ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-14 19:08:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

code format

Browse Source
This commit is contained in:
vanhauser-thc
2022-03-04 09:41:21 +01:00
parent 09123d8617
commit 2eeba2dbf0
5 changed files with 19 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
include/forkserver.h
View File

@ -70,7 +70,8 @@ typedef struct {
enum NyxReturnValue (*nyx_exec)(void *qemu_process); enum NyxReturnValue (*nyx_exec)(void *qemu_process);
uint8_t *(*nyx_get_bitmap_buffer)(void *qemu_process); uint8_t *(*nyx_get_bitmap_buffer)(void *qemu_process);
size_t (*nyx_get_bitmap_buffer_size)(void *qemu_process); size_t (*nyx_get_bitmap_buffer_size)(void *qemu_process);
uint32_t (*nyx_get_aux_string)(void *nyx_process, uint8_t *buffer, uint32_t size); uint32_t (*nyx_get_aux_string)(void *nyx_process, uint8_t *buffer,
uint32_t size);
} nyx_plugin_handler_t; } nyx_plugin_handler_t;

5
nyx_mode/custom_harness/example.c
View File

@ -30,8 +30,9 @@ int main(int argc, char **argv) {
/* this is our "bitmap" that is later shared with the fuzzer (you can also /* this is our "bitmap" that is later shared with the fuzzer (you can also
* pass the pointer of the bitmap used by compile-time instrumentations in * pass the pointer of the bitmap used by compile-time instrumentations in
* your target) */ * your target) */
uint8_t *trace_buffer = mmap(NULL, MMAP_SIZE(TRACE_BUFFER_SIZE), PROT_READ | uint8_t *trace_buffer =
PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, -1, 0); mmap(NULL, MMAP_SIZE(TRACE_BUFFER_SIZE), PROT_READ | PROT_WRITE,
MAP_SHARED | MAP_ANONYMOUS, -1, 0);
memset(trace_buffer, 0, memset(trace_buffer, 0,
TRACE_BUFFER_SIZE); // makes sure that the bitmap buffer is already TRACE_BUFFER_SIZE); // makes sure that the bitmap buffer is already
// mapped into the guest's memory (alternatively // mapped into the guest's memory (alternatively

3
src/afl-forkserver.c
View File

@ -1257,9 +1257,12 @@ void afl_fsrv_kill(afl_forkserver_t *fsrv) {
#ifdef __linux__ #ifdef __linux__
if (fsrv->nyx_mode) { if (fsrv->nyx_mode) {
free(fsrv->nyx_aux_string); free(fsrv->nyx_aux_string);
fsrv->nyx_handlers->nyx_shutdown(fsrv->nyx_runner); fsrv->nyx_handlers->nyx_shutdown(fsrv->nyx_runner);
} }
#endif #endif
} }

7
src/afl-fuzz-bitmap.c
View File

@ -773,18 +773,21 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
#ifdef __linux__ #ifdef __linux__
if (afl->fsrv.nyx_mode && fault == FSRV_RUN_CRASH) { if (afl->fsrv.nyx_mode && fault == FSRV_RUN_CRASH) {
u8 fn_log[PATH_MAX]; u8 fn_log[PATH_MAX];
snprintf(fn_log, PATH_MAX, "%s.log", fn); snprintf(fn_log, PATH_MAX, "%s.log", fn);
fd = open(fn_log, O_WRONLY | O_CREAT | O_EXCL, DEFAULT_PERMISSION); fd = open(fn_log, O_WRONLY | O_CREAT | O_EXCL, DEFAULT_PERMISSION);
if (unlikely(fd < 0)) { PFATAL("Unable to create '%s'", fn_log); } if (unlikely(fd < 0)) { PFATAL("Unable to create '%s'", fn_log); }
u32 nyx_aux_string_len = afl->fsrv.nyx_handlers->nyx_get_aux_string(afl->fsrv.nyx_runner, afl->fsrv.nyx_aux_string, 0x1000); u32 nyx_aux_string_len = afl->fsrv.nyx_handlers->nyx_get_aux_string(
afl->fsrv.nyx_runner, afl->fsrv.nyx_aux_string, 0x1000);
ck_write(fd, afl->fsrv.nyx_aux_string, nyx_aux_string_len, fn_log); ck_write(fd, afl->fsrv.nyx_aux_string, nyx_aux_string_len, fn_log);
close(fd); close(fd);
} }
#endif #endif
return keeping; return keeping;

3
src/afl-fuzz.c
View File

@ -468,8 +468,7 @@ nyx_plugin_handler_t *afl_load_libnyx_plugin(u8 *libnyx_binary) {
dlsym(handle, "nyx_get_bitmap_buffer_size"); dlsym(handle, "nyx_get_bitmap_buffer_size");
if (plugin->nyx_get_bitmap_buffer_size == NULL) { goto fail; } if (plugin->nyx_get_bitmap_buffer_size == NULL) { goto fail; }
plugin->nyx_get_aux_string = plugin->nyx_get_aux_string = dlsym(handle, "nyx_get_aux_string");
dlsym(handle, "nyx_get_aux_string");
if (plugin->nyx_get_aux_string == NULL) { goto fail; } if (plugin->nyx_get_aux_string == NULL) { goto fail; }
OKF("libnyx plugin is ready!"); OKF("libnyx plugin is ready!");