ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-11 17:51:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1504 from AFLplusplus/dev

Browse Source 
pcguard off-by-one fix
This commit is contained in:
van Hauser
2022-08-26 23:52:44 +02:00
committed by GitHub
parent 413e68ab6d 2775271b17
commit 147654f871
2 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/Changelog.md
View File

@ -17,6 +17,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
- default calibration cycles set to 7 from 8, and only add 5 cycles
to variables queue items instead of 12.
- afl-cc:
- fixed off-by-one bug in our pcguard implemenation, thanks for
@toka for reporting
- better handling of -fsanitize=..,...,.. lists
- fix gcc_mode cmplog
- obtain the map size of a target with setting AFL_DUMP_MAP_SIZE=1

20
instrumentation/SanitizerCoveragePCGUARD.so.cc
View File

@ -850,7 +850,8 @@ void ModuleSanitizerCoverageAFL::CreateFunctionLocalArrays(
bool ModuleSanitizerCoverageAFL::InjectCoverage(
Function &F, ArrayRef<BasicBlock *> AllBlocks, bool IsLeafFunc) {
uint32_t cnt_cov = 0, cnt_sel = 0, cnt_sel_inc = 0;
uint32_t cnt_cov = 0, cnt_sel = 0, cnt_sel_inc = 0;
static uint32_t first = 1;
for (auto &BB : F) {
@ -876,9 +877,11 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage(
}
if (FuncName.compare(StringRef("__afl_coverage_interesting"))) continue;
if (!FuncName.compare(StringRef("__afl_coverage_interesting"))) {
cnt_cov++;
cnt_cov++;
}
}
@ -917,7 +920,8 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage(
}
/* Create PCGUARD array */
CreateFunctionLocalArrays(F, AllBlocks, cnt_cov + cnt_sel_inc);
CreateFunctionLocalArrays(F, AllBlocks, first + cnt_cov + cnt_sel_inc);
if (first) { first = 0; }
selects += cnt_sel;
uint32_t special = 0, local_selects = 0, skip_next = 0;
@ -1103,10 +1107,10 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage(
ModuleSanitizerCoverageAFL::SetNoSanitizeMetadata(MapPtr);
/*
std::string errMsg;
raw_string_ostream os(errMsg);
result->print(os);
fprintf(stderr, "X: %s\n", os.str().c_str());
std::string errMsg;
raw_string_ostream os(errMsg);
result->print(os);
fprintf(stderr, "X: %s\n", os.str().c_str());
*/
while (1) {