ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-17 20:28:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

code-format

Browse Source
This commit is contained in:
vanhauser-thc
2022-01-25 19:54:46 +01:00
parent ed72b9ec1d
commit 016bdc36bb
2 changed files with 22 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
nyx_mode/README.md
View File

@ -43,6 +43,10 @@ requires an Intel processor (6th generation onwards) and a special 5.10 kernel
## Preparing to fuzz a target with Nyx mode ## Preparing to fuzz a target with Nyx mode
For source instrumented fuzzing you can use any afl-cc mode, with LTO even
auto-dictionary is supported.
Note the CMPLOG is currently not supported (yet).
Nyx uses full system emulation hence your fuzzing targets have to be especially Nyx uses full system emulation hence your fuzzing targets have to be especially
packaged. packaged.

25
src/afl-forkserver.c
View File

@ -425,6 +425,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
} }
} }
ck_free(x); ck_free(x);
if (fsrv->nyx_runner == NULL) { FATAL("Something went wrong ..."); } if (fsrv->nyx_runner == NULL) { FATAL("Something went wrong ..."); }
@ -467,17 +468,23 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
/* autodict in Nyx mode */ /* autodict in Nyx mode */
if (!ignore_autodict) { if (!ignore_autodict) {
x = alloc_printf("%s/workdir/dump/afl_autodict.txt", fsrv->out_dir_path); x = alloc_printf("%s/workdir/dump/afl_autodict.txt", fsrv->out_dir_path);
int nyx_autodict_fd = open(x, O_RDONLY); int nyx_autodict_fd = open(x, O_RDONLY);
ck_free(x); ck_free(x);
if (nyx_autodict_fd >= 0) { if (nyx_autodict_fd >= 0) {
struct stat st; struct stat st;
if (fstat(nyx_autodict_fd, &st) >= 0) { if (fstat(nyx_autodict_fd, &st) >= 0) {
u32 f_len = st.st_size; u32 f_len = st.st_size;
u8 *dict = ck_alloc(f_len); u8 *dict = ck_alloc(f_len);
if (dict == NULL) { if (dict == NULL) {
FATAL("Could not allocate %u bytes of autodictionary memory", f_len);
FATAL("Could not allocate %u bytes of autodictionary memory",
f_len);
} }
u32 offset = 0, count = 0; u32 offset = 0, count = 0;
@ -497,16 +504,17 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
"Reading autodictionary fail at position %u with %u bytes " "Reading autodictionary fail at position %u with %u bytes "
"left.", "left.",
offset, len); offset, len);
} }
} }
offset = 0; offset = 0;
while (offset < (u32)f_len && while (offset < (u32)f_len &&
(u8)dict[offset] + offset < (u32)f_len) { (u8)dict[offset] + offset < (u32)f_len) {
fsrv->add_extra_func(fsrv->afl_ptr, dict + offset + 1, fsrv->add_extra_func(fsrv->afl_ptr, dict + offset + 1,
(u8)dict[offset]); (u8)dict[offset]);
offset += (1 + dict[offset]); offset += (1 + dict[offset]);
count++; count++;
@ -516,10 +524,13 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
ck_free(dict); ck_free(dict);
} }
close(nyx_autodict_fd); close(nyx_autodict_fd);
} }
} }
return; return;
} }