xref: /aosp_15_r20/external/AFLplusplus/afl-wine-trace (revision 08b48e0b10e97b33e7b60c5b6e2243bd915777f2)

#!/usr/bin/env python3

import os
import sys
import pefile
import shutil
import subprocess

if len(sys.argv) < 2:
    print("[afl-wine-trace] usage: ./afl-wine-trace binary [args...]\n")
    exit(1)

if os.getenv("AFL_PATH"):
    my_dir = os.getenv("AFL_PATH")
else:
    my_dir = os.path.dirname(os.path.abspath(__file__))

os.environ["WINELOADERNOEXEC"] = "1"

pe = pefile.PE(sys.argv[1])

if "AFL_ENTRYPOINT" not in os.environ:
    os.environ["AFL_ENTRYPOINT"] = "0x%x" % (pe.OPTIONAL_HEADER.ImageBase + pe.OPTIONAL_HEADER.AddressOfEntryPoint)
if not os.getenv("AFL_INST_LIBS"):
    if "AFL_CODE_START" not in os.environ:
        os.environ["AFL_CODE_START"] = "0x%x" % (pe.OPTIONAL_HEADER.ImageBase + pe.OPTIONAL_HEADER.BaseOfCode)
    if "AFL_CODE_END" not in os.environ:
        os.environ["AFL_CODE_END"] = "0x%x" % (pe.OPTIONAL_HEADER.ImageBase + pe.OPTIONAL_HEADER.BaseOfCode + pe.OPTIONAL_HEADER.SizeOfCode)

if pe.FILE_HEADER.Machine == pefile.MACHINE_TYPE["IMAGE_FILE_MACHINE_AMD64"] or pe.FILE_HEADER.Machine == pefile.MACHINE_TYPE["IMAGE_FILE_MACHINE_IA64"]:
    os.environ["QEMU_SET_ENV"] = "LD_PRELOAD=" + os.path.join(my_dir, "qemu_mode/unsigaction/unsigaction64.so") + ",WINEARCH=win64"
else:
    os.environ["QEMU_SET_ENV"] = "LD_PRELOAD=" + os.path.join(my_dir, "qemu_mode/unsigaction/unsigaction32.so") + ",WINEARCH=win32"

if os.getenv("WINECOV_QEMU_PATH"):
    qemu_path = os.getenv("WINECOV_QEMU_PATH")
elif os.path.exists(os.path.join(my_dir, "afl-qemu-trace")):
    qemu_path = os.path.join(my_dir, "afl-qemu-trace")
else:
    qemu_path = "qemu-"
    if pe.FILE_HEADER.Machine == pefile.MACHINE_TYPE["IMAGE_FILE_MACHINE_AMD64"] or pe.FILE_HEADER.Machine == pefile.MACHINE_TYPE["IMAGE_FILE_MACHINE_IA64"]:
        qemu_path += "x86_64"
    elif pe.FILE_HEADER.Machine == pefile.MACHINE_TYPE["IMAGE_FILE_MACHINE_I386"]:
        qemu_path += "i386"
    else:
        print ("[afl-wine-trace] unsuppoted architecture\n")
        exit(1)
    qemu_path = shutil.which(qemu_path)

wine_path = None
if os.getenv("AFL_WINE_PATH"):
    wine_path = os.getenv("AFL_WINE_PATH")
else:
    if not wine_path and shutil.which("wine"):
        wine_path = shutil.which("wine")
    if not wine_path and os.path.exists("/usr/bin/wine"):
        wine_path = "/usr/bin/wine"
    if not wine_path and os.path.exists("/usr/lib/wine/wine"):
        wine_path = "/usr/lib/wine/wine"
    if pe.FILE_HEADER.Machine == pefile.MACHINE_TYPE["IMAGE_FILE_MACHINE_AMD64"] or pe.FILE_HEADER.Machine == pefile.MACHINE_TYPE["IMAGE_FILE_MACHINE_IA64"]:
        wine_path += "64"
    elif pe.FILE_HEADER.Machine == pefile.MACHINE_TYPE["IMAGE_FILE_MACHINE_I386"]:
        pass
    else:
        print ("[afl-wine-trace] unsopported architecture\n")
        exit(1)

argv = sys.argv[1:]
for i in range(len(argv)):
    if ".cur_input" in argv[i]:
        # Get the Wine translated path using the winepath tool
        arg_translated = subprocess.run([os.path.join(os.path.dirname(wine_path), "winepath"), "--windows", argv[i]], universal_newlines=True, stdout=subprocess.PIPE).stdout
        # Remove the spurious LF at the end of the path
        if len(arg_translated) > 0 and arg_translated[-1] == '\n':
            arg_translated = arg_translated[:-1]
        argv[i] = arg_translated
        break

print("[afl-wine-trace] exec:", " ".join([qemu_path, wine_path] + argv))
os.execve(qemu_path, [qemu_path, wine_path] + argv, os.environ)