ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-14 02:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

changelog update

Browse Source
This commit is contained in:
vanhauser-thc
2022-10-24 20:06:57 +02:00
parent 02502c1a54
commit 05e0825d66
14 changed files with 56 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/Changelog.md
View File

@ -13,6 +13,8 @@
scripts scripts
- afl-fuzz: - afl-fuzz:
- force writing all stats on exit - force writing all stats on exit
- ensure targets are killed on exit
- `AFL_FORK_SERVER_KILL_SIGNAL` added
- afl-cc: - afl-cc:
- make gcc_mode (afl-gcc-fast) work with gcc down to version 3.6 - make gcc_mode (afl-gcc-fast) work with gcc down to version 3.6
- qemu_mode: - qemu_mode:

1
include/afl-fuzz.h
View File

@ -1268,3 +1268,4 @@ void queue_testcase_store_mem(afl_state_t *afl, struct queue_entry *q, u8 *mem);
#endif #endif
#endif #endif

5
include/common.h
View File

@ -77,7 +77,9 @@ int parse_afl_kill_signal(u8 *numeric_signal_as_str, int default_signal);
/* Configure the signals that are used to kill the forkserver /* Configure the signals that are used to kill the forkserver
and the forked childs. If `afl_kill_signal_env` or `afl_fsrv_kill_signal_env` and the forked childs. If `afl_kill_signal_env` or `afl_fsrv_kill_signal_env`
is NULL, the appropiate values are read from the environment. */ is NULL, the appropiate values are read from the environment. */
void configure_afl_kill_signals(afl_forkserver_t *fsrv, char* afl_kill_signal_env, char* afl_fsrv_kill_signal_env); void configure_afl_kill_signals(afl_forkserver_t *fsrv,
char *afl_kill_signal_env,
char *afl_fsrv_kill_signal_env);
/* Read a bitmap from file fname to memory /* Read a bitmap from file fname to memory
This is for the -B option again. */ This is for the -B option again. */
@ -140,3 +142,4 @@ FILE *create_ffile(u8 *fn);
s32 create_file(u8 *fn); s32 create_file(u8 *fn);
#endif #endif

1
include/envs.h
View File

@ -240,3 +240,4 @@ static char *afl_environment_variables[] = {
extern char *afl_environment_variables[]; extern char *afl_environment_variables[];
#endif #endif

1
include/forkserver.h
View File

@ -224,3 +224,4 @@ void afl_fsrv_kill(afl_forkserver_t *fsrv);
#endif /* ^RLIMIT_AS */ #endif /* ^RLIMIT_AS */
#endif #endif

1
instrumentation/afl-compiler-rt.o.c
View File

@ -2408,3 +2408,4 @@ void __afl_set_persistent_mode(u8 mode) {
} }
#undef write_error #undef write_error

2
src/afl-analyze.c
View File

@ -1117,7 +1117,6 @@ int main(int argc, char **argv_orig, char **envp) {
configure_afl_kill_signals(&fsrv, NULL, NULL); configure_afl_kill_signals(&fsrv, NULL, NULL);
read_initial_file(); read_initial_file();
(void)check_binary_signatures(fsrv.target_path); (void)check_binary_signatures(fsrv.target_path);
@ -1151,3 +1150,4 @@ int main(int argc, char **argv_orig, char **envp) {
exit(0); exit(0);
} }

32
src/afl-common.c
View File

@ -458,7 +458,6 @@ u8 *find_afl_binary(u8 *own_loc, u8 *fname) {
} }
int parse_afl_kill_signal(u8 *numeric_signal_as_str, int default_signal) { int parse_afl_kill_signal(u8 *numeric_signal_as_str, int default_signal) {
if (numeric_signal_as_str && numeric_signal_as_str[0]) { if (numeric_signal_as_str && numeric_signal_as_str[0]) {
@ -468,32 +467,44 @@ int parse_afl_kill_signal(u8 *numeric_signal_as_str, int default_signal) {
signal_code = (u8)strtoul(numeric_signal_as_str, &endptr, 10); signal_code = (u8)strtoul(numeric_signal_as_str, &endptr, 10);
/* Did we manage to parse the full string? */ /* Did we manage to parse the full string? */
if (*endptr != '\0' || endptr == (char *)numeric_signal_as_str) { if (*endptr != '\0' || endptr == (char *)numeric_signal_as_str) {
FATAL("Invalid signal name: %s", numeric_signal_as_str); FATAL("Invalid signal name: %s", numeric_signal_as_str);
} else { } else {
return signal_code; return signal_code;
} }
} }
return default_signal; return default_signal;
} }
void configure_afl_kill_signals(afl_forkserver_t *fsrv, char* afl_kill_signal_env, char* afl_fsrv_kill_signal_env) { void configure_afl_kill_signals(afl_forkserver_t *fsrv,
afl_kill_signal_env = afl_kill_signal_env ? char *afl_kill_signal_env,
afl_kill_signal_env : getenv("AFL_KILL_SIGNAL"); char *afl_fsrv_kill_signal_env) {
afl_fsrv_kill_signal_env = afl_fsrv_kill_signal_env ?
afl_fsrv_kill_signal_env : getenv("AFL_FORK_SERVER_KILL_SIGNAL");
fsrv->child_kill_signal = afl_kill_signal_env =
parse_afl_kill_signal(afl_kill_signal_env, SIGKILL); afl_kill_signal_env ? afl_kill_signal_env : getenv("AFL_KILL_SIGNAL");
afl_fsrv_kill_signal_env = afl_fsrv_kill_signal_env
? afl_fsrv_kill_signal_env
: getenv("AFL_FORK_SERVER_KILL_SIGNAL");
fsrv->child_kill_signal = parse_afl_kill_signal(afl_kill_signal_env, SIGKILL);
if (afl_kill_signal_env && !afl_fsrv_kill_signal_env) { if (afl_kill_signal_env && !afl_fsrv_kill_signal_env) {
/* /*
Set AFL_FORK_SERVER_KILL_SIGNAL to the value of AFL_KILL_SIGNAL for backwards Set AFL_FORK_SERVER_KILL_SIGNAL to the value of AFL_KILL_SIGNAL for
compatibility. However, if AFL_FORK_SERVER_KILL_SIGNAL is set, is takes precedence. backwards compatibility. However, if AFL_FORK_SERVER_KILL_SIGNAL is set, is
takes precedence.
*/ */
afl_fsrv_kill_signal_env = afl_kill_signal_env; afl_fsrv_kill_signal_env = afl_kill_signal_env;
} }
fsrv->fsrv_kill_signal = fsrv->fsrv_kill_signal =
parse_afl_kill_signal(afl_fsrv_kill_signal_env, SIGTERM); parse_afl_kill_signal(afl_fsrv_kill_signal_env, SIGTERM);
@ -1262,3 +1273,4 @@ s32 create_file(u8 *fn) {
return fd; return fd;
} }

1
src/afl-forkserver.c
View File

@ -1688,3 +1688,4 @@ void afl_fsrv_deinit(afl_forkserver_t *fsrv) {
list_remove(&fsrv_list, fsrv); list_remove(&fsrv_list, fsrv);
} }

1
src/afl-fuzz-init.c
View File

@ -2963,3 +2963,4 @@ void save_cmdline(afl_state_t *afl, u32 argc, char **argv) {
*buf = 0; *buf = 0;
} }

12
src/afl-fuzz-state.c
View File

@ -485,12 +485,14 @@ void read_afl_environment(afl_state_t *afl, char **envp) {
#endif #endif
} else if (!strncmp(env, "AFL_KILL_SIGNAL", } else if (!strncmp(env, "AFL_KILL_SIGNAL",
afl_environment_variable_len)) { afl_environment_variable_len)) {
afl->afl_env.afl_child_kill_signal = afl->afl_env.afl_child_kill_signal =
(u8 *)get_afl_env(afl_environment_variables[i]); (u8 *)get_afl_env(afl_environment_variables[i]);
} else if (!strncmp(env, "AFL_FORK_SERVER_KILL_SIGNAL", } else if (!strncmp(env, "AFL_FORK_SERVER_KILL_SIGNAL",
afl_environment_variable_len)) { afl_environment_variable_len)) {
afl->afl_env.afl_fsrv_kill_signal = afl->afl_env.afl_fsrv_kill_signal =
@ -659,12 +661,17 @@ void afl_states_stop(void) {
}); });
LIST_FOREACH(&afl_states, afl_state_t, { LIST_FOREACH(&afl_states, afl_state_t, {
/* NOTE: We need to make sure that the parent (the forkserver) reap the child (see below). */
if (el->fsrv.child_pid > 0) kill(el->fsrv.child_pid, el->fsrv.child_kill_signal); /* NOTE: We need to make sure that the parent (the forkserver) reap the
* child (see below). */
if (el->fsrv.child_pid > 0)
kill(el->fsrv.child_pid, el->fsrv.child_kill_signal);
if (el->fsrv.fsrv_pid > 0) { if (el->fsrv.fsrv_pid > 0) {
kill(el->fsrv.fsrv_pid, el->fsrv.fsrv_kill_signal); kill(el->fsrv.fsrv_pid, el->fsrv.fsrv_kill_signal);
/* Make sure the forkserver does not end up as zombie. */ /* Make sure the forkserver does not end up as zombie. */
waitpid(el->fsrv.fsrv_pid, NULL, 0); waitpid(el->fsrv.fsrv_pid, NULL, 0);
} }
}); });
@ -682,3 +689,4 @@ void afl_states_request_skip(void) {
LIST_FOREACH(&afl_states, afl_state_t, { el->skip_requested = 1; }); LIST_FOREACH(&afl_states, afl_state_t, { el->skip_requested = 1; });
} }

6
src/afl-fuzz.c
View File

@ -1362,9 +1362,8 @@ int main(int argc, char **argv_orig, char **envp) {
#endif #endif
configure_afl_kill_signals(&afl->fsrv, configure_afl_kill_signals(&afl->fsrv, afl->afl_env.afl_child_kill_signal,
afl->afl_env.afl_child_kill_signal, afl->afl_env.afl_fsrv_kill_signal);
afl->afl_env.afl_fsrv_kill_signal);
setup_signal_handlers(); setup_signal_handlers();
check_asan_opts(afl); check_asan_opts(afl);
@ -2688,3 +2687,4 @@ stop_fuzzing:
} }
#endif /* !AFL_LIB */ #endif /* !AFL_LIB */

10
src/afl-showmap.c
View File

@ -866,9 +866,12 @@ static void usage(u8 *argv0) {
"startup (in milliseconds)\n" "startup (in milliseconds)\n"
"AFL_KILL_SIGNAL: Signal ID delivered to child processes on timeout,\n" "AFL_KILL_SIGNAL: Signal ID delivered to child processes on timeout,\n"
" etc. (default: SIGKILL)\n" " etc. (default: SIGKILL)\n"
"AFL_FORK_SERVER_KILL_SIGNAL: Signal delivered to fork server processes on termination\n" "AFL_FORK_SERVER_KILL_SIGNAL: Signal delivered to fork server processes "
" (default: SIGTERM). If this is not set and AFL_KILL_SIGNAL is set,\n" "on termination\n"
" this will be set to the same value as AFL_KILL_SIGNAL.\n" " (default: SIGTERM). If this is not set and "
"AFL_KILL_SIGNAL is set,\n"
" this will be set to the same value as "
"AFL_KILL_SIGNAL.\n"
"AFL_MAP_SIZE: the shared memory size for that target. must be >= the " "AFL_MAP_SIZE: the shared memory size for that target. must be >= the "
"size the target was compiled for\n" "size the target was compiled for\n"
"AFL_PRELOAD: LD_PRELOAD / DYLD_INSERT_LIBRARIES settings for target\n" "AFL_PRELOAD: LD_PRELOAD / DYLD_INSERT_LIBRARIES settings for target\n"
@ -1474,3 +1477,4 @@ int main(int argc, char **argv_orig, char **envp) {
exit(ret); exit(ret);
} }

2
src/afl-tmin.c
View File

@ -1200,7 +1200,6 @@ int main(int argc, char **argv_orig, char **envp) {
configure_afl_kill_signals(fsrv, NULL, NULL); configure_afl_kill_signals(fsrv, NULL, NULL);
if (getenv("AFL_CRASH_EXITCODE")) { if (getenv("AFL_CRASH_EXITCODE")) {
long exitcode = strtol(getenv("AFL_CRASH_EXITCODE"), NULL, 10); long exitcode = strtol(getenv("AFL_CRASH_EXITCODE"), NULL, 10);
@ -1354,3 +1353,4 @@ int main(int argc, char **argv_orig, char **envp) {
exit(0); exit(0);
} }