Persistent mode on Android

[dwi...@protonmail.com]

Hi,

I'm successfully fuzzing a black-box binary on Android using honggfuzz (awesome fuzzer), but I would like to fuzz using the persistent mode as well. My fuzz target is currently compiled with arm-linux-androideabi.

What is the simplest way to compile a fuzz target for Android that supports persistent mode? After cross-compiling honggfuzz, the resulting /libs/[arch] doesn't seem to contain the needed libraries for HF_ITER style, and I don't think that there is a honggfuzz wrapper for the cross compiler to support ASAN-style out of the box?

Any hints would be very appreciated.

Regards,

Dwight

[Robert Święcki]

Hi,

It was other people who implemented Android support, but looking at the compilation process:

$ PATH=$PATH:~/src/android-ndk-r18b/ make clean android

...

...

[armeabi-v7a] StaticLibrary  : libhfuzz.a

There's HF_ITER

$ nm obj/local/armeabi-v7a/libhfuzz.a | grep HF_ITER

00000000 T HF_ITER

You can try simply compiling as follows

(android-version-gcc/clang) yourcode.o -o yourapp obj/local/armeabi-v7a/libhfuzz.a 

And it should maybe work :). If it doesn't you can try looking at https://github.com/google/honggfuzz/blob/master/hfuzz_cc/hfuzz-cc.c - as there are a couple of linker options which might help here, e.g. -Wl,-u,LIBHFUZZ_module_instrument and -Wl,-u,LIBHFUZZ_module_memorycmp

If I'm not mistaken Android build system uses now something like bazel builds, so maybe this is the target you want your apps to depend on ?

https://github.com/tonight0210/external/blob/bec995ae25519a10cfb8ef21ce4aa1082b3e62fc/honggfuzz/Android.bp

--

Robert Święcki