ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-13 02:28:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

do not add zero byte on string compares with len

Browse Source
This commit is contained in:
vanhauser-thc
2021-11-23 19:34:21 +01:00
parent 39e2003630
commit 11f89ab785
4 changed files with 24 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
instrumentation/SanitizerCoverageLTO.so.cc
View File

@ -922,13 +922,16 @@ bool ModuleSanitizerCoverage::instrumentModule(
// was not already added // was not already added
if (!isMemcmp) { if (!isMemcmp) {
if (addedNull == false && thestring[optLen - 1] != '\0') { /*
if (addedNull == false && thestring[optLen - 1] !=
'\0') {
thestring.append("\0", 1); // add null byte thestring.append("\0", 1); // add null byte
optLen++; optLen++;
} }
*/
if (!isStdString) { if (!isStdString) {
// ensure we do not have garbage // ensure we do not have garbage

19
instrumentation/afl-llvm-dict2file.so.cc
View File

@ -603,18 +603,27 @@ bool AFLdict2filePass::runOnModule(Module &M) {
// was not already added // was not already added
if (!isMemcmp) { if (!isMemcmp) {
if (addedNull == false && thestring[optLen - 1] != '\0') { /*
if (addedNull == false && thestring[optLen - 1] != '\0')
{
thestring.append("\0", 1); // add null byte thestring.append("\0", 1); // add null byte
optLen++; optLen++;
} }
*/
if (!isStdString) { if (!isStdString) {
// ensure we do not have garbage // ensure we do not have garbage
size_t offset = thestring.find('\0', 0); size_t offset = thestring.find('\0', 0);
if (offset + 1 < optLen) optLen = offset + 1; if (offset && offset < opLen && offset + 1 < optLen) {
optLen = offset + 1;
}
thestring = thestring.substr(0, optLen); thestring = thestring.substr(0, optLen);
} }

1
instrumentation/compare-transform-pass.so.cc
View File

@ -442,6 +442,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp,
bool isSizedcmp = false; bool isSizedcmp = false;
bool isCaseInsensitive = false; bool isCaseInsensitive = false;
Function * Callee = callInst->getCalledFunction(); Function * Callee = callInst->getCalledFunction();
if (Callee) { if (Callee) {
isMemcmp = Callee->getName().compare("memcmp") == 0; isMemcmp = Callee->getName().compare("memcmp") == 0;

4
instrumentation/split-switches-pass.so.cc
View File

@ -507,9 +507,9 @@ bool SplitSwitchesTransform::runOnModule(Module &M) {
#if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ #if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */
/* if (modified) { /* if (modified) {
PA.abandon<XX_Manager>(); PA.abandon<XX_Manager>();
}*/ }*/
return PA; return PA;