90% done

AFLplusplus · Jan 11, 2025 · 99ef4e7 · 99ef4e7
1 parent 052b733
commit 99ef4e7
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 85 deletions.
diff --git a/libafl/src/executors/command.rs b/libafl/src/executors/command.rs
@@ -780,7 +780,7 @@ impl CommandExecutorBuilder {
 ///     EM: UsesState,
 ///     EM::State: UsesInput<Input = BytesInput> + HasExecutions,
 ///     S: HasCorpus + HasExecutions,
-/// 	S::Corpus: Corpus<Input = BytesInput>,
+///     S::Corpus: Corpus<Input = BytesInput>,
 /// {
 ///     MyExecutor.into_executor(())
 /// }

diff --git a/libafl_frida/src/executor.rs b/libafl_frida/src/executor.rs
@@ -14,10 +14,11 @@ use libafl::{
     state::{HasCorpus, HasSolutions},
 };
 use libafl::{
+    corpus::Corpus,
     executors::{Executor, ExitKind, HasObservers, InProcessExecutor},
-    inputs::{HasTargetBytes, NopTargetBytesConverter, TargetBytesConverter},
+    inputs::{NopTargetBytesConverter, TargetBytesConverter, UsesInput},
     observers::ObserversTuple,
-    state::{HasExecutions, State, UsesState},
+    state::{HasCorpus, HasExecutions, UsesState},
     Error,
 };
 use libafl_bolts::{tuples::RefIndexable, AsSlice};
@@ -29,14 +30,7 @@ use crate::helper::{FridaInstrumentationHelper, FridaRuntimeTuple};
 use crate::windows_hooks::initialize;
 
 /// The [`FridaInProcessExecutor`] is an [`Executor`] that executes the target in the same process, usinig [`frida`](https://frida.re/) for binary-only instrumentation.
-pub struct FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S, TC>
-where
-    H: FnMut(&S::Input) -> ExitKind,
-    TC: TargetBytesConverter<Input = S::Input>,
-    S: State,
-    OT: ObserversTuple<S::Input, S>,
-    'b: 'a,
-{
+pub struct FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S, TC> {
     base: InProcessExecutor<'a, H, OT, S>,
     /// `thread_id` for the Stalker
     thread_id: Option<u32>,
@@ -51,10 +45,7 @@ where
 
 impl<H, OT, RT, S, TC> Debug for FridaInProcessExecutor<'_, '_, '_, H, OT, RT, S, TC>
 where
-    H: FnMut(&S::Input) -> ExitKind,
-    S: State,
-    TC: TargetBytesConverter<Input = S::Input>,
-    OT: ObserversTuple<S::Input, S> + Debug,
+    OT: Debug,
 {
     fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
         f.debug_struct("FridaInProcessExecutor")
@@ -65,24 +56,24 @@ where
     }
 }
 
-impl<EM, H, OT, RT, S, TC, Z> Executor<EM, Z>
+impl<EM, H, OT, RT, S, TC, Z> Executor<EM, <S::Corpus as Corpus>::Input, S, Z>
     for FridaInProcessExecutor<'_, '_, '_, H, OT, RT, S, TC>
 where
     EM: UsesState<State = S>,
-    H: FnMut(&S::Input) -> ExitKind,
-    S: State + HasExecutions,
-    TC: TargetBytesConverter<Input = S::Input>,
-    OT: ObserversTuple<S::Input, S>,
+    H: FnMut(&<S::Corpus as Corpus>::Input) -> ExitKind,
+    S: HasCorpus + HasExecutions + UsesInput<Input = <S::Corpus as Corpus>::Input>,
+    TC: TargetBytesConverter<Input = <S::Corpus as Corpus>::Input>,
+    OT: ObserversTuple<<S::Corpus as Corpus>::Input, S>,
     RT: FridaRuntimeTuple,
 {
     /// Instruct the target about the input and run
     #[inline]
     fn run_target(
         &mut self,
         fuzzer: &mut Z,
-        state: &mut Self::State,
+        state: &mut S,
         mgr: &mut EM,
-        input: &Self::Input,
+        input: &<S::Corpus as Corpus>::Input,
     ) -> Result<ExitKind, Error> {
         let target_bytes = self.target_bytes_converter.to_target_bytes(input);
         self.helper.pre_exec(target_bytes.as_slice())?;
@@ -122,23 +113,7 @@ where
     }
 }
 
-impl<H, OT, RT, S, TC> UsesState for FridaInProcessExecutor<'_, '_, '_, H, OT, RT, S, TC>
-where
-    H: FnMut(&S::Input) -> ExitKind,
-    OT: ObserversTuple<S::Input, S>,
-    S: State,
-    TC: TargetBytesConverter<Input = S::Input>,
-{
-    type State = S;
-}
-
-impl<H, OT, RT, S, TC> HasObservers for FridaInProcessExecutor<'_, '_, '_, H, OT, RT, S, TC>
-where
-    H: FnMut(&S::Input) -> ExitKind,
-    TC: TargetBytesConverter<Input = S::Input>,
-    S: State,
-    OT: ObserversTuple<S::Input, S>,
-{
+impl<H, OT, RT, S, TC> HasObservers for FridaInProcessExecutor<'_, '_, '_, H, OT, RT, S, TC> {
     type Observers = OT;
     #[inline]
     fn observers(&self) -> RefIndexable<&Self::Observers, Self::Observers> {
@@ -152,12 +127,18 @@ where
 }
 
 impl<'a, 'b, 'c, H, OT, RT, S>
-    FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S, NopTargetBytesConverter<S::Input>>
+    FridaInProcessExecutor<
+        'a,
+        'b,
+        'c,
+        H,
+        OT,
+        RT,
+        S,
+        NopTargetBytesConverter<<S::Corpus as Corpus>::Input>,
+    >
 where
-    H: FnMut(&S::Input) -> ExitKind,
-    S: State,
-    S::Input: HasTargetBytes,
-    OT: ObserversTuple<S::Input, S>,
+    S: HasCorpus,
     RT: FridaRuntimeTuple,
 {
     /// Creates a new [`FridaInProcessExecutor`].
@@ -194,10 +175,6 @@ where
 
 impl<'a, 'b, 'c, H, OT, RT, S, TC> FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S, TC>
 where
-    H: FnMut(&S::Input) -> ExitKind,
-    S: State,
-    TC: TargetBytesConverter<Input = S::Input>,
-    OT: ObserversTuple<S::Input, S>,
     RT: FridaRuntimeTuple,
 {
     /// Creates a new [`FridaInProcessExecutor`].

diff --git a/libafl_nyx/src/executor.rs b/libafl_nyx/src/executor.rs
@@ -5,10 +5,11 @@ use std::{
 };
 
 use libafl::{
+    corpus::Corpus,
     executors::{Executor, ExitKind, HasObservers, HasTimeout},
-    inputs::HasTargetBytes,
+    inputs::{HasTargetBytes, UsesInput},
     observers::{ObserversTuple, StdOutObserver},
-    state::{HasExecutions, State, UsesState},
+    state::{HasCorpus, HasExecutions, UsesState},
     Error,
 };
 use libafl_bolts::{tuples::RefIndexable, AsSlice};
@@ -38,26 +39,19 @@ impl NyxExecutor<(), ()> {
     }
 }
 
-impl<S, OT> UsesState for NyxExecutor<S, OT>
-where
-    S: State,
-{
-    type State = S;
-}
-
-impl<EM, S, Z, OT> Executor<EM, Z> for NyxExecutor<S, OT>
+impl<EM, S, Z, OT> Executor<EM, <S::Corpus as Corpus>::Input, S, Z> for NyxExecutor<S, OT>
 where
     EM: UsesState<State = S>,
-    S: State + HasExecutions,
-    S::Input: HasTargetBytes,
-    OT: ObserversTuple<S::Input, S>,
+    S: HasCorpus + HasExecutions + UsesInput<Input = <S::Corpus as Corpus>::Input>,
+    <S::Corpus as Corpus>::Input: HasTargetBytes,
+    OT: ObserversTuple<<S::Corpus as Corpus>::Input, S>,
 {
     fn run_target(
         &mut self,
         _fuzzer: &mut Z,
-        state: &mut Self::State,
+        state: &mut S,
         _mgr: &mut EM,
-        input: &Self::Input,
+        input: &<S::Corpus as Corpus>::Input,
     ) -> Result<ExitKind, Error> {
         *state.executions_mut() += 1;
 
@@ -205,11 +199,7 @@ impl NyxExecutorBuilder {
     }
 }
 
-impl<S, OT> HasObservers for NyxExecutor<S, OT>
-where
-    S: State,
-    OT: ObserversTuple<S::Input, S>,
-{
+impl<S, OT> HasObservers for NyxExecutor<S, OT> {
     type Observers = OT;
 
     fn observers(&self) -> RefIndexable<&Self::Observers, Self::Observers> {

diff --git a/libafl_tinyinst/src/executor.rs b/libafl_tinyinst/src/executor.rs
@@ -1,10 +1,10 @@
 use core::{marker::PhantomData, ptr, time::Duration};
 
 use libafl::{
+    corpus::Corpus,
     executors::{Executor, ExitKind, HasObservers},
-    inputs::HasTargetBytes,
-    observers::ObserversTuple,
-    state::{HasExecutions, State, UsesState},
+    inputs::{HasTargetBytes, UsesInput},
+    state::{HasCorpus, HasExecutions, UsesState},
     Error,
 };
 use libafl_bolts::{
@@ -48,20 +48,21 @@ where
     }
 }
 
-impl<EM, S, SP, OT, Z> Executor<EM, Z> for TinyInstExecutor<S, SP, OT>
+impl<EM, S, SP, OT, Z> Executor<EM, <S::Corpus as Corpus>::Input, S, Z>
+    for TinyInstExecutor<S, SP, OT>
 where
     EM: UsesState<State = S>,
-    S: State + HasExecutions,
-    S::Input: HasTargetBytes,
+    S: HasCorpus + HasExecutions + UsesInput<Input = <S::Corpus as Corpus>::Input>,
+    <S::Corpus as Corpus>::Input: HasTargetBytes,
     SP: ShMemProvider,
 {
     #[inline]
     fn run_target(
         &mut self,
         _fuzzer: &mut Z,
-        state: &mut Self::State,
+        state: &mut S,
         _mgr: &mut EM,
-        input: &Self::Input,
+        input: &<S::Corpus as Corpus>::Input,
     ) -> Result<ExitKind, Error> {
         *state.executions_mut() += 1;
         match &self.map {
@@ -317,9 +318,7 @@ where
 
 impl<S, SP, OT> HasObservers for TinyInstExecutor<S, SP, OT>
 where
-    S: State,
     SP: ShMemProvider,
-    OT: ObserversTuple<S::Input, S>,
 {
     type Observers = OT;
 
@@ -331,10 +330,3 @@ where
         RefIndexable::from(&mut self.observers)
     }
 }
-impl<S, SP, OT> UsesState for TinyInstExecutor<S, SP, OT>
-where
-    S: State,
-    SP: ShMemProvider,
-{
-    type State = S;
-}