search

AFLplusplus / LibAFL

Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
Other
2.03k stars 318 forks source link

Replace Capstone with yaxpeax #410

Closed domenukk closed 2 years ago

domenukk commented 2 years ago

For some parts of libafl we use capstone, however it's slow to build and, according to: https://github.com/athre0z/disas-bench also slow to run. Instead we should look at yaxpeax which is fast and written in rust https://github.com/iximeow/yaxpeax-core

s1341 commented 2 years ago

Frida uses capstone internally. And we ‘inherit’ that usage.

domenukk commented 2 years ago

Checked the usages and it seems our usages are all, more or less, independent of frida. I'm not even sure the toolchain is smart enough to not place two capstone object files into the final binary, even for frida mode...

s1341 commented 2 years ago

Here https://github.com/AFLplusplus/LibAFL/blob/4a23489acb1101aee2ddde27592bd50b8e8aac76/libafl_frida/src/helper.rs#L301 we get the capstone instruction from frida.

domenukk commented 2 years ago

Ow :( Guess adding another decompiler is not helping much, in this case