Skip to content

Commit c384f9b

Browse files
ifratricifratric
authored
Merge pull request #12 from GAP-dev/master
[CoreAudioFuzz] Supported apple silicon mac os
2 parents b9936f8 + dd1f975 commit c384f9b

2 files changed

Lines changed: 32 additions & 0 deletions

File tree

CoreAudioFuzz/jackalope-modifications/CMakeLists.txt

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,16 @@ set (CMAKE_CXX_STANDARD 17)
1717

1818
include_directories(${CMAKE_CURRENT_SOURCE_DIR}/Jackalope)
1919

20+
if(APPLE)
21+
# If the active architecture is arm64 (Apple Silicon), define the same macros
22+
# Jackalope uses so <tinyinst.h> selects the correct code paths.
23+
if("${CMAKE_OSX_ARCHITECTURES}" MATCHES "arm64" OR
24+
CMAKE_HOST_SYSTEM_PROCESSOR MATCHES "arm64")
25+
message(STATUS "Configuring CoreAudioFuzz for Apple Silicon (arm64)")
26+
add_definitions(-D__arm64__=1 -D__aarch64__=1 -DARM64=1)
27+
endif()
28+
endif()
29+
2030
add_subdirectory(Jackalope)
2131

2232
add_executable(coreaudiofuzzer

CoreAudioFuzz/jackalope-modifications/function_hooks.cpp

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ limitations under the License.
1919
void HALSWriteSettingHook::OnFunctionEntered() {
2020
printf("HALS_SettingsManager::_WriteSetting Entered\n");
2121

22+
#if defined(__x86_64__)
2223
if (!GetRegister(RDX)) {
2324
printf("NULL plist passed as argument, returning to prevent NULL CFRelease\n");
2425
printf("Current $RSP: %p\n", GetRegister(RSP));
@@ -38,6 +39,27 @@ void HALSWriteSettingHook::OnFunctionEntered() {
3839

3940
printf("$RSP is now: %p\n", GetRegister(RSP));
4041
}
42+
#elif defined(__arm64__)
43+
// On Apple Silicon, use X2 instead of RDX, SP instead of RSP, PC instead of RIP
44+
if (!GetRegister(X2)) {
45+
printf("NULL plist passed as argument, returning to prevent NULL CFRelease\n");
46+
printf("Current SP: %p\n", GetRegister(SP));
47+
48+
void *return_address;
49+
RemoteRead((void*)GetRegister(SP), &return_address, sizeof(void *));
50+
printf("Current return address: %p\n", GetReturnAddress());
51+
printf("Current PC: %p\n", GetRegister(PC));
52+
53+
SetRegister(X0, 0); // X0 is usually return value on ARM64
54+
SetRegister(PC, GetReturnAddress());
55+
printf("PC register is now: %p\n", GetRegister(ARCH_PC));
56+
57+
SetRegister(SP, GetRegister(SP) + 8); // Simulate a return instruction
58+
printf("SP is now: %p\n", GetRegister(SP));
59+
}
60+
#else
61+
#error "Unsupported architecture"
62+
#endif
4163
}
4264

4365
FunctionHookInst::FunctionHookInst() {

0 commit comments

Comments
 (0)