rust-fuzz / afl.rs

I may be wrong, but it seems to me that:

cargo install afl takes/saves full cargo path during its installation
When we execute cargo afl ... it uses a saved cargo path (from an envvar in

afl.rs/src/bin/cargo-afl.rs

Line 294 in aad1eec

let cargo_path = env!("CARGO");

?)

If the cargo path changed between 1) and our actual fuzzing attempt, things go wrong and we panic on unwrap here:

Lines 349 to 357 in aad1eec

    
           let status = Command::new(cargo_path) 
        
               .arg(subcommand) 
        
               .args(args) 
        
               .env("RUSTFLAGS", &rustflags) 
        
               .env("RUSTDOCFLAGS", &rustdocflags) 
        
               .env("ASAN_OPTIONS", asan_options) 
        
               .env("TSAN_OPTIONS", tsan_options) 
        
               .status() 
        
               .unwrap();

With an error like:

thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Os { code: 2, kind: NotFound, message: "No such file or directory" }', /Users/dc/.cargo/registry/src/github.com-1ecc6299db9ec823/afl-0.10.0/src/bin/cargo-afl.rs:357:10
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

This occured for me when I used afl via test-fuzz and I don't have all the steps necessary to reproduce this. However, my cargo installation comes from nix package manager and I think I maybe updated cargo via nix? (or maybe it is related to rust toolchain changes?)

All this was fixed after I reinstalled afl via cargo install afl --force.

So it would be nice to either fix this, or, show an error that cargo install afl --force may fix it.

	let status = Command::new(cargo_path)
	.arg(subcommand)
	.args(args)
	.env("RUSTFLAGS", &rustflags)
	.env("RUSTDOCFLAGS", &rustdocflags)
	.env("ASAN_OPTIONS", asan_options)
	.env("TSAN_OPTIONS", tsan_options)
	.status()
	.unwrap();

Cargo afl takes Cargo path during installation and if cargo path changes, the returned error is not obvious