ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-10 17:21:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix warning, code format

Browse Source
This commit is contained in:
van Hauser 2020-05-10 11:35:31 +02:00
parent 3beec8d4fa
commit 26f8708fed
42 changed files with 656 additions and 658 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
examples/afl_network_proxy/afl-network-client.c
View File

@ -15,7 +15,7 @@
*/
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "config.h"
#include "types.h"
@ -42,7 +42,7 @@
#include <fcntl.h>
#ifdef USE_DEFLATE
#include <libdeflate.h>
# include <libdeflate.h>
#endif
u8 *__afl_area_ptr;
@ -321,7 +321,7 @@ int main(int argc, char *argv[]) {
// fprintf(stderr, "Sending testcase with len %u\n", *lenptr);
#ifdef USE_DEFLATE
#ifdef COMPRESS_TESTCASES
# ifdef COMPRESS_TESTCASES
// we only compress the testcase if it does not fit in the TCP packet
if (*lenptr > 1500 - 20 - 32 - 4) {
@ -341,17 +341,17 @@ int main(int argc, char *argv[]) {
} else {
#endif
# endif
#endif
if (send(s, buf, *lenptr + 4, 0) != *lenptr + 4)
PFATAL("sending test data failed");
#ifdef USE_DEFLATE
#ifdef COMPRESS_TESTCASES
# ifdef COMPRESS_TESTCASES
// fprintf(stderr, "unCOMPRESS (%u)\n", *lenptr);
}
#endif
# endif
#endif
received = 0;

4
examples/afl_network_proxy/afl-network-server.c
View File

@ -25,7 +25,7 @@
#define AFL_MAIN
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "config.h"
@ -62,7 +62,7 @@
#include <netdb.h>
#ifdef USE_DEFLATE
#include <libdeflate.h>
# include <libdeflate.h>
struct libdeflate_compressor * compressor;
struct libdeflate_decompressor *decompressor;
#endif

2
examples/afl_proxy/afl-proxy.c
View File

@ -24,7 +24,7 @@
*/
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "config.h"
#include "types.h"

42
examples/afl_untracer/afl-untracer.c
View File

@ -34,7 +34,7 @@
#define _GNU_SOURCE
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "config.h"
#include "types.h"
@ -58,14 +58,14 @@
#include <sys/types.h>
#if defined(__linux__)
#include <sys/ucontext.h>
# include <sys/ucontext.h>
#elif defined(__APPLE__) && defined(__LP64__)
#include <mach-o/dyld_images.h>
# include <mach-o/dyld_images.h>
#elif defined(__FreeBSD__)
#include <sys/sysctl.h>
#include <sys/user.h>
# include <sys/sysctl.h>
# include <sys/user.h>
#else
#error "Unsupported platform"
# error "Unsupported platform"
#endif
#define MEMORY_MAP_DECREMENT 0x200000000000
@ -446,15 +446,15 @@ static void __afl_end_testcase(int status) {
}
#ifdef __aarch64__
#define SHADOW(addr) \
((uint64_t *)(((uintptr_t)addr & 0xfffffffffffffff8) - \
MEMORY_MAP_DECREMENT - \
((uintptr_t)addr & 0x7) * 0x10000000000))
# define SHADOW(addr) \
((uint64_t *)(((uintptr_t)addr & 0xfffffffffffffff8) - \
MEMORY_MAP_DECREMENT - \
((uintptr_t)addr & 0x7) * 0x10000000000))
#else
#define SHADOW(addr) \
((uint32_t *)(((uintptr_t)addr & 0xfffffffffffffffc) - \
MEMORY_MAP_DECREMENT - \
((uintptr_t)addr & 0x3) * 0x10000000000))
# define SHADOW(addr) \
((uint32_t *)(((uintptr_t)addr & 0xfffffffffffffffc) - \
MEMORY_MAP_DECREMENT - \
((uintptr_t)addr & 0x3) * 0x10000000000))
#endif
void setup_trap_instrumentation() {
@ -583,7 +583,7 @@ void setup_trap_instrumentation() {
#else
// this will be ARM and AARCH64
// for ARM we will need to identify if the code is in thumb or ARM
#error "non x86_64/aarch64 not supported yet"
# error "non x86_64/aarch64 not supported yet"
//__arm__:
// linux thumb: 0xde01
// linux arm: 0xe7f001f0
@ -622,20 +622,20 @@ static void sigtrap_handler(int signum, siginfo_t *si, void *context) {
ctx->uc_mcontext->__ss.__rip -= 1;
addr = ctx->uc_mcontext->__ss.__rip;
#elif defined(__linux__)
#if defined(__x86_64__) || defined(__i386__)
# if defined(__x86_64__) || defined(__i386__)
ctx->uc_mcontext.gregs[REG_RIP] -= 1;
addr = ctx->uc_mcontext.gregs[REG_RIP];
#elif defined(__aarch64__)
# elif defined(__aarch64__)
ctx->uc_mcontext.pc -= 4;
addr = ctx->uc_mcontext.pc;
#else
#error "Unsupported processor"
#endif
# else
# error "Unsupported processor"
# endif
#elif defined(__FreeBSD__) && defined(__LP64__)
ctx->uc_mcontext.mc_rip -= 1;
addr = ctx->uc_mcontext.mc_rip;
#else
#error "Unsupported platform"
# error "Unsupported platform"
#endif
// fprintf(stderr, "TRAP at context addr = %lx, fault addr = %lx\n", addr,

10
gcc_plugin/afl-gcc-pass.so.cc
View File

@ -55,10 +55,10 @@
/* clear helper macros AFL types pull in, which intervene with gcc-plugin
* headers from GCC-8 */
#ifdef likely
#undef likely
# undef likely
#endif
#ifdef unlikely
#undef unlikely
# undef unlikely
#endif
#include <stdio.h>
@ -295,16 +295,16 @@ static unsigned int inline_instrument(function *fun) {
update_stmt(g);
#if 1
#if 0
# if 0
tree addr = build2(ADDR_EXPR, map_type, map_ptr, area_off);
g = gimple_build_assign(map_ptr2, MODIFY_EXPR, addr);
gimple_seq_add_stmt(&seq, g); // map_ptr2 = map_ptr + area_off
update_stmt(g);
#else
# else
g = gimple_build_assign(map_ptr2, PLUS_EXPR, map_ptr, area_off);
gimple_seq_add_stmt(&seq, g); // map_ptr2 = map_ptr + area_off
update_stmt(g);
#endif
# endif
// gimple_assign <mem_ref, _3, *p_6, NULL, NULL>
tree tmp1 = create_tmp_var_raw(unsigned_char_type_node, "tmp1");

4
gcc_plugin/afl-gcc-rt.o.c
View File

@ -20,13 +20,13 @@
*/
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "../config.h"
#include "../types.h"
#ifdef USEMMAP
#include <stdio.h>
# include <stdio.h>
#endif
#include <stdlib.h>
#include <signal.h>

12
include/afl-as.h
View File

@ -404,9 +404,9 @@ static const u8 *main_payload_32 =
recognize .string. */
#ifdef __APPLE__
#define CALL_L64(str) "call _" str "\n"
# define CALL_L64(str) "call _" str "\n"
#else
#define CALL_L64(str) "call " str "@PLT\n"
# define CALL_L64(str) "call " str "@PLT\n"
#endif /* ^__APPLE__ */
static const u8 *main_payload_64 =
@ -744,9 +744,9 @@ static const u8 *main_payload_64 =
#ifdef __APPLE__
" .comm __afl_area_ptr, 8\n"
#ifndef COVERAGE_ONLY
# ifndef COVERAGE_ONLY
" .comm __afl_prev_loc, 8\n"
#endif /* !COVERAGE_ONLY */
# endif /* !COVERAGE_ONLY */
" .comm __afl_fork_pid, 4\n"
" .comm __afl_temp, 4\n"
" .comm __afl_setup_failure, 1\n"
@ -754,9 +754,9 @@ static const u8 *main_payload_64 =
#else
" .lcomm __afl_area_ptr, 8\n"
#ifndef COVERAGE_ONLY
# ifndef COVERAGE_ONLY
" .lcomm __afl_prev_loc, 8\n"
#endif /* !COVERAGE_ONLY */
# endif /* !COVERAGE_ONLY */
" .lcomm __afl_fork_pid, 4\n"
" .lcomm __afl_temp, 4\n"
" .lcomm __afl_setup_failure, 1\n"

82
include/afl-fuzz.h
View File

@ -31,14 +31,14 @@
#define MESSAGES_TO_STDOUT
#ifndef _GNU_SOURCE
#define _GNU_SOURCE 1
# define _GNU_SOURCE 1
#endif
#ifndef _FILE_OFFSET_BITS
#define _FILE_OFFSET_BITS 64
# define _FILE_OFFSET_BITS 64
#endif
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "config.h"
@ -76,7 +76,7 @@
#if defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || \
defined(__NetBSD__) || defined(__DragonFly__)
#include <sys/sysctl.h>
# include <sys/sysctl.h>
#endif /* __APPLE__ || __FreeBSD__ || __OpenBSD__ */
/* For systems that have sched_setaffinity; right now just Linux, but one
@ -84,31 +84,31 @@
#if defined(__linux__) || defined(__FreeBSD__) || defined(__NetBSD__) || \
defined(__DragonFly__)
#define HAVE_AFFINITY 1
#if defined(__FreeBSD__) || defined(__DragonFly__)
#include <sys/param.h>
#if defined(__FreeBSD__)
#include <sys/cpuset.h>
#endif
#include <sys/user.h>
#include <pthread.h>
#include <pthread_np.h>
#define cpu_set_t cpuset_t
#elif defined(__NetBSD__)
#include <pthread.h>
#endif
# define HAVE_AFFINITY 1
# if defined(__FreeBSD__) || defined(__DragonFly__)
# include <sys/param.h>
# if defined(__FreeBSD__)
# include <sys/cpuset.h>
# endif
# include <sys/user.h>
# include <pthread.h>
# include <pthread_np.h>
# define cpu_set_t cpuset_t
# elif defined(__NetBSD__)
# include <pthread.h>
# endif
#endif /* __linux__ */
#ifdef __APPLE__
#include <TargetConditionals.h>
# include <TargetConditionals.h>
#endif
#undef LIST_FOREACH /* clashes with FreeBSD */
#include "list.h"
#ifndef SIMPLE_FILES
#define CASE_PREFIX "id:"
# define CASE_PREFIX "id:"
#else
#define CASE_PREFIX "id_"
# define CASE_PREFIX "id_"
#endif /* ^!SIMPLE_FILES */
#define STAGE_BUF_SIZE (64) /* usable size for stage name buf in afl_state */
@ -232,29 +232,29 @@ enum {
#ifdef USE_PYTHON
// because Python sets stuff it should not ...
#ifdef _POSIX_C_SOURCE
#define _SAVE_POSIX_C_SOURCE _POSIX_C_SOURCE
#undef _POSIX_C_SOURCE
#endif
#ifdef _XOPEN_SOURCE
#define _SAVE_XOPEN_SOURCE _XOPEN_SOURCE
#undef _XOPEN_SOURCE
#endif
# ifdef _POSIX_C_SOURCE
# define _SAVE_POSIX_C_SOURCE _POSIX_C_SOURCE
# undef _POSIX_C_SOURCE
# endif
# ifdef _XOPEN_SOURCE
# define _SAVE_XOPEN_SOURCE _XOPEN_SOURCE
# undef _XOPEN_SOURCE
# endif
#include <Python.h>
# include <Python.h>
#ifdef _SAVE_POSIX_C_SOURCE
#ifdef _POSIX_C_SOURCE
#undef _POSIX_C_SOURCE
#endif
#define _POSIX_C_SOURCE _SAVE_POSIX_C_SOURCE
#endif
#ifdef _SAVE_XOPEN_SOURCE
#ifdef _XOPEN_SOURCE
#undef _XOPEN_SOURCE
#endif
#define _XOPEN_SOURCE _SAVE_XOPEN_SOURCE
#endif
# ifdef _SAVE_POSIX_C_SOURCE
# ifdef _POSIX_C_SOURCE
# undef _POSIX_C_SOURCE
# endif
# define _POSIX_C_SOURCE _SAVE_POSIX_C_SOURCE
# endif
# ifdef _SAVE_XOPEN_SOURCE
# ifdef _XOPEN_SOURCE
# undef _XOPEN_SOURCE
# endif
# define _XOPEN_SOURCE _SAVE_XOPEN_SOURCE
# endif
enum {

262
include/alloc-inl.h
View File

@ -45,40 +45,39 @@
/* User-facing macro to sprintf() to a dynamically allocated buffer. */
#define alloc_printf(_str...) \
({ \
\
u8 *_tmp; \
s32 _len = snprintf(NULL, 0, _str); \
if (_len < 0) FATAL("Whoa, snprintf() fails?!"); \
_tmp = ck_alloc(_len + 1); \
snprintf((char *)_tmp, _len + 1, _str); \
_tmp; \
\
})
# define alloc_printf(_str...) \
({ \
u8 *_tmp; \
s32 _len = snprintf(NULL, 0, _str); \
if (_len < 0) FATAL("Whoa, snprintf() fails?!"); \
_tmp = ck_alloc(_len + 1); \
snprintf((char *)_tmp, _len + 1, _str); \
_tmp; \
})
/* Macro to enforce allocation limits as a last-resort defense against
integer overflows. */
#define ALLOC_CHECK_SIZE(_s) \
do { \
\
if ((_s) > MAX_ALLOC) ABORT("Bad alloc request: %u bytes", (_s)); \
\
} while (0)
# define ALLOC_CHECK_SIZE(_s) \
do { \
if ((_s) > MAX_ALLOC) ABORT("Bad alloc request: %u bytes", (_s)); \
\
} while (0)
/* Macro to check malloc() failures and the like. */
#define ALLOC_CHECK_RESULT(_r, _s) \
do { \
\
if (!(_r)) ABORT("Out of memory: can't allocate %u bytes", (_s)); \
\
} while (0)
# define ALLOC_CHECK_RESULT(_r, _s) \
do { \
if (!(_r)) ABORT("Out of memory: can't allocate %u bytes", (_s)); \
\
} while (0)
/* Allocator increments for ck_realloc_block(). */
#define ALLOC_BLK_INC 256
# define ALLOC_BLK_INC 256
/* Allocate a buffer, explicitly not zeroing it. Returns NULL for zero-sized
requests. */
@ -217,102 +216,100 @@ static inline u8 *DFL_ck_memdup_str(u8 *mem, u32 size) {
/* In non-debug mode, we just do straightforward aliasing of the above functions
to user-visible names such as ck_alloc(). */
#define ck_alloc DFL_ck_alloc
#define ck_alloc_nozero DFL_ck_alloc_nozero
#define ck_realloc DFL_ck_realloc
#define ck_realloc_block DFL_ck_realloc_block
#define ck_strdup DFL_ck_strdup
#define ck_memdup DFL_ck_memdup
#define ck_memdup_str DFL_ck_memdup_str
#define ck_free DFL_ck_free
# define ck_alloc DFL_ck_alloc
# define ck_alloc_nozero DFL_ck_alloc_nozero
# define ck_realloc DFL_ck_realloc
# define ck_realloc_block DFL_ck_realloc_block
# define ck_strdup DFL_ck_strdup
# define ck_memdup DFL_ck_memdup
# define ck_memdup_str DFL_ck_memdup_str
# define ck_free DFL_ck_free
#define alloc_report()
# define alloc_report()
#else
// This is the original alloc-inl of stock afl
/* User-facing macro to sprintf() to a dynamically allocated buffer. */
#define alloc_printf(_str...) \
({ \
\
u8 *_tmp; \
s32 _len = snprintf(NULL, 0, _str); \
if (_len < 0) FATAL("Whoa, snprintf() fails?!"); \
_tmp = ck_alloc(_len + 1); \
snprintf((char *)_tmp, _len + 1, _str); \
_tmp; \
\
})
# define alloc_printf(_str...) \
({ \
u8 *_tmp; \
s32 _len = snprintf(NULL, 0, _str); \
if (_len < 0) FATAL("Whoa, snprintf() fails?!"); \
_tmp = ck_alloc(_len + 1); \
snprintf((char *)_tmp, _len + 1, _str); \
_tmp; \
})
/* Macro to enforce allocation limits as a last-resort defense against
integer overflows. */
#define ALLOC_CHECK_SIZE(_s) \
do { \
\
if ((_s) > MAX_ALLOC) ABORT("Bad alloc request: %u bytes", (_s)); \
\
} while (0)
# define ALLOC_CHECK_SIZE(_s) \
do { \
if ((_s) > MAX_ALLOC) ABORT("Bad alloc request: %u bytes", (_s)); \
\
} while (0)
/* Macro to check malloc() failures and the like. */
#define ALLOC_CHECK_RESULT(_r, _s) \
do { \
\
if (!(_r)) ABORT("Out of memory: can't allocate %u bytes", (_s)); \
\
} while (0)
# define ALLOC_CHECK_RESULT(_r, _s) \
do { \
if (!(_r)) ABORT("Out of memory: can't allocate %u bytes", (_s)); \
\
} while (0)
/* Magic tokens used to mark used / freed chunks. */
#define ALLOC_MAGIC_C1 0xFF00FF00 /* Used head (dword) */
#define ALLOC_MAGIC_F 0xFE00FE00 /* Freed head (dword) */
#define ALLOC_MAGIC_C2 0xF0 /* Used tail (byte) */
# define ALLOC_MAGIC_C1 0xFF00FF00 /* Used head (dword) */
# define ALLOC_MAGIC_F 0xFE00FE00 /* Freed head (dword) */
# define ALLOC_MAGIC_C2 0xF0 /* Used tail (byte) */
/* Positions of guard tokens in relation to the user-visible pointer. */
#define ALLOC_C1(_ptr) (((u32 *)(_ptr))[-2])
#define ALLOC_S(_ptr) (((u32 *)(_ptr))[-1])
#define ALLOC_C2(_ptr) (((u8 *)(_ptr))[ALLOC_S(_ptr)])
# define ALLOC_C1(_ptr) (((u32 *)(_ptr))[-2])
# define ALLOC_S(_ptr) (((u32 *)(_ptr))[-1])
# define ALLOC_C2(_ptr) (((u8 *)(_ptr))[ALLOC_S(_ptr)])
#define ALLOC_OFF_HEAD 8
#define ALLOC_OFF_TOTAL (ALLOC_OFF_HEAD + 1)
# define ALLOC_OFF_HEAD 8
# define ALLOC_OFF_TOTAL (ALLOC_OFF_HEAD + 1)
/* Allocator increments for ck_realloc_block(). */
#define ALLOC_BLK_INC 256
# define ALLOC_BLK_INC 256
/* Sanity-checking macros for pointers. */
#define CHECK_PTR(_p) \
do { \
\
if (_p) { \
\
if (ALLOC_C1(_p) ^ ALLOC_MAGIC_C1) { \
\
if (ALLOC_C1(_p) == ALLOC_MAGIC_F) \
ABORT("Use after free."); \
else \
ABORT("Corrupted head alloc canary."); \
\
} \
if (ALLOC_C2(_p) ^ ALLOC_MAGIC_C2) \
ABORT("Corrupted tail alloc canary."); \
\
} \
\
} while (0)
# define CHECK_PTR(_p) \
do { \
if (_p) { \
if (ALLOC_C1(_p) ^ ALLOC_MAGIC_C1) { \
if (ALLOC_C1(_p) == ALLOC_MAGIC_F) \
ABORT("Use after free."); \
else \
ABORT("Corrupted head alloc canary."); \
#define CHECK_PTR_EXPR(_p) \
({ \
\
typeof(_p) _tmp = (_p); \
CHECK_PTR(_tmp); \
_tmp; \
\
})
} \
if (ALLOC_C2(_p) ^ ALLOC_MAGIC_C2) \
ABORT("Corrupted tail alloc canary."); \
} \
\
} while (0)
# define CHECK_PTR_EXPR(_p) \
({ \
typeof(_p) _tmp = (_p); \
CHECK_PTR(_tmp); \
_tmp; \
})
/* Allocate a buffer, explicitly not zeroing it. Returns NULL for zero-sized
requests. */
@ -359,12 +356,12 @@ static inline void DFL_ck_free(void *mem) {
CHECK_PTR(mem);
#ifdef DEBUG_BUILD
# ifdef DEBUG_BUILD
/* Catch pointer issues sooner. */
memset(mem, 0xFF, ALLOC_S(mem));
#endif /* DEBUG_BUILD */
# endif /* DEBUG_BUILD */
ALLOC_C1(mem) = ALLOC_MAGIC_F;
@ -392,9 +389,9 @@ static inline void *DFL_ck_realloc(void *orig, u32 size) {
CHECK_PTR(orig);
#ifndef DEBUG_BUILD
# ifndef DEBUG_BUILD
ALLOC_C1(orig) = ALLOC_MAGIC_F;
#endif /* !DEBUG_BUILD */
# endif /* !DEBUG_BUILD */
old_size = ALLOC_S(orig);
orig -= ALLOC_OFF_HEAD;
@ -405,12 +402,12 @@ static inline void *DFL_ck_realloc(void *orig, u32 size) {
ALLOC_CHECK_SIZE(size);
#ifndef DEBUG_BUILD
# ifndef DEBUG_BUILD
ret = realloc(orig, size + ALLOC_OFF_TOTAL);
ALLOC_CHECK_RESULT(ret, size);
#else
# else
/* Catch pointer issues sooner: force relocation and make sure that the
original buffer is wiped. */
@ -429,7 +426,7 @@ static inline void *DFL_ck_realloc(void *orig, u32 size) {
}
#endif /* ^!DEBUG_BUILD */
# endif /* ^!DEBUG_BUILD */
ret += ALLOC_OFF_HEAD;
@ -448,7 +445,7 @@ static inline void *DFL_ck_realloc(void *orig, u32 size) {
static inline void *DFL_ck_realloc_block(void *orig, u32 size) {
#ifndef DEBUG_BUILD
# ifndef DEBUG_BUILD
if (orig) {
@ -460,7 +457,7 @@ static inline void *DFL_ck_realloc_block(void *orig, u32 size) {
}
#endif /* !DEBUG_BUILD */
# endif /* !DEBUG_BUILD */
return DFL_ck_realloc(orig, size);
@ -540,30 +537,30 @@ static inline u8 *DFL_ck_memdup_str(u8 *mem, u32 size) {
}
#ifndef DEBUG_BUILD
# ifndef DEBUG_BUILD
/* In non-debug mode, we just do straightforward aliasing of the above functions
to user-visible names such as ck_alloc(). */
#define ck_alloc DFL_ck_alloc
#define ck_alloc_nozero DFL_ck_alloc_nozero
#define ck_realloc DFL_ck_realloc
#define ck_realloc_block DFL_ck_realloc_block
#define ck_strdup DFL_ck_strdup
#define ck_memdup DFL_ck_memdup
#define ck_memdup_str DFL_ck_memdup_str
#define ck_free DFL_ck_free
# define ck_alloc DFL_ck_alloc
# define ck_alloc_nozero DFL_ck_alloc_nozero
# define ck_realloc DFL_ck_realloc
# define ck_realloc_block DFL_ck_realloc_block
# define ck_strdup DFL_ck_strdup
# define ck_memdup DFL_ck_memdup
# define ck_memdup_str DFL_ck_memdup_str
# define ck_free DFL_ck_free
#define alloc_report()
# define alloc_report()
#else
# else
/* In debugging mode, we also track allocations to detect memory leaks, and the
flow goes through one more layer of indirection. */
/* Alloc tracking data structures: */
#define ALLOC_BUCKETS 4096
# define ALLOC_BUCKETS 4096
struct TRK_obj {
@ -573,25 +570,25 @@ struct TRK_obj {
};
#ifdef AFL_MAIN
# ifdef AFL_MAIN
struct TRK_obj *TRK[ALLOC_BUCKETS];
u32 TRK_cnt[ALLOC_BUCKETS];
#define alloc_report() TRK_report()
# define alloc_report() TRK_report()
#else
# else
extern struct TRK_obj *TRK[ALLOC_BUCKETS];
extern u32 TRK_cnt[ALLOC_BUCKETS];
#define alloc_report()
# define alloc_report()
#endif /* ^AFL_MAIN */
# endif /* ^AFL_MAIN */
/* Bucket-assigning function for a given pointer: */
#define TRKH(_ptr) (((((u32)(_ptr)) >> 16) ^ ((u32)(_ptr))) % ALLOC_BUCKETS)
# define TRKH(_ptr) (((((u32)(_ptr)) >> 16) ^ ((u32)(_ptr))) % ALLOC_BUCKETS)
/* Add a new entry to the list of allocated objects. */
@ -743,27 +740,28 @@ static inline void TRK_ck_free(void *ptr, const char *file, const char *func,
/* Aliasing user-facing names to tracking functions: */
#define ck_alloc(_p1) TRK_ck_alloc(_p1, __FILE__, __FUNCTION__, __LINE__)
# define ck_alloc(_p1) TRK_ck_alloc(_p1, __FILE__, __FUNCTION__, __LINE__)
#define ck_alloc_nozero(_p1) TRK_ck_alloc(_p1, __FILE__, __FUNCTION__, __LINE__)
# define ck_alloc_nozero(_p1) \
TRK_ck_alloc(_p1, __FILE__, __FUNCTION__, __LINE__)
#define ck_realloc(_p1, _p2) \
TRK_ck_realloc(_p1, _p2, __FILE__, __FUNCTION__, __LINE__)
# define ck_realloc(_p1, _p2) \
TRK_ck_realloc(_p1, _p2, __FILE__, __FUNCTION__, __LINE__)
#define ck_realloc_block(_p1, _p2) \
TRK_ck_realloc_block(_p1, _p2, __FILE__, __FUNCTION__, __LINE__)
# define ck_realloc_block(_p1, _p2) \
TRK_ck_realloc_block(_p1, _p2, __FILE__, __FUNCTION__, __LINE__)
#define ck_strdup(_p1) TRK_ck_strdup(_p1, __FILE__, __FUNCTION__, __LINE__)
# define ck_strdup(_p1) TRK_ck_strdup(_p1, __FILE__, __FUNCTION__, __LINE__)
#define ck_memdup(_p1, _p2) \
TRK_ck_memdup(_p1, _p2, __FILE__, __FUNCTION__, __LINE__)
# define ck_memdup(_p1, _p2) \
TRK_ck_memdup(_p1, _p2, __FILE__, __FUNCTION__, __LINE__)
#define ck_memdup_str(_p1, _p2) \
TRK_ck_memdup_str(_p1, _p2, __FILE__, __FUNCTION__, __LINE__)
# define ck_memdup_str(_p1, _p2) \
TRK_ck_memdup_str(_p1, _p2, __FILE__, __FUNCTION__, __LINE__)
#define ck_free(_p1) TRK_ck_free(_p1, __FILE__, __FUNCTION__, __LINE__)
# define ck_free(_p1) TRK_ck_free(_p1, __FILE__, __FUNCTION__, __LINE__)
#endif /* ^!DEBUG_BUILD */
# endif /* ^!DEBUG_BUILD */
#endif /* _WANT_ORIGINAL_AFL_ALLOC */

36
include/android-ashmem.h
View File

@ -28,27 +28,27 @@
#ifdef __ANDROID__
#include <fcntl.h>
#include <linux/shm.h>
#include <linux/ashmem.h>
#include <sys/ioctl.h>
#include <sys/mman.h>
# include <fcntl.h>
# include <linux/shm.h>
# include <linux/ashmem.h>
# include <sys/ioctl.h>
# include <sys/mman.h>
#if __ANDROID_API__ >= 26
#define shmat bionic_shmat
#define shmctl bionic_shmctl
#define shmdt bionic_shmdt
#define shmget bionic_shmget
#endif
# if __ANDROID_API__ >= 26
# define shmat bionic_shmat
# define shmctl bionic_shmctl
# define shmdt bionic_shmdt
# define shmget bionic_shmget
# endif
#include <sys/shm.h>
#undef shmat
#undef shmctl
#undef shmdt
#undef shmget
#include <stdio.h>
# include <sys/shm.h>
# undef shmat
# undef shmctl
# undef shmdt
# undef shmget
# include <stdio.h>
#define ASHMEM_DEVICE "/dev/ashmem"
# define ASHMEM_DEVICE "/dev/ashmem"
static inline int shmctl(int __shmid, int __cmd, struct shmid_ds *__buf) {

26
include/config.h
View File

@ -49,7 +49,7 @@
/* Comment out to disable fancy ANSI boxes and use poor man's 7-bit UI: */
#ifndef ANDROID_DISABLE_FANCY // Fancy boxes are ugly from adb
#define FANCY_BOXES
# define FANCY_BOXES
#endif
/* Default timeout for fuzzed code (milliseconds). This is the upper bound,
@ -63,20 +63,20 @@
/* 64bit arch MACRO */
#if (defined(__x86_64__) || defined(__arm64__) || defined(__aarch64__))
#define WORD_SIZE_64 1
# define WORD_SIZE_64 1
#endif
/* Default memory limit for child process (MB): */
#ifndef __NetBSD__
#ifndef WORD_SIZE_64
#define MEM_LIMIT 25
#else
#define MEM_LIMIT 50
#endif /* ^!WORD_SIZE_64 */
#else /* NetBSD's kernel needs more space for stack, see discussion for issue \
#165 */
#define MEM_LIMIT 200
# ifndef WORD_SIZE_64
# define MEM_LIMIT 25
# else
# define MEM_LIMIT 50
# endif /* ^!WORD_SIZE_64 */
#else /* NetBSD's kernel needs more space for stack, see discussion for issue \
#165 */
# define MEM_LIMIT 200
#endif
/* Default memory limit when running in QEMU mode (MB): */
@ -395,9 +395,9 @@
/* for *BSD: use ARC4RANDOM and save a file descriptor */
#if defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__)
#ifndef HAVE_ARC4RANDOM
#define HAVE_ARC4RANDOM 1
#endif
# ifndef HAVE_ARC4RANDOM
# define HAVE_ARC4RANDOM 1
# endif
#endif /* __APPLE__ || __FreeBSD__ || __OpenBSD__ */
#endif /* ! _HAVE_CONFIG_H */

200
include/debug.h
View File

@ -30,7 +30,7 @@
/* __FUNCTION__ is non-iso */
#ifdef __func__
#define __FUNCTION__ __func__
# define __FUNCTION__ __func__
#endif
/*******************
@ -38,82 +38,82 @@
*******************/
#ifndef MESSAGES_TO_STDOUT
#define MESSAGES_TO_STDOUT
# define MESSAGES_TO_STDOUT
#endif
#ifdef USE_COLOR
#define cBLK "\x1b[0;30m"
#define cRED "\x1b[0;31m"
#define cGRN "\x1b[0;32m"
#define cBRN "\x1b[0;33m"
#define cBLU "\x1b[0;34m"
#define cMGN "\x1b[0;35m"
#define cCYA "\x1b[0;36m"
#define cLGR "\x1b[0;37m"
#define cGRA "\x1b[1;90m"
#define cLRD "\x1b[1;91m"
#define cLGN "\x1b[1;92m"
#define cYEL "\x1b[1;93m"
#define cLBL "\x1b[1;94m"
#define cPIN "\x1b[1;95m"
#define cLCY "\x1b[1;96m"
#define cBRI "\x1b[1;97m"
#define cRST "\x1b[0m"
# define cBLK "\x1b[0;30m"
# define cRED "\x1b[0;31m"
# define cGRN "\x1b[0;32m"
# define cBRN "\x1b[0;33m"
# define cBLU "\x1b[0;34m"
# define cMGN "\x1b[0;35m"
# define cCYA "\x1b[0;36m"
# define cLGR "\x1b[0;37m"
# define cGRA "\x1b[1;90m"
# define cLRD "\x1b[1;91m"
# define cLGN "\x1b[1;92m"
# define cYEL "\x1b[1;93m"
# define cLBL "\x1b[1;94m"
# define cPIN "\x1b[1;95m"
# define cLCY "\x1b[1;96m"
# define cBRI "\x1b[1;97m"
# define cRST "\x1b[0m"
#define bgBLK "\x1b[40m"
#define bgRED "\x1b[41m"
#define bgGRN "\x1b[42m"
#define bgBRN "\x1b[43m"
#define bgBLU "\x1b[44m"
#define bgMGN "\x1b[45m"
#define bgCYA "\x1b[46m"
#define bgLGR "\x1b[47m"
#define bgGRA "\x1b[100m"
#define bgLRD "\x1b[101m"
#define bgLGN "\x1b[102m"
#define bgYEL "\x1b[103m"
#define bgLBL "\x1b[104m"
#define bgPIN "\x1b[105m"
#define bgLCY "\x1b[106m"
#define bgBRI "\x1b[107m"
# define bgBLK "\x1b[40m"
# define bgRED "\x1b[41m"
# define bgGRN "\x1b[42m"
# define bgBRN "\x1b[43m"
# define bgBLU "\x1b[44m"
# define bgMGN "\x1b[45m"
# define bgCYA "\x1b[46m"
# define bgLGR "\x1b[47m"
# define bgGRA "\x1b[100m"
# define bgLRD "\x1b[101m"
# define bgLGN "\x1b[102m"
# define bgYEL "\x1b[103m"
# define bgLBL "\x1b[104m"
# define bgPIN "\x1b[105m"
# define bgLCY "\x1b[106m"
# define bgBRI "\x1b[107m"
#else
#define cBLK ""
#define cRED ""
#define cGRN ""
#define cBRN ""
#define cBLU ""
#define cMGN ""
#define cCYA ""
#define cLGR ""
#define cGRA ""
#define cLRD ""
#define cLGN ""
#define cYEL ""
#define cLBL ""
#define cPIN ""
#define cLCY ""
#define cBRI ""
#define cRST ""
# define cBLK ""
# define cRED ""
# define cGRN ""
# define cBRN ""
# define cBLU ""
# define cMGN ""
# define cCYA ""
# define cLGR ""
# define cGRA ""
# define cLRD ""
# define cLGN ""
# define cYEL ""
# define cLBL ""
# define cPIN ""
# define cLCY ""
# define cBRI ""
# define cRST ""
#define bgBLK ""
#define bgRED ""
#define bgGRN ""
#define bgBRN ""
#define bgBLU ""
#define bgMGN ""
#define bgCYA ""
#define bgLGR ""
#define bgGRA ""
#define bgLRD ""
#define bgLGN ""
#define bgYEL ""
#define bgLBL ""
#define bgPIN ""
#define bgLCY ""
#define bgBRI ""
# define bgBLK ""
# define bgRED ""
# define bgGRN ""
# define bgBRN ""
# define bgBLU ""
# define bgMGN ""
# define bgCYA ""
# define bgLGR ""
# define bgGRA ""
# define bgLRD ""
# define bgLGN ""
# define bgYEL ""
# define bgLBL ""
# define bgPIN ""
# define bgLCY ""
# define bgBRI ""
#endif /* ^USE_COLOR */
@ -123,39 +123,39 @@
#ifdef FANCY_BOXES
#define SET_G1 "\x1b)0" /* Set G1 for box drawing */
#define RESET_G1 "\x1b)B" /* Reset G1 to ASCII */
#define bSTART "\x0e" /* Enter G1 drawing mode */
#define bSTOP "\x0f" /* Leave G1 drawing mode */
#define bH "q" /* Horizontal line */
#define bV "x" /* Vertical line */
#define bLT "l" /* Left top corner */
#define bRT "k" /* Right top corner */
#define bLB "m" /* Left bottom corner */
#define bRB "j" /* Right bottom corner */
#define bX "n" /* Cross */
#define bVR "t" /* Vertical, branch right */
#define bVL "u" /* Vertical, branch left */
#define bHT "v" /* Horizontal, branch top */
#define bHB "w" /* Horizontal, branch bottom */
# define SET_G1 "\x1b)0" /* Set G1 for box drawing */
# define RESET_G1 "\x1b)B" /* Reset G1 to ASCII */
# define bSTART "\x0e" /* Enter G1 drawing mode */
# define bSTOP "\x0f" /* Leave G1 drawing mode */
# define bH "q" /* Horizontal line */
# define bV "x" /* Vertical line */
# define bLT "l" /* Left top corner */
# define bRT "k" /* Right top corner */
# define bLB "m" /* Left bottom corner */
# define bRB "j" /* Right bottom corner */
# define bX "n" /* Cross */
# define bVR "t" /* Vertical, branch right */
# define bVL "u" /* Vertical, branch left */
# define bHT "v" /* Horizontal, branch top */
# define bHB "w" /* Horizontal, branch bottom */
#else
#define SET_G1 ""
#define RESET_G1 ""
#define bSTART ""
#define bSTOP ""
#define bH "-"
#define bV "|"
#define bLT "+"
#define bRT "+"
#define bLB "+"
#define bRB "+"
#define bX "+"
#define bVR "+"
#define bVL "+"
#define bHT "+"
#define bHB "+"
# define SET_G1 ""
# define RESET_G1 ""
# define bSTART ""
# define bSTOP ""
# define bH "-"
# define bV "|"
# define bLT "+"
# define bRT "+"
# define bLB "+"
# define bRB "+"
# define bX "+"
# define bVR "+"
# define bVL "+"
# define bHT "+"
# define bHB "+"
#endif /* ^FANCY_BOXES */
@ -176,9 +176,9 @@
/* Just print stuff to the appropriate stream. */
#ifdef MESSAGES_TO_STDOUT
#define SAYF(x...) printf(x)
# define SAYF(x...) printf(x)
#else
#define SAYF(x...) fprintf(stderr, x)
# define SAYF(x...) fprintf(stderr, x)
#endif /* ^MESSAGES_TO_STDOUT */
/* Show a prefixed warning. */

18
include/forkserver.h
View File

@ -110,20 +110,20 @@ void afl_fsrv_killall(void);
void afl_fsrv_deinit(afl_forkserver_t *fsrv);
#ifdef __APPLE__
#define MSG_FORK_ON_APPLE \
" - On MacOS X, the semantics of fork() syscalls are non-standard and " \
"may\n" \
" break afl-fuzz performance optimizations when running " \
"platform-specific\n" \
" targets. To fix this, set AFL_NO_FORKSRV=1 in the environment.\n\n"
# define MSG_FORK_ON_APPLE \
" - On MacOS X, the semantics of fork() syscalls are non-standard and " \
"may\n" \
" break afl-fuzz performance optimizations when running " \
"platform-specific\n" \
" targets. To fix this, set AFL_NO_FORKSRV=1 in the environment.\n\n"
#else
#define MSG_FORK_ON_APPLE ""
# define MSG_FORK_ON_APPLE ""
#endif
#ifdef RLIMIT_AS
#define MSG_ULIMIT_USAGE " ( ulimit -Sv $[%llu << 10];"
# define MSG_ULIMIT_USAGE " ( ulimit -Sv $[%llu << 10];"
#else
#define MSG_ULIMIT_USAGE " ( ulimit -Sd $[%llu << 10];"
# define MSG_ULIMIT_USAGE " ( ulimit -Sd $[%llu << 10];"
#endif /* ^RLIMIT_AS */
#endif

4
include/hash.h
View File

@ -32,7 +32,7 @@
#ifdef __x86_64__
#define ROL64(_x, _r) ((((u64)(_x)) << (_r)) | (((u64)(_x)) >> (64 - (_r))))
# define ROL64(_x, _r) ((((u64)(_x)) << (_r)) | (((u64)(_x)) >> (64 - (_r))))
static inline u32 hash32(const void *key, u32 len, u32 seed) {
@ -67,7 +67,7 @@ static inline u32 hash32(const void *key, u32 len, u32 seed) {
#else
#define ROL32(_x, _r) ((((u32)(_x)) << (_r)) | (((u32)(_x)) >> (32 - (_r))))
# define ROL32(_x, _r) ((((u32)(_x)) << (_r)) | (((u32)(_x)) >> (32 - (_r))))
static inline u32 hash32(const void *key, u32 len, u32 seed) {

84
include/types.h
View File

@ -81,22 +81,22 @@ typedef int32_t s32;
typedef int64_t s64;
#ifndef MIN
#define MIN(a, b) \
({ \
\
__typeof__(a) _a = (a); \
__typeof__(b) _b = (b); \
_a < _b ? _a : _b; \
\
})
#define MAX(a, b) \
({ \
\
__typeof__(a) _a = (a); \
__typeof__(b) _b = (b); \
_a > _b ? _a : _b; \
\
})
# define MIN(a, b) \
({ \
__typeof__(a) _a = (a); \
__typeof__(b) _b = (b); \
_a < _b ? _a : _b;
})
# define MAX(a, b) \
({ \
__typeof__(a) _a = (a); \
__typeof__(b) _b = (b); \
_a > _b ? _a : _b;
})
#endif /* !MIN */
#define SWAP16(_x) \
@ -131,21 +131,21 @@ typedef int64_t s64;
})
#ifdef AFL_LLVM_PASS
#if defined(__linux__) || !defined(__ANDROID__)
#define AFL_SR(s) (srandom(s))
#define AFL_R(x) (random() % (x))
# if defined(__linux__) || !defined(__ANDROID__)
# define AFL_SR(s) (srandom(s))
# define AFL_R(x) (random() % (x))
# else
# define AFL_SR(s) ((void)s)
# define AFL_R(x) (arc4random_uniform(x))
# endif
#else
#define AFL_SR(s) ((void)s)
#define AFL_R(x) (arc4random_uniform(x))
#endif
#else
#if defined(__linux__) || !defined(__ANDROID__)
#define SR(s) (srandom(s))
#define R(x) (random() % (x))
#else
#define SR(s) ((void)s)
#define R(x) (arc4random_uniform(x))
#endif
# if defined(__linux__) || !defined(__ANDROID__)
# define SR(s) (srandom(s))
# define R(x) (random() % (x))
# else
# define SR(s) ((void)s)
# define R(x) (arc4random_uniform(x))
# endif
#endif /* ^AFL_LLVM_PASS */
#define STRINGIFY_INTERNAL(x) #x
@ -154,19 +154,19 @@ typedef int64_t s64;
#define MEM_BARRIER() __asm__ volatile("" ::: "memory")
#if __GNUC__ < 6
#ifndef likely
#define likely(_x) (_x)
#endif
#ifndef unlikely
#define unlikely(_x) (_x)
#endif
# ifndef likely
# define likely(_x) (_x)
# endif
# ifndef unlikely
# define unlikely(_x) (_x)
# endif
#else
#ifndef likely
#define likely(_x) __builtin_expect(!!(_x), 1)
#endif
#ifndef unlikely
#define unlikely(_x) __builtin_expect(!!(_x), 0)
#endif
# ifndef likely
# define likely(_x) __builtin_expect(!!(_x), 1)
# endif
# ifndef unlikely
# define unlikely(_x) __builtin_expect(!!(_x), 0)
# endif
#endif
#endif /* ! _HAVE_TYPES_H */

74
libdislocator/libdislocator.so.c
View File

@ -30,39 +30,39 @@
#include <sys/mman.h>
#ifdef __APPLE__
#include <mach/vm_statistics.h>
# include <mach/vm_statistics.h>
#endif
#ifdef __FreeBSD__
#include <sys/param.h>
# include <sys/param.h>
#endif
#if defined(__linux__) && !defined(__ANDROID__)
#include <unistd.h>
#include <sys/syscall.h>
#ifdef __NR_getrandom
#define arc4random_buf(p, l) \
do { \
\
ssize_t rd = syscall(__NR_getrandom, p, l, 0); \
if (rd != l) DEBUGF("getrandom failed"); \
\
} while (0)
# include <unistd.h>
# include <sys/syscall.h>
# ifdef __NR_getrandom
# define arc4random_buf(p, l) \
do { \
ssize_t rd = syscall(__NR_getrandom, p, l, 0); \
if (rd != l) DEBUGF("getrandom failed"); \
\
#else
#include <time.h>
#define arc4random_buf(p, l) \
do { \
\
srand(time(NULL)); \
u32 i; \
u8 *ptr = (u8 *)p; \
for (i = 0; i < l; i++) \
ptr[i] = rand() % INT_MAX; \
\
} while (0)
} while (0)
#endif
# else
# include <time.h>
# define arc4random_buf(p, l) \
do { \
srand(time(NULL)); \
u32 i; \
u8 *ptr = (u8 *)p; \
for (i = 0; i < l; i++) \
ptr[i] = rand() % INT_MAX; \
\
} while (0)
# endif
#endif
#include "config.h"
@ -83,11 +83,11 @@ typedef struct {
#define ALLOC_ALIGN_SIZE (_Alignof(max_align_t))
#ifndef PAGE_SIZE
#define PAGE_SIZE 4096
# define PAGE_SIZE 4096
#endif /* !PAGE_SIZE */
#ifndef MAP_ANONYMOUS
#define MAP_ANONYMOUS MAP_ANON
# define MAP_ANONYMOUS MAP_ANON
#endif /* !MAP_ANONYMOUS */
#define SUPER_PAGE_SIZE 1 << 21
@ -148,8 +148,8 @@ static u8 alloc_verbose, /* Additional debug messages */
align_allocations; /* Force alignment to sizeof(void*) */
#if defined __OpenBSD__ || defined __APPLE__
#define __thread
#warning no thread support available
# define __thread
# warning no thread support available
#endif
static __thread size_t total_mem; /* Currently allocated mem */
@ -192,13 +192,13 @@ static void *__dislocator_alloc(size_t len) {
#if defined(USEHUGEPAGE)
sp = (rlen >= SUPER_PAGE_SIZE && !(rlen % SUPER_PAGE_SIZE));
#if defined(__APPLE__)
# if defined(__APPLE__)
if (sp) fd = VM_FLAGS_SUPERPAGE_SIZE_2MB;
#elif defined(__linux__)
# elif defined(__linux__)
if (sp) flags |= MAP_HUGETLB;
#elif defined(__FreeBSD__)
# elif defined(__FreeBSD__)
if (sp) flags |= MAP_ALIGNED_SUPER;
#endif
# endif
#else
(void)sp;
#endif
@ -208,13 +208,13 @@ static void *__dislocator_alloc(size_t len) {
/* We try one more time with regular call */
if (ret == MAP_FAILED) {
#if defined(__APPLE__)
# if defined(__APPLE__)
fd = -1;
#elif defined(__linux__)
# elif defined(__linux__)
flags &= -MAP_HUGETLB;
#elif defined(__FreeBSD__)
# elif defined(__FreeBSD__)
flags &= -MAP_ALIGNED_SUPER;
#endif
# endif
ret = (u8 *)mmap(NULL, tlen, PROT_READ | PROT_WRITE, flags, fd, 0);
}

46
libtokencap/libtokencap.so.c
View File

@ -21,7 +21,7 @@
*/
#ifndef _GNU_SOURCE
#define _GNU_SOURCE
# define _GNU_SOURCE
#endif
#include <stdio.h>
#include <string.h>
@ -35,20 +35,20 @@
#if !defined __linux__ && !defined __APPLE__ && !defined __FreeBSD__ && \
!defined __OpenBSD__ && !defined __NetBSD__ && !defined __DragonFly__
#error "Sorry, this library is unsupported in this platform for now!"
# error "Sorry, this library is unsupported in this platform for now!"
#endif /* !__linux__ && !__APPLE__ && ! __FreeBSD__ && ! __OpenBSD__ && \
!__NetBSD__*/
#if defined __APPLE__
#include <mach/vm_map.h>
#include <mach/mach_init.h>
# include <mach/vm_map.h>
# include <mach/mach_init.h>
#elif defined __FreeBSD__ || defined __OpenBSD__ || defined __NetBSD__
#include <sys/types.h>
#include <sys/sysctl.h>
#if !defined __NetBSD__
#include <sys/user.h>
#endif
#include <sys/mman.h>
# include <sys/types.h>
# include <sys/sysctl.h>
# if !defined __NetBSD__
# include <sys/user.h>
# endif
# include <sys/mman.h>
#endif
#include <dlfcn.h>
@ -154,25 +154,25 @@ static void __tokencap_load_mappings(void) {
#elif defined __FreeBSD__ || defined __OpenBSD__ || defined __NetBSD__
#if defined __FreeBSD__
# if defined __FreeBSD__
int mib[] = {CTL_KERN, KERN_PROC, KERN_PROC_VMMAP, __tokencap_pid};
#elif defined __OpenBSD__
# elif defined __OpenBSD__
int mib[] = {CTL_KERN, KERN_PROC_VMMAP, __tokencap_pid};
#elif defined __NetBSD__
# elif defined __NetBSD__
int mib[] = {CTL_VM, VM_PROC, VM_PROC_MAP, __tokencap_pid,
sizeof(struct kinfo_vmentry)};
#endif
# endif
char * buf, *low, *high;
size_t miblen = sizeof(mib) / sizeof(mib[0]);
size_t len;
if (sysctl(mib, miblen, NULL, &len, NULL, 0) == -1) return;
#if defined __FreeBSD__ || defined __NetBSD__
# if defined __FreeBSD__ || defined __NetBSD__
len = len * 4 / 3;
#elif defined __OpenBSD__
# elif defined __OpenBSD__
len -= len % sizeof(struct kinfo_vmentry);
#endif
# endif
buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANON, -1, 0);
if (buf == MAP_FAILED) return;
@ -193,22 +193,22 @@ static void __tokencap_load_mappings(void) {
struct kinfo_vmentry *region = (struct kinfo_vmentry *)low;
#if defined __FreeBSD__ || defined __NetBSD__
# if defined __FreeBSD__ || defined __NetBSD__
#if defined __FreeBSD__
# if defined __FreeBSD__
size_t size = region->kve_structsize;
if (size == 0) break;
#elif defined __NetBSD__
# elif defined __NetBSD__
size_t size = sizeof(*region);
#endif
# endif
/* We go through the whole mapping of the process and track read-only
* addresses */
if ((region->kve_protection & KVME_PROT_READ) &&
!(region->kve_protection & KVME_PROT_WRITE)) {
#elif defined __OpenBSD__
# elif defined __OpenBSD__
size_t size = sizeof(*region);
@ -217,7 +217,7 @@ static void __tokencap_load_mappings(void) {
if ((region->kve_protection & KVE_PROT_READ) &&
!(region->kve_protection & KVE_PROT_WRITE)) {
#endif
# endif
__tokencap_ro[__tokencap_ro_cnt].st = (void *)region->kve_start;
__tokencap_ro[__tokencap_ro_cnt].en = (void *)region->kve_end;

26
llvm_mode/LLVMInsTrim.so.cc
View File

@ -12,13 +12,13 @@ typedef long double max_align_t;
#include "llvm/ADT/DenseSet.h"
#if LLVM_VERSION_MAJOR > 3 || \
(LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4)
#include "llvm/IR/CFG.h"
#include "llvm/IR/Dominators.h"
#include "llvm/IR/DebugInfo.h"
# include "llvm/IR/CFG.h"
# include "llvm/IR/Dominators.h"
# include "llvm/IR/DebugInfo.h"
#else
#include "llvm/Support/CFG.h"
#include "llvm/Analysis/Dominators.h"
#include "llvm/DebugInfo.h"
# include "llvm/Support/CFG.h"
# include "llvm/Analysis/Dominators.h"
# include "llvm/DebugInfo.h"
#endif
#include "llvm/IR/IRBuilder.h"
#include "llvm/IR/Instructions.h"
@ -97,7 +97,7 @@ struct InsTrim : public ModulePass {
#if LLVM_VERSION_MAJOR >= 4 || \
(LLVM_VERSION_MAJOR == 4 && LLVM_VERSION_PATCH >= 1)
#define AFL_HAVE_VECTOR_INTRINSICS 1
# define AFL_HAVE_VECTOR_INTRINSICS 1
#endif
bool runOnModule(Module &M) override {
@ -137,13 +137,13 @@ struct InsTrim : public ModulePass {
getenv("AFL_LLVM_SKIPSINGLEBLOCK"))
function_minimum_size = 2;
unsigned PrevLocSize = 0;
char * ngram_size_str = getenv("AFL_LLVM_NGRAM_SIZE");
unsigned int PrevLocSize = 0;
char * ngram_size_str = getenv("AFL_LLVM_NGRAM_SIZE");
if (!ngram_size_str) ngram_size_str = getenv("AFL_NGRAM_SIZE");
char *ctx_str = getenv("AFL_LLVM_CTX");
#ifdef AFL_HAVE_VECTOR_INTRINSICS
int ngram_size = 0;
unsigned int ngram_size = 0;
/* Decide previous location vector size (must be a power of two) */
VectorType *PrevLocTy;
@ -196,17 +196,17 @@ struct InsTrim : public ModulePass {
#ifdef AFL_HAVE_VECTOR_INTRINSICS
if (ngram_size)
#ifdef __ANDROID__
# ifdef __ANDROID__
AFLPrevLoc = new GlobalVariable(
M, PrevLocTy, /* isConstant */ false, GlobalValue::ExternalLinkage,
/* Initializer */ nullptr, "__afl_prev_loc");
#else
# else
AFLPrevLoc = new GlobalVariable(
M, PrevLocTy, /* isConstant */ false, GlobalValue::ExternalLinkage,
/* Initializer */ nullptr, "__afl_prev_loc",
/* InsertBefore */ nullptr, GlobalVariable::GeneralDynamicTLSModel,
/* AddressSpace */ 0, /* IsExternallyInitialized */ false);
#endif
# endif
else
#endif
#ifdef __ANDROID__

4
llvm_mode/MarkNodes.cc
View File

@ -15,9 +15,9 @@ typedef long double max_align_t;
#include "llvm/IR/BasicBlock.h"
#if LLVM_VERSION_MAJOR > 3 || \
(LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4)
#include "llvm/IR/CFG.h"
# include "llvm/IR/CFG.h"
#else
#include "llvm/Support/CFG.h"
# include "llvm/Support/CFG.h"
#endif
#include "llvm/IR/Constants.h"
#include "llvm/IR/Function.h"

8
llvm_mode/afl-llvm-common.h
View File

@ -25,11 +25,11 @@ typedef long double max_align_t;
#if LLVM_VERSION_MAJOR > 3 || \
(LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4)
#include "llvm/IR/DebugInfo.h"
#include "llvm/IR/CFG.h"
# include "llvm/IR/DebugInfo.h"
# include "llvm/IR/CFG.h"
#else
#include "llvm/DebugInfo.h"
#include "llvm/Support/CFG.h"
# include "llvm/DebugInfo.h"
# include "llvm/Support/CFG.h"
#endif
char * getBBName(const llvm::BasicBlock *BB);

16
llvm_mode/afl-llvm-pass.so.cc
View File

@ -54,11 +54,11 @@ typedef long double max_align_t;
#if LLVM_VERSION_MAJOR > 3 || \
(LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4)
#include "llvm/IR/DebugInfo.h"
#include "llvm/IR/CFG.h"
# include "llvm/IR/DebugInfo.h"
# include "llvm/IR/CFG.h"
#else
#include "llvm/DebugInfo.h"
#include "llvm/Support/CFG.h"
# include "llvm/DebugInfo.h"
# include "llvm/Support/CFG.h"
#endif
#include "afl-llvm-common.h"
@ -115,7 +115,7 @@ uint64_t PowerOf2Ceil(unsigned in) {
/* #if LLVM_VERSION_STRING >= "4.0.1" */
#if LLVM_VERSION_MAJOR >= 4 || \
(LLVM_VERSION_MAJOR == 4 && LLVM_VERSION_PATCH >= 1)
#define AFL_HAVE_VECTOR_INTRINSICS 1
# define AFL_HAVE_VECTOR_INTRINSICS 1
#endif
bool AFLCoverage::runOnModule(Module &M) {
@ -242,17 +242,17 @@ bool AFLCoverage::runOnModule(Module &M) {
#ifdef AFL_HAVE_VECTOR_INTRINSICS
if (ngram_size)
#ifdef __ANDROID__
# ifdef __ANDROID__
AFLPrevLoc = new GlobalVariable(
M, PrevLocTy, /* isConstant */ false, GlobalValue::ExternalLinkage,
/* Initializer */ nullptr, "__afl_prev_loc");
#else
# else
AFLPrevLoc = new GlobalVariable(
M, PrevLocTy, /* isConstant */ false, GlobalValue::ExternalLinkage,
/* Initializer */ nullptr, "__afl_prev_loc",
/* InsertBefore */ nullptr, GlobalVariable::GeneralDynamicTLSModel,
/* AddressSpace */ 0, /* IsExternallyInitialized */ false);
#endif
# endif
else
#endif
#ifdef __ANDROID__

22
llvm_mode/afl-llvm-rt.o.c
View File

@ -21,7 +21,7 @@
*/
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "config.h"
#include "types.h"
@ -43,7 +43,7 @@
#include <sys/types.h>
#ifdef __linux__
#include "snapshot-inl.h"
# include "snapshot-inl.h"
#endif
/* This is a somewhat ugly hack for the experimental 'trace-pc-guard' mode.
@ -53,7 +53,7 @@
#define CONST_PRIO 5
#ifndef MAP_FIXED_NOREPLACE
#define MAP_FIXED_NOREPLACE MAP_FIXED
# define MAP_FIXED_NOREPLACE MAP_FIXED
#endif
#include <sys/mman.h>
@ -822,15 +822,15 @@ void __cmplog_ins_hook8(uint64_t arg1, uint64_t arg2) {
}
#if defined(__APPLE__)
#pragma weak __sanitizer_cov_trace_const_cmp1 = __cmplog_ins_hook1
#pragma weak __sanitizer_cov_trace_const_cmp2 = __cmplog_ins_hook2
#pragma weak __sanitizer_cov_trace_const_cmp4 = __cmplog_ins_hook4
#pragma weak __sanitizer_cov_trace_const_cmp8 = __cmplog_ins_hook8
# pragma weak __sanitizer_cov_trace_const_cmp1 = __cmplog_ins_hook1
# pragma weak __sanitizer_cov_trace_const_cmp2 = __cmplog_ins_hook2
# pragma weak __sanitizer_cov_trace_const_cmp4 = __cmplog_ins_hook4
# pragma weak __sanitizer_cov_trace_const_cmp8 = __cmplog_ins_hook8
#pragma weak __sanitizer_cov_trace_cmp1 = __cmplog_ins_hook1
#pragma weak __sanitizer_cov_trace_cmp2 = __cmplog_ins_hook2
#pragma weak __sanitizer_cov_trace_cmp4 = __cmplog_ins_hook4
#pragma weak __sanitizer_cov_trace_cmp8 = __cmplog_ins_hook8
# pragma weak __sanitizer_cov_trace_cmp1 = __cmplog_ins_hook1
# pragma weak __sanitizer_cov_trace_cmp2 = __cmplog_ins_hook2
# pragma weak __sanitizer_cov_trace_cmp4 = __cmplog_ins_hook4
# pragma weak __sanitizer_cov_trace_cmp8 = __cmplog_ins_hook8
#else
void __sanitizer_cov_trace_const_cmp1(uint8_t arg1, uint8_t arg2)
__attribute__((alias("__cmplog_ins_hook1")));

10
llvm_mode/cmplog-instructions-pass.cc
View File

@ -38,12 +38,12 @@
#if LLVM_VERSION_MAJOR > 3 || \
(LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4)
#include "llvm/IR/Verifier.h"
#include "llvm/IR/DebugInfo.h"
# include "llvm/IR/Verifier.h"
# include "llvm/IR/DebugInfo.h"
#else
#include "llvm/Analysis/Verifier.h"
#include "llvm/DebugInfo.h"
#define nullptr 0
# include "llvm/Analysis/Verifier.h"
# include "llvm/DebugInfo.h"
# define nullptr 0
#endif
#include <set>

10
llvm_mode/cmplog-routines-pass.cc
View File

@ -38,12 +38,12 @@
#if LLVM_VERSION_MAJOR > 3 || \
(LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4)
#include "llvm/IR/Verifier.h"
#include "llvm/IR/DebugInfo.h"
# include "llvm/IR/Verifier.h"
# include "llvm/IR/DebugInfo.h"
#else
#include "llvm/Analysis/Verifier.h"
#include "llvm/DebugInfo.h"
#define nullptr 0
# include "llvm/Analysis/Verifier.h"
# include "llvm/DebugInfo.h"
# define nullptr 0
#endif
#include <set>

10
llvm_mode/compare-transform-pass.so.cc
View File

@ -38,12 +38,12 @@
#if LLVM_VERSION_MAJOR > 3 || \
(LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4)
#include "llvm/IR/Verifier.h"
#include "llvm/IR/DebugInfo.h"
# include "llvm/IR/Verifier.h"
# include "llvm/IR/DebugInfo.h"
#else
#include "llvm/Analysis/Verifier.h"
#include "llvm/DebugInfo.h"
#define nullptr 0
# include "llvm/Analysis/Verifier.h"
# include "llvm/DebugInfo.h"
# define nullptr 0
#endif
#include <set>

10
llvm_mode/split-compares-pass.so.cc
View File

@ -37,12 +37,12 @@
#include "llvm/IR/IRBuilder.h"
#if LLVM_VERSION_MAJOR > 3 || \
(LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4)
#include "llvm/IR/Verifier.h"
#include "llvm/IR/DebugInfo.h"
# include "llvm/IR/Verifier.h"
# include "llvm/IR/DebugInfo.h"
#else
#include "llvm/Analysis/Verifier.h"
#include "llvm/DebugInfo.h"
#define nullptr 0
# include "llvm/Analysis/Verifier.h"
# include "llvm/DebugInfo.h"
# define nullptr 0
#endif
using namespace llvm;

10
llvm_mode/split-switches-pass.so.cc
View File

@ -40,12 +40,12 @@
#include "llvm/IR/IRBuilder.h"
#if LLVM_VERSION_MAJOR > 3 || \
(LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4)
#include "llvm/IR/Verifier.h"
#include "llvm/IR/DebugInfo.h"
# include "llvm/IR/Verifier.h"
# include "llvm/IR/DebugInfo.h"
#else
#include "llvm/Analysis/Verifier.h"
#include "llvm/DebugInfo.h"
#define nullptr 0
# include "llvm/Analysis/Verifier.h"
# include "llvm/DebugInfo.h"
# define nullptr 0
#endif
#include <set>

18
qbdi_mode/template.cpp
View File

@ -11,7 +11,7 @@
#include <dlfcn.h>
#ifdef __ANDROID__
#include "../include/android-ashmem.h"
# include "../include/android-ashmem.h"
#endif
#include <sys/ipc.h>
@ -23,15 +23,15 @@
/* NeverZero */
#if (defined(__x86_64__) || defined(__i386__)) && defined(AFL_QEMU_NOT_ZERO)
#define INC_AFL_AREA(loc) \
asm volatile( \
"incb (%0, %1, 1)\n" \
"adcb $0, (%0, %1, 1)\n" \
: /* no out */ \
: "r"(afl_area_ptr), "r"(loc) \
: "memory", "eax")
# define INC_AFL_AREA(loc) \
asm volatile( \
"incb (%0, %1, 1)\n" \
"adcb $0, (%0, %1, 1)\n" \
: /* no out */ \
: "r"(afl_area_ptr), "r"(loc) \
: "memory", "eax")
#else
#define INC_AFL_AREA(loc) afl_area_ptr[loc]++
# define INC_AFL_AREA(loc) afl_area_ptr[loc]++
#endif
using namespace QBDI;

4
qemu_mode/libcompcov/libcompcov.so.c
View File

@ -20,7 +20,7 @@
*/
#ifndef _GNU_SOURCE
#define _GNU_SOURCE
# define _GNU_SOURCE
#endif
#include <dlfcn.h>
#include <stdio.h>
@ -36,7 +36,7 @@
#include "pmparser.h"
#ifndef __linux__
#error "Sorry, this library is Linux-specific for now!"
# error "Sorry, this library is Linux-specific for now!"
#endif /* !__linux__ */
/* Change this value to tune the compare coverage */

24
qemu_mode/patches/afl-qemu-common.h
View File

@ -40,27 +40,27 @@
#define PERSISTENT_DEFAULT_MAX_CNT 1000
#ifdef CPU_NB_REGS
#define AFL_REGS_NUM CPU_NB_REGS
# define AFL_REGS_NUM CPU_NB_REGS
#elif TARGET_ARM
#define AFL_REGS_NUM 32
# define AFL_REGS_NUM 32
#elif TARGET_AARCH64
#define AFL_REGS_NUM 32
# define AFL_REGS_NUM 32
#else
#define AFL_REGS_NUM 100
# define AFL_REGS_NUM 100
#endif
/* NeverZero */
#if (defined(__x86_64__) || defined(__i386__)) && defined(AFL_QEMU_NOT_ZERO)
#define INC_AFL_AREA(loc) \
asm volatile( \
"incb (%0, %1, 1)\n" \
"adcb $0, (%0, %1, 1)\n" \
: /* no out */ \
: "r"(afl_area_ptr), "r"(loc) \
: "memory", "eax")
# define INC_AFL_AREA(loc) \
asm volatile( \
"incb (%0, %1, 1)\n" \
"adcb $0, (%0, %1, 1)\n" \
: /* no out */ \
: "r"(afl_area_ptr), "r"(loc) \
: "memory", "eax")
#else
#define INC_AFL_AREA(loc) afl_area_ptr[loc]++
# define INC_AFL_AREA(loc) afl_area_ptr[loc]++
#endif
typedef void (*afl_persistent_hook_fn)(uint64_t *regs, uint64_t guest_base);

2
qemu_mode/patches/afl-qemu-cpu-inl.h
View File

@ -35,7 +35,7 @@
#include "afl-qemu-common.h"
#ifndef AFL_QEMU_STATIC_BUILD
#include <dlfcn.h>
# include <dlfcn.h>
#endif
/***************************

4
qemu_mode/patches/afl-qemu-cpu-translate-inl.h
View File

@ -36,9 +36,9 @@
#include "tcg-op.h"
#if TCG_TARGET_REG_BITS == 64
#define _DEFAULT_MO MO_64
# define _DEFAULT_MO MO_64
#else
#define _DEFAULT_MO MO_32
# define _DEFAULT_MO MO_32
#endif
static void afl_gen_compcov(target_ulong cur_loc, TCGv arg1, TCGv arg2,

2
src/afl-analyze.c
View File

@ -27,7 +27,7 @@
#define AFL_MAIN
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "config.h"
#include "types.h"

6
src/afl-as.c
View File

@ -79,9 +79,9 @@ static u8 use_64bit = 1;
static u8 use_64bit = 0;
#ifdef __APPLE__
#error "Sorry, 32-bit Apple platforms are not supported."
#endif /* __APPLE__ */
# ifdef __APPLE__
# error "Sorry, 32-bit Apple platforms are not supported."
# endif /* __APPLE__ */
#endif /* ^WORD_SIZE_64 */

2
src/afl-common.c
View File

@ -34,7 +34,7 @@
/* Detect @@ in args. */
#ifndef __glibc__
#include <unistd.h>
# include <unistd.h>
#endif
#include <limits.h>
#include <sys/types.h>

68
src/afl-fuzz-init.c
View File

@ -33,11 +33,11 @@
void bind_to_free_cpu(afl_state_t *afl) {
#if defined(__linux__) || defined(__FreeBSD__) || defined(__DragonFly__)
# if defined(__linux__) || defined(__FreeBSD__) || defined(__DragonFly__)
cpu_set_t c;
#elif defined(__NetBSD__)
# elif defined(__NetBSD__)
cpuset_t * c;
#endif
# endif
u8 cpu_used[4096] = {0};
u32 i;
@ -51,7 +51,7 @@ void bind_to_free_cpu(afl_state_t *afl) {
}
#if defined(__linux__)
# if defined(__linux__)
DIR * d;
struct dirent *de;
d = opendir("/proc");
@ -112,7 +112,7 @@ void bind_to_free_cpu(afl_state_t *afl) {
}
closedir(d);
#elif defined(__FreeBSD__) || defined(__DragonFly__)
# elif defined(__FreeBSD__) || defined(__DragonFly__)
struct kinfo_proc *procs;
size_t nprocs;
size_t proccount;
@ -133,7 +133,7 @@ void bind_to_free_cpu(afl_state_t *afl) {
for (i = 0; i < proccount; i++) {
#if defined(__FreeBSD__)
# if defined(__FreeBSD__)
if (!strcmp(procs[i].ki_comm, "idle")) continue;
// fix when ki_oncpu = -1
@ -143,16 +143,16 @@ void bind_to_free_cpu(afl_state_t *afl) {
if (oncpu != -1 && oncpu < sizeof(cpu_used) && procs[i].ki_pctcpu > 60)
cpu_used[oncpu] = 1;
#elif defined(__DragonFly__)
# elif defined(__DragonFly__)
if (procs[i].kp_lwp.kl_cpuid < sizeof(cpu_used) &&
procs[i].kp_lwp.kl_pctcpu > 10)
cpu_used[procs[i].kp_lwp.kl_cpuid] = 1;
#endif
# endif
}
ck_free(procs);
#elif defined(__NetBSD__)
# elif defined(__NetBSD__)
struct kinfo_proc2 *procs;
size_t nprocs;
size_t proccount;
@ -181,15 +181,15 @@ void bind_to_free_cpu(afl_state_t *afl) {
}
ck_free(procs);
#else
#warning \
"For this platform we do not have free CPU binding code yet. If possible, please supply a PR to https://github.com/AFLplusplus/AFLplusplus"
#endif
# else
# warning \
"For this platform we do not have free CPU binding code yet. If possible, please supply a PR to https://github.com/AFLplusplus/AFLplusplus"
# endif
size_t cpu_start = 0;
try:
#ifndef __ANDROID__
# ifndef __ANDROID__
for (i = cpu_start; i < afl->cpu_core_count; i++) {
if (!cpu_used[i]) { break; }
@ -198,12 +198,12 @@ void bind_to_free_cpu(afl_state_t *afl) {
if (i == afl->cpu_core_count) {
#else
# else
for (i = afl->cpu_core_count - cpu_start - 1; i > -1; i--)
if (!cpu_used[i]) break;
if (i == -1) {
#endif
# endif
SAYF("\n" cLRD "[-] " cRST
"Uh-oh, looks like all %d CPU cores on your system are allocated to\n"
@ -221,16 +221,16 @@ void bind_to_free_cpu(afl_state_t *afl) {
afl->cpu_aff = i;
#if defined(__linux__) || defined(__FreeBSD__) || defined(__DragonFly__)
# if defined(__linux__) || defined(__FreeBSD__) || defined(__DragonFly__)
CPU_ZERO(&c);
CPU_SET(i, &c);
#elif defined(__NetBSD__)
# elif defined(__NetBSD__)
c = cpuset_create();
if (c == NULL) PFATAL("cpuset_create failed");
cpuset_set(i, c);
#endif
# endif
#if defined(__linux__)
# if defined(__linux__)
if (sched_setaffinity(0, sizeof(c), &c)) {
if (cpu_start == afl->cpu_core_count) {
@ -246,7 +246,7 @@ void bind_to_free_cpu(afl_state_t *afl) {
}
#elif defined(__FreeBSD__) || defined(__DragonFly__)
# elif defined(__FreeBSD__) || defined(__DragonFly__)
if (pthread_setaffinity_np(pthread_self(), sizeof(c), &c)) {
if (cpu_start == afl->cpu_core_count)
@ -258,7 +258,7 @@ void bind_to_free_cpu(afl_state_t *afl) {
}
#elif defined(__NetBSD__)
# elif defined(__NetBSD__)
if (pthread_setaffinity_np(pthread_self(), cpuset_size(c), c)) {
if (cpu_start == afl->cpu_core_count)
@ -271,10 +271,10 @@ if (pthread_setaffinity_np(pthread_self(), cpuset_size(c), c)) {
}
cpuset_destroy(c);
#else
# else
// this will need something for other platforms
// TODO: Solaris/Illumos has processor_bind ... might worth a try
#endif
# endif
}
@ -1565,7 +1565,7 @@ void check_crash_handling(void) {
until I get a box to test the code. So, for now, we check for crash
reporting the awful way. */
#if !TARGET_OS_IPHONE
# if !TARGET_OS_IPHONE
if (system("launchctl list 2>/dev/null | grep -q '\\.ReportCrash$'")) return;
SAYF(
@ -1583,7 +1583,7 @@ void check_crash_handling(void) {
" launchctl unload -w ${SL}/LaunchAgents/${PL}.plist\n"
" sudo launchctl unload -w ${SL}/LaunchDaemons/${PL}.Root.plist\n");
#endif
# endif
if (!get_afl_env("AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES"))
FATAL("Crash reporter detected");
@ -1778,26 +1778,26 @@ void get_core_count(afl_state_t *afl) {
/* On *BSD systems, we can just use a sysctl to get the number of CPUs. */
#ifdef __APPLE__
# ifdef __APPLE__
if (sysctlbyname("hw.logicalcpu", &afl->cpu_core_count, &s, NULL, 0) < 0)
return;
#else
# else
int s_name[2] = {CTL_HW, HW_NCPU};
if (sysctl(s_name, 2, &afl->cpu_core_count, &s, NULL, 0) < 0) return;
#endif /* ^__APPLE__ */
# endif /* ^__APPLE__ */
#else
#ifdef HAVE_AFFINITY
# ifdef HAVE_AFFINITY
afl->cpu_core_count = sysconf(_SC_NPROCESSORS_ONLN);
#else
# else
FILE *f = fopen("/proc/stat", "r");
u8 tmp[1024];
@ -1809,7 +1809,7 @@ void get_core_count(afl_state_t *afl) {
fclose(f);
#endif /* ^HAVE_AFFINITY */
# endif /* ^HAVE_AFFINITY */
#endif /* ^(__APPLE__ || __FreeBSD__ || __OpenBSD__) */
@ -2102,12 +2102,12 @@ void check_binary(afl_state_t *afl, u8 *fname) {
#else
#if !defined(__arm__) && !defined(__arm64__)
# if !defined(__arm__) && !defined(__arm64__)
if ((f_data[0] != 0xCF || f_data[1] != 0xFA || f_data[2] != 0xED) &&
(f_data[0] != 0xCA || f_data[1] != 0xFE || f_data[2] != 0xBA))
FATAL("Program '%s' is not a 64-bit or universal Mach-O binary",
afl->fsrv.target_path);
#endif
# endif
#endif /* ^!__APPLE__ */

62
src/afl-fuzz-python.c
View File

@ -37,9 +37,9 @@ static void *unsupported(afl_state_t *afl, unsigned int seed) {
/* sorry for this makro...
it just fills in `&py_mutator->something_buf, &py_mutator->something_size`. */
#define BUF_PARAMS(name) \
(void **)&((py_mutator_t *)py_mutator)->name##_buf, \
&((py_mutator_t *)py_mutator)->name##_size
# define BUF_PARAMS(name) \
(void **)&((py_mutator_t *)py_mutator)->name##_buf, \
&((py_mutator_t *)py_mutator)->name##_size
static size_t fuzz_py(void *py_mutator, u8 *buf, size_t buf_size, u8 **out_buf,
u8 *add_buf, size_t add_buf_size, size_t max_size) {
@ -72,11 +72,11 @@ static size_t fuzz_py(void *py_mutator, u8 *buf, size_t buf_size, u8 **out_buf,
PyTuple_SetItem(py_args, 1, py_value);
/* max_size */
#if PY_MAJOR_VERSION >= 3
# if PY_MAJOR_VERSION >= 3
py_value = PyLong_FromLong(max_size);
#else
# else
py_value = PyInt_FromLong(max_size);
#endif
# endif
if (!py_value) {
Py_DECREF(py_args);
@ -118,11 +118,11 @@ static py_mutator_t *init_py_module(afl_state_t *afl, u8 *module_name) {
Py_Initialize();
#if PY_MAJOR_VERSION >= 3
# if PY_MAJOR_VERSION >= 3
PyObject *py_name = PyUnicode_FromString(module_name);
#else
# else
PyObject *py_name = PyString_FromString(module_name);
#endif
# endif
py->py_module = PyImport_Import(py_name);
Py_DECREF(py_name);
@ -243,11 +243,11 @@ static void init_py(afl_state_t *afl, py_mutator_t *py_mutator,
/* Provide the init function a seed for the Python RNG */
py_args = PyTuple_New(1);
#if PY_MAJOR_VERSION >= 3
# if PY_MAJOR_VERSION >= 3
py_value = PyLong_FromLong(seed);
#else
# else
py_value = PyInt_FromLong(seed);
#endif
# endif
if (!py_value) {
@ -440,11 +440,11 @@ s32 init_trim_py(void *py_mutator, u8 *buf, size_t buf_size) {
if (py_value != NULL) {
#if PY_MAJOR_VERSION >= 3
# if PY_MAJOR_VERSION >= 3
u32 retcnt = (u32)PyLong_AsLong(py_value);
#else
# else
u32 retcnt = PyInt_AsLong(py_value);
#endif
# endif
Py_DECREF(py_value);
return retcnt;
@ -479,11 +479,11 @@ s32 post_trim_py(void *py_mutator, u8 success) {
if (py_value != NULL) {
#if PY_MAJOR_VERSION >= 3
# if PY_MAJOR_VERSION >= 3
u32 retcnt = (u32)PyLong_AsLong(py_value);
#else
# else
u32 retcnt = PyInt_AsLong(py_value);
#endif
# endif
Py_DECREF(py_value);
return retcnt;
@ -543,11 +543,11 @@ size_t havoc_mutation_py(void *py_mutator, u8 *buf, size_t buf_size,
PyTuple_SetItem(py_args, 0, py_value);
/* max_size */
#if PY_MAJOR_VERSION >= 3
# if PY_MAJOR_VERSION >= 3
py_value = PyLong_FromLong(max_size);
#else
# else
py_value = PyInt_FromLong(max_size);
#endif
# endif
if (!py_value) {
Py_DECREF(py_args);
@ -625,11 +625,11 @@ u8 queue_get_py(void *py_mutator, const u8 *filename) {
py_args = PyTuple_New(1);
// File name
#if PY_MAJOR_VERSION >= 3
# if PY_MAJOR_VERSION >= 3
py_value = PyUnicode_FromString(filename);
#else
# else
py_value = PyString_FromString(filename);
#endif
# endif
if (!py_value) {
Py_DECREF(py_args);
@ -675,11 +675,11 @@ void queue_new_entry_py(void *py_mutator, const u8 *filename_new_queue,
py_args = PyTuple_New(2);
// New queue
#if PY_MAJOR_VERSION >= 3
# if PY_MAJOR_VERSION >= 3
py_value = PyUnicode_FromString(filename_new_queue);
#else
# else
py_value = PyString_FromString(filename_new_queue);
#endif
# endif
if (!py_value) {
Py_DECREF(py_args);
@ -693,11 +693,11 @@ void queue_new_entry_py(void *py_mutator, const u8 *filename_new_queue,
py_value = Py_None;
if (filename_orig_queue) {
#if PY_MAJOR_VERSION >= 3
# if PY_MAJOR_VERSION >= 3
py_value = PyUnicode_FromString(filename_orig_queue);
#else
# else
py_value = PyString_FromString(filename_orig_queue);
#endif
# endif
if (!py_value) {
Py_DECREF(py_args);
@ -724,7 +724,7 @@ void queue_new_entry_py(void *py_mutator, const u8 *filename_new_queue,
}
#undef BUF_PARAMS
# undef BUF_PARAMS
#endif /* USE_PYTHON */

12
src/afl-fuzz.c
View File

@ -853,7 +853,7 @@ int main(int argc, char **argv_orig, char **envp) {
}
#if defined(__SANITIZE_ADDRESS__)
# if defined(__SANITIZE_ADDRESS__)
if (afl->fsrv.mem_limit) {
WARNF("in the ASAN build we disable all memory limits");
@ -861,7 +861,7 @@ int main(int argc, char **argv_orig, char **envp) {
}
#endif
# endif
setup_signal_handlers();
check_asan_opts();
@ -1054,9 +1054,9 @@ int main(int argc, char **argv_orig, char **envp) {
get_core_count(afl);
#ifdef HAVE_AFFINITY
# ifdef HAVE_AFFINITY
bind_to_free_cpu(afl);
#endif /* HAVE_AFFINITY */
# endif /* HAVE_AFFINITY */
check_crash_handling();
check_cpu_governor(afl);
@ -1352,12 +1352,12 @@ stop_fuzzing:
}
#ifdef PROFILING
# ifdef PROFILING
SAYF(cYEL "[!] " cRST
"Profiling information: %llu ms total work, %llu ns/run\n",
time_spent_working / 1000000,
time_spent_working / afl->fsrv.total_execs);
#endif
# endif
fclose(afl->fsrv.plot_file);
destroy_queue(afl);

56
src/afl-gotcpu.c
View File

@ -32,11 +32,11 @@
#define AFL_MAIN
#ifndef _GNU_SOURCE
#define _GNU_SOURCE
# define _GNU_SOURCE
#endif
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include <stdio.h>
#include <stdlib.h>
@ -55,22 +55,22 @@
#if defined(__linux__) || defined(__FreeBSD__) || defined(__NetBSD__) || \
defined(__APPLE__) || defined(__DragonFly__)
#define HAVE_AFFINITY 1
#if defined(__FreeBSD__) || defined(__DragonFly__)
#include <pthread.h>
#include <pthread_np.h>
#if defined(__FreeBSD__)
#include <sys/cpuset.h>
#endif
#define cpu_set_t cpuset_t
#elif defined(__NetBSD__)
#include <pthread.h>
#include <sched.h>
#elif defined(__APPLE__)
#include <pthread.h>
#include <mach/thread_act.h>
#include <mach/thread_policy.h>
#endif
# define HAVE_AFFINITY 1
# if defined(__FreeBSD__) || defined(__DragonFly__)
# include <pthread.h>
# include <pthread_np.h>
# if defined(__FreeBSD__)
# include <sys/cpuset.h>
# endif
# define cpu_set_t cpuset_t
# elif defined(__NetBSD__)
# include <pthread.h>
# include <sched.h>
# elif defined(__APPLE__)
# include <pthread.h>
# include <mach/thread_act.h>
# include <mach/thread_policy.h>
# endif
#endif /* __linux__ || __FreeBSD__ || __NetBSD__ || __APPLE__ */
/* Get CPU usage in microseconds. */
@ -163,46 +163,46 @@ int main(int argc, char **argv) {
if (!fr) {
u32 util_perc;
#if defined(__linux__) || defined(__FreeBSD__) || defined(__DragonFly__)
# if defined(__linux__) || defined(__FreeBSD__) || defined(__DragonFly__)
cpu_set_t c;
CPU_ZERO(&c);
CPU_SET(i, &c);
#elif defined(__NetBSD__)
# elif defined(__NetBSD__)
cpuset_t *c;
c = cpuset_create();
if (c == NULL) PFATAL("cpuset_create failed");
cpuset_set(i, c);
#elif defined(__APPLE__)
# elif defined(__APPLE__)
thread_affinity_policy_data_t c = {i};
thread_port_t native_thread = pthread_mach_thread_np(pthread_self());
if (thread_policy_set(native_thread, THREAD_AFFINITY_POLICY,
(thread_policy_t)&c, 1) != KERN_SUCCESS)
PFATAL("thread_policy_set failed");
#endif
# endif
#if defined(__FreeBSD__) || defined(__DragonFly__)
# if defined(__FreeBSD__) || defined(__DragonFly__)
if (pthread_setaffinity_np(pthread_self(), sizeof(c), &c))
PFATAL("pthread_setaffinity_np failed");
#endif
# endif
#if defined(__NetBSD__)
# if defined(__NetBSD__)
if (pthread_setaffinity_np(pthread_self(), cpuset_size(c), c))
PFATAL("pthread_setaffinity_np failed");
cpuset_destroy(c);
#endif
# endif
#if defined(__linux__)
# if defined(__linux__)
if (sched_setaffinity(0, sizeof(c), &c)) {
PFATAL("sched_setaffinity failed for cpu %d", i);
}
#endif
# endif
util_perc = measure_preemption(CTEST_CORE_TRG_MS);

6
src/afl-sharedmem.c
View File

@ -27,7 +27,7 @@
#define AFL_MAIN
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "config.h"
#include "types.h"
@ -56,8 +56,8 @@
#include <sys/mman.h>
#ifndef USEMMAP
#include <sys/ipc.h>
#include <sys/shm.h>
# include <sys/ipc.h>
# include <sys/shm.h>
#endif
static list_t shm_list = {.element_prealloc_count = 0};

2
src/afl-showmap.c
View File

@ -32,7 +32,7 @@
#define AFL_MAIN
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "config.h"
#include "types.h"

2
src/afl-tmin.c
View File

@ -30,7 +30,7 @@
#define AFL_MAIN
#ifdef __ANDROID__
#include "android-ashmem.h"
# include "android-ashmem.h"
#endif
#include "config.h"