ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-17 20:28:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

corrected read_timed for values > 4

Browse Source
This commit is contained in:
Dominik Maier
2020-05-30 11:02:34 +02:00
parent 0c50945303
commit 38e5c32a55
3 changed files with 65 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
include/common.h
View File

@ -107,6 +107,9 @@ u8 *u_stringify_mem_size(u8 *buf, u64 val);
u8 *u_stringify_time_diff(u8 *buf, u64 cur_ms, u64 event_ms); u8 *u_stringify_time_diff(u8 *buf, u64 cur_ms, u64 event_ms);
/* Sets a filedescriptor to non-blocking mode (for read_timed) */
void set_nonblocking(int fd);
/* Wrapper for select() and read(), reading exactly len bytes. /* Wrapper for select() and read(), reading exactly len bytes.
Returns the time passed to read. Returns the time passed to read.
stop_soon should point to a variable indicating ctrl+c was pressed. stop_soon should point to a variable indicating ctrl+c was pressed.

82
src/afl-common.c
View File

@ -39,6 +39,7 @@
#include <limits.h> #include <limits.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <sys/ioctl.h>
#include <unistd.h> #include <unistd.h>
#include <fcntl.h> #include <fcntl.h>
@ -869,51 +870,82 @@ u8 *u_stringify_time_diff(u8 *buf, u64 cur_ms, u64 event_ms) {
} }
/* Wrapper for select() and read(), reading len bytes. /* sets a FD to non-blocking mode (used for read_timed) */
Assumes that all bytes are available on read! void set_nonblocking(int fd) {
int ret = 0;
int opt = 1;
ret = ioctl(fd, FIONBIO, &opt);
if (ret == -1) { PFATAL("Could not enable non-blocking mode on fd %d", fd); }
}
/* Wrapper for select() and read(), reading exactly len bytes.
Should be called on non-blocking fds.
Returns the time passed to read. Returns the time passed to read.
If the wait times out, returns timeout_ms + 1; If the wait times out, returns timeout_ms + 1;
Returns 0 if an error occurred (fd closed, signal, ...); */ Returns 0 if an error occurred (fd closed, signal, ...);
*/
u32 read_timed(s32 fd, void *buf, size_t len, u32 timeout_ms, u32 read_timed(s32 fd, void *buf, size_t len, u32 timeout_ms,
volatile u8 *stop_soon_p) { volatile u8 *stop_soon_p) {
struct timeval timeout;
fd_set readfds; fd_set readfds;
FD_ZERO(&readfds); FD_ZERO(&readfds);
FD_SET(fd, &readfds); FD_SET(fd, &readfds);
struct timeval timeout;
timeout.tv_sec = (timeout_ms / 1000); size_t read_total = 0;
timeout.tv_usec = (timeout_ms % 1000) * 1000; ssize_t len_read = 0;
#if !defined(__linux__)
u64 read_start = get_cur_time_us();
#endif
/* set exceptfds as well to return when a child exited/closed the pipe. */ #if defined(__linux__)
int sret = select(fd + 1, &readfds, NULL, NULL, &timeout); timeout.tv_sec = (timeout_ms / 1000);
timeout.tv_usec = (timeout_ms % 1000) * 1000;
#else
u64 time_start = get_cur_time_us();
#endif
if (!sret) { while (read_total < len) {
return timeout_ms + 1; #if !defined(__linux__)
u64 time_current = get_cur_time_us();
u64 timeout_current = timeout_ms - (time_current - time_start);
timeout.tv_sec = (timeout_current / 1000);
timeout.tv_usec = (timeout_current % 1000) * 1000;
#endif
} else if (sret < 0) { /* set exceptfds as well to return when a child exited/closed the pipe. */
int sret = select(fd + 1, &readfds, NULL, NULL, &timeout);
return 0; if (!sret) {
// printf("Timeout in sret.");
return timeout_ms + 1;
} else if (sret < 0) {
/* Retry select for all signals other than than ctrl+c */
if (errno == EINTR && !*stop_soon_p) { continue; }
return 0;
}
len_read = read(fd, ((u8 *)buf) + read_total, len - read_total);
if (len_read <= 0) { return 0; }
read_total += len_read;
} }
ssize_t len_read = read(fd, ((u8 *)buf), len); #if defined(__linux__)
if (len_read < len) { return 0; } s32 exec_ms =
#if defined(__linux__)
u32 exec_ms =
MIN(timeout_ms, MIN(timeout_ms,
((u64)timeout_ms - (timeout.tv_sec * 1000 + timeout.tv_usec / 1000))); ((u64)timeout_ms - (timeout.tv_sec * 1000 + timeout.tv_usec / 1000)));
#else #else
u32 exec_ms = get_cur_time_us() - read_start; u32 exec_ms = get_cur_time_us() - time_start;
#endif #endif
// ensure to report 1 ms has passed (0 is an error) return exec_ms > 0 ? exec_ms
return exec_ms > 0 ? exec_ms : 1; : 1; // at least 1 milli must have passed (0 is an error)
} }

6
src/afl-forkserver.c
View File

@ -401,6 +401,8 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
fsrv->fsrv_ctl_fd = ctl_pipe[1]; fsrv->fsrv_ctl_fd = ctl_pipe[1];
fsrv->fsrv_st_fd = st_pipe[0]; fsrv->fsrv_st_fd = st_pipe[0];
set_nonblocking(fsrv->fsrv_st_fd);
/* Wait for the fork server to come up, but don't wait too long. */ /* Wait for the fork server to come up, but don't wait too long. */
rlen = 0; rlen = 0;
@ -853,7 +855,9 @@ fsrv_run_result_t afl_fsrv_run_target(afl_forkserver_t *fsrv, u32 timeout,
fsrv->last_run_timed_out = 0; fsrv->last_run_timed_out = 0;
if ((res = read(fsrv->fsrv_st_fd, &fsrv->child_pid, 4)) != 4) { res = read_timed(fsrv->fsrv_st_fd, &fsrv->child_pid, 4, timeout, stop_soon_p);
if (res < 0 || res > timeout) {
if (*stop_soon_p) { return 0; } if (*stop_soon_p) { return 0; }
RPFATAL(res, "Unable to request new process from fork server (OOM?)"); RPFATAL(res, "Unable to request new process from fork server (OOM?)");