ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-14 19:08:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

afl-common.c: avoid AFL++'s allocation API for libc's argv[] and reduce

Browse Source 
complexity for cwd
This commit is contained in:
hexcoder-
2020-03-13 01:21:07 +01:00
parent 530bd2b341
commit 23d0cea3c9
1 changed files with 24 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
src/afl-common.c
View File

@ -35,42 +35,29 @@
#ifndef __glibc__ #ifndef __glibc__
#include <unistd.h> #include <unistd.h>
#endif #endif
#include <limits.h>
extern u8 be_quiet; extern u8 be_quiet;
void detect_file_args(char **argv, u8 *prog_in, u8 *use_stdin) { void detect_file_args(char **argv, u8 *prog_in, u8 *use_stdin) {
u32 i = 0; u32 i = 0;
#ifdef __GLIBC__ u8 cwd[PATH_MAX];
u8 *cwd = getcwd(NULL, 0); /* non portable glibc extension */ if (getcwd(cwd, (size_t)sizeof(cwd)) == NULL) {
#else
u8 * cwd;
char *buf;
long size = pathconf(".", _PC_PATH_MAX);
if ((buf = (char *)malloc((size_t)size)) != NULL) {
cwd = getcwd(buf, (size_t)size); /* portable version */
} else {
cwd = 0; /* for dumb compilers */
PFATAL("getcwd() failed"); PFATAL("getcwd() failed");
} }
#endif /* we are working with libc-heap-allocated argvs. So do not mix them with
* other allocation APIs like ck_alloc. That would disturb the free() calls. */
if (!cwd) PFATAL("getcwd() failed");
// TODO: free allocs below... somewhere.
while (argv[i]) { while (argv[i]) {
u8 *aa_loc = strstr(argv[i], "@@"); u8 *aa_loc = strstr(argv[i], "@@");
if (aa_loc) { if (aa_loc) {
u8 *aa_subst, *n_arg; u8 *n_arg;
if (!prog_in) FATAL("@@ syntax is not supported by this tool."); if (!prog_in) FATAL("@@ syntax is not supported by this tool.");
@ -78,22 +65,29 @@ void detect_file_args(char **argv, u8 *prog_in, u8 *use_stdin) {
if (prog_in[0] != 0) { // not afl-showmap special case if (prog_in[0] != 0) { // not afl-showmap special case
s32 new_size;
/* Be sure that we're always using fully-qualified paths. */ /* Be sure that we're always using fully-qualified paths. */
if (prog_in[0] == '/') *aa_loc = 0;
aa_subst = prog_in; if (prog_in[0] == '/') {
else new_size = snprintf(NULL, 0, "%s%s%s", argv[i], prog_in, aa_loc + 2);
aa_subst = alloc_printf("%s/%s", cwd, prog_in); } else {
new_size = snprintf(NULL, 0, "%s%s/%s%s", argv[i], cwd, prog_in, aa_loc + 2);
}
if (new_size < 0) PFATAL("snprintf() failed");
/* Construct a replacement argv value. */ /* Construct a replacement argv value. */
*aa_loc = 0; if ((n_arg = realloc(argv[i], new_size + 1)) == NULL) {
n_arg = alloc_printf("%s%s%s", argv[i], aa_subst, aa_loc + 2); PFATAL("realloc() failed");
ck_free(argv[i]); }
if (prog_in[0] == '/') {
snprintf(n_arg, new_size, "%s%s%s", argv[i], prog_in, aa_loc + 2);
} else {
snprintf(n_arg, new_size, "%s%s/%s%s", argv[i], cwd, prog_in, aa_loc + 2);
}
argv[i] = n_arg; argv[i] = n_arg;
//*aa_loc = '@';
if (prog_in[0] != '/') ck_free(aa_subst);
} }
@ -102,9 +96,7 @@ void detect_file_args(char **argv, u8 *prog_in, u8 *use_stdin) {
i++; i++;
} }
/* argvs are automatically freed at exit. */
free(cwd); /* not tracked!!!! */
} }
/* duplicate the system argv so that /* duplicate the system argv so that