mirror of
https://github.com/AFLplusplus/AFLplusplus.git
synced 2025-06-10 01:01:33 +00:00
fixed alloc errors, code format
This commit is contained in:
Dominik Maier
parent
54fdec0e51
commit
23f37ff505
@ -358,8 +358,8 @@ int recv_testcase(int s, void **buf) {
|
|||||||
|
|
||||||
if ((size & 0xff000000) != 0xff000000) {
|
if ((size & 0xff000000) != 0xff000000) {
|
||||||
|
|
||||||
*buf = afl_realloc((void **)&buf, size);
|
*buf = afl_realloc(buf, size);
|
||||||
if (unlikely(!buf)) { PFATAL("Alloc"); }
|
if (unlikely(!*buf)) { PFATAL("Alloc"); }
|
||||||
received = 0;
|
received = 0;
|
||||||
// fprintf(stderr, "unCOMPRESS (%u)\n", size);
|
// fprintf(stderr, "unCOMPRESS (%u)\n", size);
|
||||||
while (received < size &&
|
while (received < size &&
|
||||||
@ -371,8 +371,8 @@ int recv_testcase(int s, void **buf) {
|
|||||||
#ifdef USE_DEFLATE
|
#ifdef USE_DEFLATE
|
||||||
u32 clen;
|
u32 clen;
|
||||||
size -= 0xff000000;
|
size -= 0xff000000;
|
||||||
*buf = afl_realloc((void **)&buf, size);
|
*buf = afl_realloc(buf, size);
|
||||||
if (unlikely(!buf)) { PFATAL("Alloc"); }
|
if (unlikely(!*buf)) { PFATAL("Alloc"); }
|
||||||
received = 0;
|
received = 0;
|
||||||
while (received < 4 &&
|
while (received < 4 &&
|
||||||
(ret = recv(s, &clen + received, 4 - received, 0)) > 0)
|
(ret = recv(s, &clen + received, 4 - received, 0)) > 0)
|
||||||
|
|||||||
@ -694,10 +694,11 @@ static inline void *afl_realloc(void **buf, size_t size_needed) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* alloc */
|
/* alloc */
|
||||||
struct afl_alloc_buf *newer_buf = (struct afl_alloc_buf *)realloc(new_buf, next_size);
|
struct afl_alloc_buf *newer_buf =
|
||||||
|
(struct afl_alloc_buf *)realloc(new_buf, next_size);
|
||||||
if (unlikely(!newer_buf)) {
|
if (unlikely(!newer_buf)) {
|
||||||
|
|
||||||
free(new_buf); // avoid a leak
|
free(new_buf); // avoid a leak
|
||||||
*buf = NULL;
|
*buf = NULL;
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
@ -707,7 +708,6 @@ static inline void *afl_realloc(void **buf, size_t size_needed) {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
new_buf->complete_size = next_size;
|
new_buf->complete_size = next_size;
|
||||||
*buf = (void *)(new_buf->buf);
|
*buf = (void *)(new_buf->buf);
|
||||||
return *buf;
|
return *buf;
|
||||||
@ -736,10 +736,11 @@ static inline void *afl_realloc_exact(void **buf, size_t size_needed) {
|
|||||||
if (unlikely(current_size == size_needed)) { return *buf; }
|
if (unlikely(current_size == size_needed)) { return *buf; }
|
||||||
|
|
||||||
/* alloc */
|
/* alloc */
|
||||||
struct afl_alloc_buf *newer_buf = (struct afl_alloc_buf *)realloc(new_buf, size_needed);
|
struct afl_alloc_buf *newer_buf =
|
||||||
|
(struct afl_alloc_buf *)realloc(new_buf, size_needed);
|
||||||
if (unlikely(!newer_buf)) {
|
if (unlikely(!newer_buf)) {
|
||||||
|
|
||||||
free(new_buf); // avoid a leak
|
free(new_buf); // avoid a leak
|
||||||
*buf = NULL;
|
*buf = NULL;
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
|
|||||||
@ -1327,9 +1327,11 @@ int main(int argc, char **argv, char **envp) {
|
|||||||
"filename\n");
|
"filename\n");
|
||||||
|
|
||||||
#if LLVM_MAJOR < 9
|
#if LLVM_MAJOR < 9
|
||||||
#define COUNTER_BEHAVIOUR " AFL_LLVM_NOT_ZERO: use cycling trace counters that skip zero\n"
|
#define COUNTER_BEHAVIOUR \
|
||||||
|
" AFL_LLVM_NOT_ZERO: use cycling trace counters that skip zero\n"
|
||||||
#else
|
#else
|
||||||
#define COUNTER_BEHAVIOUR " AFL_LLVM_SKIP_NEVERZERO: do not skip zero on trace counters\n"
|
#define COUNTER_BEHAVIOUR \
|
||||||
|
" AFL_LLVM_SKIP_NEVERZERO: do not skip zero on trace counters\n"
|
||||||
#endif
|
#endif
|
||||||
if (have_llvm)
|
if (have_llvm)
|
||||||
SAYF(
|
SAYF(
|
||||||
|
|||||||
@ -96,7 +96,7 @@ static size_t fuzz_py(void *py_mutator, u8 *buf, size_t buf_size, u8 **out_buf,
|
|||||||
mutated_size = PyByteArray_Size(py_value);
|
mutated_size = PyByteArray_Size(py_value);
|
||||||
|
|
||||||
*out_buf = afl_realloc(BUF_PARAMS(fuzz), mutated_size);
|
*out_buf = afl_realloc(BUF_PARAMS(fuzz), mutated_size);
|
||||||
if (unlikely(!out_buf)) { PFATAL("alloc"); }
|
if (unlikely(!*out_buf)) { PFATAL("alloc"); }
|
||||||
|
|
||||||
memcpy(*out_buf, PyByteArray_AsString(py_value), mutated_size);
|
memcpy(*out_buf, PyByteArray_AsString(py_value), mutated_size);
|
||||||
Py_DECREF(py_value);
|
Py_DECREF(py_value);
|
||||||
@ -579,7 +579,7 @@ size_t trim_py(void *py_mutator, u8 **out_buf) {
|
|||||||
|
|
||||||
ret = PyByteArray_Size(py_value);
|
ret = PyByteArray_Size(py_value);
|
||||||
*out_buf = afl_realloc(BUF_PARAMS(trim), ret);
|
*out_buf = afl_realloc(BUF_PARAMS(trim), ret);
|
||||||
if (unlikely(!out_buf)) { PFATAL("alloc"); }
|
if (unlikely(!*out_buf)) { PFATAL("alloc"); }
|
||||||
memcpy(*out_buf, PyByteArray_AsString(py_value), ret);
|
memcpy(*out_buf, PyByteArray_AsString(py_value), ret);
|
||||||
Py_DECREF(py_value);
|
Py_DECREF(py_value);
|
||||||
|
|
||||||
@ -645,7 +645,7 @@ size_t havoc_mutation_py(void *py_mutator, u8 *buf, size_t buf_size,
|
|||||||
|
|
||||||
/* A new buf is needed... */
|
/* A new buf is needed... */
|
||||||
*out_buf = afl_realloc(BUF_PARAMS(havoc), mutated_size);
|
*out_buf = afl_realloc(BUF_PARAMS(havoc), mutated_size);
|
||||||
if (unlikely(!out_buf)) { PFATAL("alloc"); }
|
if (unlikely(!*out_buf)) { PFATAL("alloc"); }
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -56,7 +56,12 @@ void create_alias_table(afl_state_t *afl) {
|
|||||||
int * S = (u32 *)afl_realloc(AFL_BUF_PARAM(out_scratch), n * sizeof(u32));
|
int * S = (u32 *)afl_realloc(AFL_BUF_PARAM(out_scratch), n * sizeof(u32));
|
||||||
int * L = (u32 *)afl_realloc(AFL_BUF_PARAM(in_scratch), n * sizeof(u32));
|
int * L = (u32 *)afl_realloc(AFL_BUF_PARAM(in_scratch), n * sizeof(u32));
|
||||||
|
|
||||||
if (!P || !S || !L) { FATAL("could not aquire memory for alias table"); }
|
if (!P || !S || !L || !afl->alias_table || !afl->alias_probability) {
|
||||||
|
|
||||||
|
FATAL("could not aquire memory for alias table");
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
memset((void *)afl->alias_table, 0, n * sizeof(u32));
|
memset((void *)afl->alias_table, 0, n * sizeof(u32));
|
||||||
memset((void *)afl->alias_probability, 0, n * sizeof(double));
|
memset((void *)afl->alias_probability, 0, n * sizeof(double));
|
||||||
|
|
||||||
|
|||||||
@ -350,6 +350,7 @@ int main(int argc, char **argv_orig, char **envp) {
|
|||||||
|
|
||||||
case 's': {
|
case 's': {
|
||||||
|
|
||||||
|
if (optarg == NULL) { FATAL("No valid seed provided. Got NULL."); }
|
||||||
rand_set_seed(afl, strtoul(optarg, 0L, 10));
|
rand_set_seed(afl, strtoul(optarg, 0L, 10));
|
||||||
afl->fixed_seed = 1;
|
afl->fixed_seed = 1;
|
||||||
break;
|
break;
|
||||||
@ -419,6 +420,7 @@ int main(int argc, char **argv_orig, char **envp) {
|
|||||||
case 'i': /* input dir */
|
case 'i': /* input dir */
|
||||||
|
|
||||||
if (afl->in_dir) { FATAL("Multiple -i options not supported"); }
|
if (afl->in_dir) { FATAL("Multiple -i options not supported"); }
|
||||||
|
if (afl->in_dir == NULL) { FATAL("Invalid -i option (got NULL)."); }
|
||||||
afl->in_dir = optarg;
|
afl->in_dir = optarg;
|
||||||
|
|
||||||
if (!strcmp(afl->in_dir, "-")) { afl->in_place_resume = 1; }
|
if (!strcmp(afl->in_dir, "-")) { afl->in_place_resume = 1; }
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user