolts = { git = "https://github.com/AFLplusplus/LibAFL", rev = "0f26f6ea3 libafl_targets = { git = "https://github.com/AFLplusplus/LibAFL", rev = "0f26f6ea32aa74ee526636558842ec06bbfb49bb", default-features = false, features = [ "std", ] } -yaxpeax-arch = { version = "0.2.8", default-features = false, features = [ +yaxpeax-arch = { version = "0.3.2", default-features = false, features = [ "std", "use-serde", ] } -yaxpeax-x86 = { version = "1.2.2", default-features = false, features = [ +yaxpeax-x86 = { version = "2.0.0", default-features = false, features = [ "std", "use-serde", "fmt", ] } -typed-builder = "0.18.2" +typed-builder = "0.19.1" raw-cstr = "0.1.4" goblin = "0.8.2" -yaxpeax-riscv = { git = "https://github.com/DrChat/yaxpeax-riscv", version = "0.1.0", features = [ +yaxpeax-riscv = { git = "https://github.com/novafacing/yaxpeax-riscv", version = "0.1.0", features = [ "serde", -], rev = "0e2151b" } +], rev = "5973ff8" } crc32fast = "1.4.2" simics = "0.1.1" indoc = "2.0.5" @@ -74,7 +74,7 @@ num-traits = "0.2.19" num-derive = "0.4.2" tracing-subscriber = "0.3.18" tracing = { version = "0.1.40", features = ["log"] } -yaxpeax-arm = "0.2.5" +yaxpeax-arm = "0.3.0" chrono = "0.4.38" [dev-dependencies] diff --git a/src/arch/x86.rs b/src/arch/x86.rs index bb9f98f5..28a39fbe 100644 --- a/src/arch/x86.rs +++ b/src/arch/x86.rs @@ -766,79 +766,67 @@ impl TryFrom<(&Operand, Option)> for CmpExpr { let value = value.0; let expr = match value { - Operand::ImmediateI8(i) => CmpExpr::I8(*i), - Operand::ImmediateU8(u) => CmpExpr::U8(*u), - Operand::ImmediateI16(i) => CmpExpr::I16(*i), - Operand::ImmediateU16(u) => CmpExpr::U16(*u), - Operand::ImmediateI32(i) => CmpExpr::I32(*i), - Operand::ImmediateU32(u) => CmpExpr::U32(*u), - Operand::Register(r) => CmpExpr::Reg((r.name().to_string(), r.width())), - Operand::DisplacementU32(d) => CmpExpr::Addr(*d as u64), - Operand::RegDeref(r) => CmpExpr::Deref(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), + Operand::ImmediateI8 { imm } => CmpExpr::I8(*imm), + Operand::ImmediateU8 { imm } => CmpExpr::U8(*imm), + Operand::ImmediateI16 { imm } => CmpExpr::I16(*imm), + Operand::ImmediateU16 { imm } => CmpExpr::U16(*imm), + Operand::ImmediateI32 { imm } => CmpExpr::I32(*imm), + Operand::ImmediateU32 { imm } => CmpExpr::U32(*imm), + Operand::Register { reg } => CmpExpr::Reg((reg.name().to_string(), reg.width())), + Operand::AbsoluteU32 { addr } => CmpExpr::Addr(*addr as u64), + Operand::MemDeref { base } => CmpExpr::Deref(( + Box::new(CmpExpr::Reg((base.name().to_string(), base.width()))), width, )), - Operand::RegDisp(r, d) => CmpExpr::Deref(( + Operand::Disp { base, disp } => CmpExpr::Deref(( Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), - Box::new(CmpExpr::I32(*d)), + Box::new(CmpExpr::Reg((base.name().to_string(), base.width()))), + Box::new(CmpExpr::I32(*disp)), ))), width, )), - Operand::RegScale(r, s) => CmpExpr::Deref(( + Operand::MemIndexScale { index, scale } => CmpExpr::Deref(( Box::new(CmpExpr::Mul(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), - Box::new(CmpExpr::U8(*s)), + Box::new(CmpExpr::Reg((index.name().to_string(), index.width()))), + Box::new(CmpExpr::U8(*scale)), ))), width, )), - Operand::RegIndexBase(r, i) => CmpExpr::Deref(( - Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), - Box::new(CmpExpr::Reg((i.name().to_string(), i.width()))), - ))), - width, - )), - Operand::RegIndexBaseDisp(r, i, d) => CmpExpr::Deref(( - Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), - Box::new(CmpExpr::Reg((i.name().to_string(), i.width()))), - ))), - Box::new(CmpExpr::I32(*d)), - ))), - width, - )), - Operand::RegScaleDisp(r, s, d) => CmpExpr::Deref(( + Operand::MemIndexScaleDisp { index, scale, disp } => CmpExpr::Deref(( Box::new(CmpExpr::Add(( Box::new(CmpExpr::Mul(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), - Box::new(CmpExpr::U8(*s)), + Box::new(CmpExpr::Reg((index.name().to_string(), index.width()))), + Box::new(CmpExpr::U8(*scale)), ))), - Box::new(CmpExpr::I32(*d)), + Box::new(CmpExpr::I32(*disp)), ))), width, )), - Operand::RegIndexBaseScale(r, i, s) => CmpExpr::Deref(( + Operand::MemBaseIndexScale { base, index, scale } => CmpExpr::Deref(( Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), + Box::new(CmpExpr::Reg((base.name().to_string(), base.width()))), Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((i.name().to_string(), i.width()))), - Box::new(CmpExpr::U8(*s)), + Box::new(CmpExpr::Reg((index.name().to_string(), index.width()))), + Box::new(CmpExpr::U8(*scale)), ))), ))), width, )), - Operand::RegIndexBaseScaleDisp(r, i, s, d) => CmpExpr::Deref(( + Operand::MemBaseIndexScaleDisp { + base, + index, + scale, + disp, + } => CmpExpr::Deref(( Box::new(CmpExpr::Add(( Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), + Box::new(CmpExpr::Reg((base.name().to_string(), base.width()))), Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((i.name().to_string(), i.width()))), - Box::new(CmpExpr::U8(*s)), + Box::new(CmpExpr::Reg((index.name().to_string(), index.width()))), + Box::new(CmpExpr::U8(*scale)), ))), ))), - Box::new(CmpExpr::I32(*d)), + Box::new(CmpExpr::I32(*disp)), ))), width, )), diff --git a/src/arch/x86_64.rs b/src/arch/x86_64.rs index d307f23b..615db506 100644 --- a/src/arch/x86_64.rs +++ b/src/arch/x86_64.rs @@ -740,82 +740,70 @@ impl TryFrom<(&Operand, Option)> for CmpExpr { let value = value.0; let expr = match value { - Operand::ImmediateI8(i) => CmpExpr::I8(*i), - Operand::ImmediateU8(u) => CmpExpr::U8(*u), - Operand::ImmediateI16(i) => CmpExpr::I16(*i), - Operand::ImmediateU16(u) => CmpExpr::U16(*u), - Operand::ImmediateI32(i) => CmpExpr::I32(*i), - Operand::ImmediateU32(u) => CmpExpr::U32(*u), - Operand::ImmediateI64(i) => CmpExpr::I64(*i), - Operand::ImmediateU64(u) => CmpExpr::U64(*u), - Operand::Register(r) => CmpExpr::Reg((r.name().to_string(), r.width())), - Operand::DisplacementU32(d) => CmpExpr::Addr(*d as u64), - Operand::DisplacementU64(d) => CmpExpr::Addr(*d), - Operand::RegDeref(r) => CmpExpr::Deref(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), + Operand::ImmediateI8 { imm } => CmpExpr::I8(*imm), + Operand::ImmediateU8 { imm } => CmpExpr::U8(*imm), + Operand::ImmediateI16 { imm } => CmpExpr::I16(*imm), + Operand::ImmediateU16 { imm } => CmpExpr::U16(*imm), + Operand::ImmediateI32 { imm } => CmpExpr::I32(*imm), + Operand::ImmediateU32 { imm } => CmpExpr::U32(*imm), + Operand::ImmediateI64 { imm } => CmpExpr::I64(*imm), + Operand::ImmediateU64 { imm } => CmpExpr::U64(*imm), + Operand::Register { reg } => CmpExpr::Reg((reg.name().to_string(), reg.width())), + Operand::AbsoluteU32 { addr } => CmpExpr::Addr(*addr as u64), + Operand::AbsoluteU64 { addr } => CmpExpr::Addr(*addr), + Operand::MemDeref { base } => CmpExpr::Deref(( + Box::new(CmpExpr::Reg((base.name().to_string(), base.width()))), width, )), - Operand::RegDisp(r, d) => CmpExpr::Deref(( + Operand::Disp { base, disp } => CmpExpr::Deref(( Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), - Box::new(CmpExpr::I32(*d)), + Box::new(CmpExpr::Reg((base.name().to_string(), base.width()))), + Box::new(CmpExpr::I32(*disp)), ))), width, )), - Operand::RegScale(r, s) => CmpExpr::Deref(( + Operand::MemIndexScale { index, scale } => CmpExpr::Deref(( Box::new(CmpExpr::Mul(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), - Box::new(CmpExpr::U8(*s)), + Box::new(CmpExpr::Reg((index.name().to_string(), index.width()))), + Box::new(CmpExpr::U8(*scale)), ))), width, )), - Operand::RegIndexBase(r, i) => CmpExpr::Deref(( - Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), - Box::new(CmpExpr::Reg((i.name().to_string(), i.width()))), - ))), - width, - )), - Operand::RegIndexBaseDisp(r, i, d) => CmpExpr::Deref(( - Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), - Box::new(CmpExpr::Reg((i.name().to_string(), i.width()))), - ))), - Box::new(CmpExpr::I32(*d)), - ))), - width, - )), - Operand::RegScaleDisp(r, s, d) => CmpExpr::Deref(( + Operand::MemIndexScaleDisp { index, scale, disp } => CmpExpr::Deref(( Box::new(CmpExpr::Add(( Box::new(CmpExpr::Mul(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), - Box::new(CmpExpr::U8(*s)), + Box::new(CmpExpr::Reg((index.name().to_string(), index.width()))), + Box::new(CmpExpr::U8(*scale)), ))), - Box::new(CmpExpr::I32(*d)), + Box::new(CmpExpr::I32(*disp)), ))), width, )), - Operand::RegIndexBaseScale(r, i, s) => CmpExpr::Deref(( + Operand::MemBaseIndexScale { base, index, scale } => CmpExpr::Deref(( Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), + Box::new(CmpExpr::Reg((base.name().to_string(), base.width()))), Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((i.name().to_string(), i.width()))), - Box::new(CmpExpr::U8(*s)), + Box::new(CmpExpr::Reg((index.name().to_string(), index.width()))), + Box::new(CmpExpr::U8(*scale)), ))), ))), width, )), - Operand::RegIndexBaseScaleDisp(r, i, s, d) => CmpExpr::Deref(( + Operand::MemBaseIndexScaleDisp { + base, + index, + scale, + disp, + } => CmpExpr::Deref(( Box::new(CmpExpr::Add(( Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((r.name().to_string(), r.width()))), + Box::new(CmpExpr::Reg((base.name().to_string(), base.width()))), Box::new(CmpExpr::Add(( - Box::new(CmpExpr::Reg((i.name().to_string(), i.width()))), - Box::new(CmpExpr::U8(*s)), + Box::new(CmpExpr::Reg((index.name().to_string(), index.width()))), + Box::new(CmpExpr::U8(*scale)), ))), ))), - Box::new(CmpExpr::I32(*d)), + Box::new(CmpExpr::I32(*disp)), ))), width, )), From d79658d791b3ea1abe543f4a1b019e574f0284c7 Mon Sep 17 00:00:00 2001 From: novafacing Date: Fri, 9 Aug 2024 17:26:13 -0700 Subject: [PATCH 3/3] Update yaxpeax-x86 and yaxpeax-x86_64, bump other dependencies --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index ec2b5236..725791e5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -60,7 +60,7 @@ yaxpeax-x86 = { version = "2.0.0", default-features = false, features = [ typed-builder = "0.19.1" raw-cstr = "0.1.4" goblin = "0.8.2" -yaxpeax-riscv = { git = "https://github.com/novafacing/yaxpeax-riscv", version = "0.1.0", features = [ +yaxpeax-riscv = { git = "https://github.com/DrChat/yaxpeax-riscv", version = "0.1.0", features = [ "serde", ], rev = "5973ff8" } crc32fast = "1.4.2"