hidden -Y option for nyx, code format

afl-cmin

@@ -124,9 +124,9 @@ function usage() {
 "AFL_FORKSRV_INIT_TMOUT: time the fuzzer waits for the forkserver to come up\n" \
 "AFL_KEEP_TRACES: leave the temporary <out_dir>/.traces directory\n" \
 "AFL_KILL_SIGNAL: Signal delivered to child processes on timeout (default: SIGKILL)\n" \
-"AFL_FORK_SERVER_KILL_SIGNAL: Signal delivered to fork server processes on termination\n" \
+"AFL_FORK_SERVER_KILL_SIGNAL: Signal delivered to fork server processes on\n" \
-"                             (default: SIGTERM). If this is not set and AFL_KILL_SIGNAL is set,\n" \
+"   termination (default: SIGTERM). If this is not set and AFL_KILL_SIGNAL is\n" \
-"                             this will be set to the same value as AFL_KILL_SIGNAL.\n" \
+"   set, this will be set to the same value as AFL_KILL_SIGNAL.\n" \
 "AFL_NO_FORKSRV: run target via execve instead of using the forkserver\n" \
 "AFL_CMIN_ALLOW_ANY: write tuples for crashing inputs also\n" \
 "AFL_PATH: path for the afl-showmap binary if not found anywhere in PATH\n" \
@@ -157,7 +157,7 @@ BEGIN {
   # process options
   Opterr = 1    # default is to diagnose
   Optind = 1    # skip ARGV[0]
-  while ((_go_c = getopt(ARGC, ARGV, "hi:o:f:m:t:eACOQUX?")) != -1) {
+  while ((_go_c = getopt(ARGC, ARGV, "hi:o:f:m:t:eACOQUXY?")) != -1) {
     if (_go_c == "i") {
       if (!Optarg) usage()
       if (in_dir) { print "Option "_go_c" is only allowed once" > "/dev/stderr"}
@@ -219,7 +219,7 @@ BEGIN {
       unicorn_mode = 1
       continue
     } else
-    if (_go_c == "X") {
+    if (_go_c == "X" || _go_c == "Y") {
       if (nyx_mode) { print "Option "_go_c" is only allowed once" > "/dev/stderr"}
       extra_par = extra_par " -X"
       nyx_mode = 1

afl-cmin.bash

@@ -53,7 +53,7 @@ unset IN_DIR OUT_DIR STDIN_FILE EXTRA_PAR MEM_LIMIT_GIVEN \
 
 export AFL_QUIET=1
 
-while getopts "+i:o:f:m:t:eOQUACh" opt; do
+while getopts "+i:o:f:m:t:eOQUAChXY" opt; do
 
   case "$opt" in 
 
@@ -94,6 +94,14 @@ while getopts "+i:o:f:m:t:eOQUACh" opt; do
          EXTRA_PAR="$EXTRA_PAR -Q"
          QEMU_MODE=1
          ;;
+    "Y")
+         EXTRA_PAR="$EXTRA_PAR -X"
+         NYX_MODE=1
+         ;;
+    "X")
+         EXTRA_PAR="$EXTRA_PAR -X"
+         NYX_MODE=1
+         ;;
     "U")
          EXTRA_PAR="$EXTRA_PAR -U"
          UNICORN_MODE=1
@@ -128,6 +136,7 @@ Execution control settings:
   -O            - use binary-only instrumentation (FRIDA mode)
   -Q            - use binary-only instrumentation (QEMU mode)
   -U            - use unicorn-based instrumentation (Unicorn mode)
+  -X            - use Nyx mode
   
 Minimization settings:
 
@@ -206,6 +215,7 @@ if [ ! "$TIMEOUT" = "none" ]; then
 
 fi
 
+if [ "$NYX_MODE" = "" ]; then
   if [ ! -f "$TARGET_BIN" -o ! -x "$TARGET_BIN" ]; then
 
     TNEW="`which "$TARGET_BIN" 2>/dev/null`"
@@ -219,6 +229,8 @@ if [ ! -f "$TARGET_BIN" -o ! -x "$TARGET_BIN" ]; then
 
   fi
 
+fi
+
 grep -aq AFL_DUMP_MAP_SIZE "./$TARGET_BIN" && {
   echo "[!] Trying to obtain the map size of the target ..."
   MAPSIZE=`AFL_DUMP_MAP_SIZE=1 "./$TARGET_BIN" 2>/dev/null`
@@ -228,7 +240,7 @@ grep -aq AFL_DUMP_MAP_SIZE "./$TARGET_BIN" && {
   }
 }
 
-if [ "$AFL_SKIP_BIN_CHECK" = "" -a "$QEMU_MODE" = "" -a "$FRIDA_MODE" = "" -a "$UNICORN_MODE" = "" ]; then
+if [ "$AFL_SKIP_BIN_CHECK" = "" -a "$QEMU_MODE" = "" -a "$FRIDA_MODE" = "" -a "$UNICORN_MODE" = "" -a "$NYX_MODE" = "" ]; then
 
   if ! grep -qF "__AFL_SHM_ID" "$TARGET_BIN"; then
     echo "[-] Error: binary '$TARGET_BIN' doesn't appear to be instrumented." 1>&2

include/forkserver.h

@@ -52,20 +52,25 @@ typedef enum NyxReturnValue {
 } NyxReturnValue;
 
 typedef enum NyxProcessRole {
+
   StandAlone,
   Parent,
   Child,
+
 } NyxProcessRole;
 
 typedef struct {
 
   void *(*nyx_config_load)(const char *sharedir);
   void (*nyx_config_set_workdir_path)(void *config, const char *workdir);
-  void (*nyx_config_set_input_buffer_size)(void *config, uint32_t input_buffer_size);
+  void (*nyx_config_set_input_buffer_size)(void    *config,
-  void (*nyx_config_set_input_buffer_write_protection)(void *config, bool input_buffer_write_protection);
+                                           uint32_t input_buffer_size);
+  void (*nyx_config_set_input_buffer_write_protection)(
+      void *config, bool input_buffer_write_protection);
   void (*nyx_config_set_hprintf_fd)(void *config, int32_t hprintf_fd);
   void (*nyx_config_set_process_role)(void *config, enum NyxProcessRole role);
-  void (*nyx_config_set_reuse_snapshot_path)(void *config, const char *reuse_snapshot_path);
+  void (*nyx_config_set_reuse_snapshot_path)(void       *config,
+                                             const char *reuse_snapshot_path);
 
   void *(*nyx_new)(void *config, uint32_t worker_id);
   void (*nyx_shutdown)(void *qemu_process);

src/afl-analyze.c

@@ -815,7 +815,7 @@ int main(int argc, char **argv_orig, char **envp) {
 
   afl_fsrv_init(&fsrv);
 
-  while ((opt = getopt(argc, argv, "+i:f:m:t:eAOQUWXh")) > 0) {
+  while ((opt = getopt(argc, argv, "+i:f:m:t:eAOQUWXYh")) > 0) {
 
     switch (opt) {
 
@@ -967,6 +967,7 @@ int main(int argc, char **argv_orig, char **envp) {
 
         break;
 
+      case 'Y':  // fallthough
 #ifdef __linux__
       case 'X':                                                 /* NYX mode */
 
@@ -1016,11 +1017,15 @@ int main(int argc, char **argv_orig, char **envp) {
 
 #ifdef __linux__
   if (!fsrv.nyx_mode) {
+
     fsrv.target_path = find_binary(argv[optind]);
-  }
+
-  else{
+  } else {
+
     fsrv.target_path = ck_strdup(argv[optind]);
+
   }
+
 #else
   fsrv.target_path = find_binary(argv[optind]);
 #endif
@@ -1048,6 +1053,7 @@ int main(int argc, char **argv_orig, char **envp) {
     use_argv = get_cs_argv(argv[0], &target_path, argc - optind, argv + optind);
 
 #ifdef __linux__
+
   } else if (fsrv.nyx_mode) {
 
     fsrv.nyx_id = 0;
@@ -1055,7 +1061,9 @@ int main(int argc, char **argv_orig, char **envp) {
     u8 *libnyx_binary = find_afl_binary(argv[0], "libnyx.so");
     fsrv.nyx_handlers = afl_load_libnyx_plugin(libnyx_binary);
     if (fsrv.nyx_handlers == NULL) {
+
       FATAL("failed to initialize libnyx.so...");
+
     }
 
     fsrv.nyx_use_tmp_workdir = true;
@@ -1090,9 +1098,7 @@ int main(int argc, char **argv_orig, char **envp) {
 
   read_initial_file();
 #ifdef __linux__
-  if(!fsrv.nyx_mode){
+  if (!fsrv.nyx_mode) { (void)check_binary_signatures(fsrv.target_path); }
-    (void)check_binary_signatures(fsrv.target_path);
-  }
 #else
   (void)check_binary_signatures(fsrv.target_path);
 #endif
@@ -1119,7 +1125,6 @@ int main(int argc, char **argv_orig, char **envp) {
 
   OKF("We're done here. Have a nice day!\n");
 
-
   afl_shm_deinit(&shm);
   afl_fsrv_deinit(&fsrv);
   if (fsrv.target_path) { ck_free(fsrv.target_path); }

src/afl-common.c

@@ -1371,30 +1371,40 @@ char* create_nyx_tmp_workdir(void) {
 
   if (!tmpdir) { tmpdir = "/tmp"; }
 
-  char* nyx_out_dir_path = alloc_printf("%s/.nyx_tmp_%d/", tmpdir, (u32)getpid());
+  char *nyx_out_dir_path =
+      alloc_printf("%s/.nyx_tmp_%d/", tmpdir, (u32)getpid());
 
-  if (mkdir(nyx_out_dir_path, 0700)) { 
+  if (mkdir(nyx_out_dir_path, 0700)) { PFATAL("Unable to create nyx workdir"); }
-    PFATAL("Unable to create nyx workdir"); 
-  }
 
   return nyx_out_dir_path;
+
 }
 
 /* Vice versa, we remove the tmp workdir for nyx with this helper function. */
 void remove_nyx_tmp_workdir(afl_forkserver_t *fsrv, char *nyx_out_dir_path) {
+
   char *workdir_path = alloc_printf("%s/workdir", nyx_out_dir_path);
 
   if (access(workdir_path, R_OK) == 0) {
+
     if (fsrv->nyx_handlers->nyx_remove_work_dir(workdir_path) != true) {
+
       WARNF("Unable to remove nyx workdir (%s)", workdir_path);
+
     }
+
   }
 
   if (rmdir(nyx_out_dir_path)) {
+
     WARNF("Unable to remove nyx workdir (%s)", nyx_out_dir_path);
+
   }
 
   ck_free(workdir_path);
   ck_free(nyx_out_dir_path);
+
 }
+
 #endif
+

src/afl-forkserver.c

@@ -66,22 +66,32 @@ nyx_plugin_handler_t *afl_load_libnyx_plugin(u8 *libnyx_binary) {
   plugin->nyx_config_load = dlsym(handle, "nyx_config_load");
   if (plugin->nyx_config_load == NULL) { goto fail; }
 
-  plugin->nyx_config_set_workdir_path = dlsym(handle, "nyx_config_set_workdir_path");
+  plugin->nyx_config_set_workdir_path =
+      dlsym(handle, "nyx_config_set_workdir_path");
   if (plugin->nyx_config_set_workdir_path == NULL) { goto fail; }
 
-  plugin->nyx_config_set_input_buffer_size = dlsym(handle, "nyx_config_set_input_buffer_size");
+  plugin->nyx_config_set_input_buffer_size =
+      dlsym(handle, "nyx_config_set_input_buffer_size");
   if (plugin->nyx_config_set_input_buffer_size == NULL) { goto fail; }
 
-  plugin->nyx_config_set_input_buffer_write_protection = dlsym(handle, "nyx_config_set_input_buffer_write_protection");
+  plugin->nyx_config_set_input_buffer_write_protection =
-  if (plugin->nyx_config_set_input_buffer_write_protection == NULL) { goto fail; }
+      dlsym(handle, "nyx_config_set_input_buffer_write_protection");
+  if (plugin->nyx_config_set_input_buffer_write_protection == NULL) {
 
-  plugin->nyx_config_set_hprintf_fd = dlsym(handle, "nyx_config_set_hprintf_fd");
+    goto fail;
+
+  }
+
+  plugin->nyx_config_set_hprintf_fd =
+      dlsym(handle, "nyx_config_set_hprintf_fd");
   if (plugin->nyx_config_set_hprintf_fd == NULL) { goto fail; }
 
-  plugin->nyx_config_set_process_role = dlsym(handle, "nyx_config_set_process_role");
+  plugin->nyx_config_set_process_role =
+      dlsym(handle, "nyx_config_set_process_role");
   if (plugin->nyx_config_set_process_role == NULL) { goto fail; }
 
-  plugin->nyx_config_set_reuse_snapshot_path = dlsym(handle, "nyx_config_set_reuse_snapshot_path");
+  plugin->nyx_config_set_reuse_snapshot_path =
+      dlsym(handle, "nyx_config_set_reuse_snapshot_path");
   if (plugin->nyx_config_set_reuse_snapshot_path == NULL) { goto fail; }
 
   plugin->nyx_new = dlsym(handle, "nyx_new");
@@ -119,7 +129,6 @@ nyx_plugin_handler_t *afl_load_libnyx_plugin(u8 *libnyx_binary) {
   plugin->nyx_remove_work_dir = dlsym(handle, "nyx_remove_work_dir");
   if (plugin->nyx_remove_work_dir == NULL) { goto fail; }
 
-
   OKF("libnyx plugin is ready!");
   return plugin;
 
@@ -132,22 +141,27 @@ fail:
 }
 
 void afl_nyx_runner_kill(afl_forkserver_t *fsrv) {
+
   if (fsrv->nyx_mode) {
 
-    if (fsrv->nyx_aux_string){
+    if (fsrv->nyx_aux_string) { ck_free(fsrv->nyx_aux_string); }
-      ck_free(fsrv->nyx_aux_string);
-    }
 
     /* check if we actually got a valid nyx runner */
     if (fsrv->nyx_runner) {
+
       fsrv->nyx_handlers->nyx_shutdown(fsrv->nyx_runner);
+
     }
 
     /* if we have use a tmp work dir we need to remove it */
     if (fsrv->nyx_use_tmp_workdir && fsrv->nyx_tmp_workdir_path) {
+
       remove_nyx_tmp_workdir(fsrv, fsrv->nyx_tmp_workdir_path);
+
     }
+
   }
+
 }
 
   /* Wrapper for FATAL() that kills the nyx runner (and removes all created tmp
@@ -155,8 +169,10 @@ void afl_nyx_runner_kill(afl_forkserver_t *fsrv){
    * an atexit() handler. */
   #define NYX_PRE_FATAL(fsrv, x...) \
     do {                            \
+                                    \
       afl_nyx_runner_kill(fsrv);    \
       FATAL(x);                     \
+                                    \
     } while (0)
 
 #endif
@@ -512,69 +528,115 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
     if (!be_quiet) { ACTF("Spinning up the NYX backend..."); }
 
     if (fsrv->nyx_use_tmp_workdir) {
+
       fsrv->nyx_tmp_workdir_path = create_nyx_tmp_workdir();
       fsrv->out_dir_path = fsrv->nyx_tmp_workdir_path;
+
     } else {
-      if (fsrv->out_dir_path == NULL) { NYX_PRE_FATAL(fsrv, "Nyx workdir path not found..."); }
+
+      if (fsrv->out_dir_path == NULL) {
+
+        NYX_PRE_FATAL(fsrv, "Nyx workdir path not found...");
+
+      }
+
     }
 
     /* libnyx expects an absolute path */
     char *outdir_path_absolute = realpath(fsrv->out_dir_path, NULL);
-    if (outdir_path_absolute == NULL) { NYX_PRE_FATAL(fsrv, "Nyx workdir path cannot be resolved ..."); }
+    if (outdir_path_absolute == NULL) {
+
+      NYX_PRE_FATAL(fsrv, "Nyx workdir path cannot be resolved ...");
+
+    }
 
     char *workdir_path = alloc_printf("%s/workdir", outdir_path_absolute);
 
-    if (fsrv->nyx_id == 0xFFFFFFFF) {NYX_PRE_FATAL(fsrv, "Nyx ID is not set..."); }
+    if (fsrv->nyx_id == 0xFFFFFFFF) {
+
+      NYX_PRE_FATAL(fsrv, "Nyx ID is not set...");
+
+    }
 
     if (fsrv->nyx_bind_cpu_id == 0xFFFFFFFF) {
+
       NYX_PRE_FATAL(fsrv, "Nyx CPU ID is not set...");
+
     }
 
     void *nyx_config = fsrv->nyx_handlers->nyx_config_load(fsrv->target_path);
 
     fsrv->nyx_handlers->nyx_config_set_workdir_path(nyx_config, workdir_path);
     fsrv->nyx_handlers->nyx_config_set_input_buffer_size(nyx_config, MAX_FILE);
-    fsrv->nyx_handlers->nyx_config_set_input_buffer_write_protection(nyx_config, true);
+    fsrv->nyx_handlers->nyx_config_set_input_buffer_write_protection(nyx_config,
+                                                                     true);
 
     if (fsrv->nyx_standalone) {
+
       fsrv->nyx_handlers->nyx_config_set_process_role(nyx_config, StandAlone);
+
     } else {
+
       if (fsrv->nyx_parent) {
+
         fsrv->nyx_handlers->nyx_config_set_process_role(nyx_config, Parent);
+
       } else {
+
         fsrv->nyx_handlers->nyx_config_set_process_role(nyx_config, Child);
+
       }
+
     }
 
     if (getenv("NYX_REUSE_SNAPSHOT") != NULL) {
 
       if (access(getenv("NYX_REUSE_SNAPSHOT"), F_OK) == -1) {
+
         NYX_PRE_FATAL(fsrv, "NYX_REUSE_SNAPSHOT path does not exist");
+
       }
 
-      /* stupid sanity check to avoid passing an empty or invalid snapshot directory */
+      /* stupid sanity check to avoid passing an empty or invalid snapshot
-      char* snapshot_file_path = alloc_printf("%s/global.state", getenv("NYX_REUSE_SNAPSHOT"));
+       * directory */
+      char *snapshot_file_path =
+          alloc_printf("%s/global.state", getenv("NYX_REUSE_SNAPSHOT"));
       if (access(snapshot_file_path, R_OK) == -1) {
-        NYX_PRE_FATAL(fsrv, "NYX_REUSE_SNAPSHOT path does not contain a valid Nyx snapshot");
+
+        NYX_PRE_FATAL(
+            fsrv,
+            "NYX_REUSE_SNAPSHOT path does not contain a valid Nyx snapshot");
+
       }
+
       ck_free(snapshot_file_path);
 
       /* another sanity check to avoid passing a snapshot directory that is
-       * located in the current workdir (the workdir will be wiped by libnyx on startup) */
+       * located in the current workdir (the workdir will be wiped by libnyx on
-      char* workdir_snapshot_path = alloc_printf("%s/workdir/snapshot", outdir_path_absolute);
+       * startup) */
-      char* reuse_snapshot_path_real = realpath(getenv("NYX_REUSE_SNAPSHOT"), NULL);
+      char *workdir_snapshot_path =
+          alloc_printf("%s/workdir/snapshot", outdir_path_absolute);
+      char *reuse_snapshot_path_real =
+          realpath(getenv("NYX_REUSE_SNAPSHOT"), NULL);
 
       if (strcmp(workdir_snapshot_path, reuse_snapshot_path_real) == 0) {
-        NYX_PRE_FATAL(fsrv, "NYX_REUSE_SNAPSHOT path is located in current workdir (use another output directory)");
+
+        NYX_PRE_FATAL(fsrv,
+                      "NYX_REUSE_SNAPSHOT path is located in current workdir "
+                      "(use another output directory)");
+
       }
 
       ck_free(reuse_snapshot_path_real);
       ck_free(workdir_snapshot_path);
 
-      fsrv->nyx_handlers->nyx_config_set_reuse_snapshot_path(nyx_config, getenv("NYX_REUSE_SNAPSHOT"));
+      fsrv->nyx_handlers->nyx_config_set_reuse_snapshot_path(
+          nyx_config, getenv("NYX_REUSE_SNAPSHOT"));
+
     }
 
-    fsrv->nyx_runner = fsrv->nyx_handlers->nyx_new(nyx_config, fsrv->nyx_bind_cpu_id);
+    fsrv->nyx_runner =
+        fsrv->nyx_handlers->nyx_new(nyx_config, fsrv->nyx_bind_cpu_id);
 
     ck_free(workdir_path);
     ck_free(outdir_path_absolute);
@@ -621,7 +683,8 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
     /* autodict in Nyx mode */
     if (!ignore_autodict) {
 
-      char* x = alloc_printf("%s/workdir/dump/afl_autodict.txt", fsrv->out_dir_path);
+      char *x =
+          alloc_printf("%s/workdir/dump/afl_autodict.txt", fsrv->out_dir_path);
       int nyx_autodict_fd = open(x, O_RDONLY);
       ck_free(x);
 
@@ -634,7 +697,8 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
           u8 *dict = ck_alloc(f_len);
           if (dict == NULL) {
 
-            NYX_PRE_FATAL(fsrv, "Could not allocate %u bytes of autodictionary memory",
+            NYX_PRE_FATAL(
+                fsrv, "Could not allocate %u bytes of autodictionary memory",
                 f_len);
 
           }
@@ -652,7 +716,8 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
 
             } else {
 
-              NYX_PRE_FATAL(fsrv, 
+              NYX_PRE_FATAL(
+                  fsrv,
                   "Reading autodictionary fail at position %u with %u bytes "
                   "left.",
                   offset, len);

src/afl-showmap.c

@@ -444,8 +444,11 @@ static void showmap_run_target_nyx_mode(afl_forkserver_t *fsrv) {
       FSRV_RUN_ERROR) {
 
     FATAL("Error running target in Nyx mode");
+
   }
+
 }
+
 #endif
 
 /* Execute target application. */
@@ -890,7 +893,7 @@ int main(int argc, char **argv_orig, char **envp) {
 
   if (getenv("AFL_QUIET") != NULL) { be_quiet = true; }
 
-  while ((opt = getopt(argc, argv, "+i:o:f:m:t:AeqCZOH:QUWbcrshX")) > 0) {
+  while ((opt = getopt(argc, argv, "+i:o:f:m:t:AeqCZOH:QUWbcrshXY")) > 0) {
 
     switch (opt) {
 
@@ -1078,6 +1081,7 @@ int main(int argc, char **argv_orig, char **envp) {
 
         break;
 
+      case 'Y':  // fallthough
 #ifdef __linux__
       case 'X':                                                 /* NYX mode */
 
@@ -1167,11 +1171,15 @@ int main(int argc, char **argv_orig, char **envp) {
 
 #ifdef __linux__
   if (!fsrv->nyx_mode) {
+
     fsrv->target_path = find_binary(argv[optind]);
-  }
+
-  else{
+  } else {
+
     fsrv->target_path = ck_strdup(argv[optind]);
+
   }
+
 #else
   fsrv->target_path = find_binary(argv[optind]);
 #endif
@@ -1232,6 +1240,7 @@ int main(int argc, char **argv_orig, char **envp) {
         get_cs_argv(argv[0], &fsrv->target_path, argc - optind, argv + optind);
 
 #ifdef __linux__
+
   } else if (fsrv->nyx_mode) {
 
     use_argv = ck_alloc(sizeof(char *) * (1));
@@ -1289,8 +1298,11 @@ int main(int argc, char **argv_orig, char **envp) {
 
 #ifdef __linux__
   if (!fsrv->nyx_mode && in_dir) {
+
     (void)check_binary_signatures(fsrv->target_path);
+
   }
+
 #else
   if (in_dir) { (void)check_binary_signatures(fsrv->target_path); }
 #endif
@@ -1313,8 +1325,8 @@ int main(int argc, char **argv_orig, char **envp) {
   fsrv->shmem_fuzz_len = (u32 *)map;
   fsrv->shmem_fuzz = map + sizeof(u32);
 
-  configure_afl_kill_signals(
+  configure_afl_kill_signals(fsrv, NULL, NULL,
-      fsrv, NULL, NULL, (fsrv->qemu_mode || unicorn_mode 
+                             (fsrv->qemu_mode || unicorn_mode
 #ifdef __linux__
                               || fsrv->nyx_mode
 #endif
@@ -1465,12 +1477,17 @@ int main(int argc, char **argv_orig, char **envp) {
 
 #ifdef __linux__
     if (!fsrv->nyx_mode) {
+
 #endif
       showmap_run_target(fsrv, use_argv);
 #ifdef __linux__
+
     } else {
+
       showmap_run_target_nyx_mode(fsrv);
+
     }
+
 #endif
     tcnt = write_results_to_file(fsrv, out_file);
     if (!quiet_mode) {
@@ -1522,7 +1539,6 @@ int main(int argc, char **argv_orig, char **envp) {
 
   if (fsrv->target_path) { ck_free(fsrv->target_path); }
 
-
   afl_fsrv_deinit(fsrv);
 
   if (stdin_file) { ck_free(stdin_file); }

src/afl-tmin.c

@@ -846,7 +846,7 @@ int main(int argc, char **argv_orig, char **envp) {
 
   SAYF(cCYA "afl-tmin" VERSION cRST " by Michal Zalewski\n");
 
-  while ((opt = getopt(argc, argv, "+i:o:f:m:t:B:xeAOQUWXHh")) > 0) {
+  while ((opt = getopt(argc, argv, "+i:o:f:m:t:B:xeAOQUWXYHh")) > 0) {
 
     switch (opt) {
 
@@ -1004,6 +1004,7 @@ int main(int argc, char **argv_orig, char **envp) {
 
         break;
 
+      case 'Y':  // fallthough
 #ifdef __linux__
       case 'X':                                                 /* NYX mode */
 
@@ -1087,11 +1088,15 @@ int main(int argc, char **argv_orig, char **envp) {
 
 #ifdef __linux__
   if (!fsrv->nyx_mode) {
+
     fsrv->target_path = find_binary(argv[optind]);
-  }
+
-  else{
+  } else {
+
     fsrv->target_path = ck_strdup(argv[optind]);
+
   }
+
 #else
   fsrv->target_path = find_binary(argv[optind]);
 #endif
@@ -1120,6 +1125,7 @@ int main(int argc, char **argv_orig, char **envp) {
         get_cs_argv(argv[0], &fsrv->target_path, argc - optind, argv + optind);
 
 #ifdef __linux__
+
   } else if (fsrv->nyx_mode) {
 
     fsrv->nyx_id = 0;
@@ -1127,7 +1133,9 @@ int main(int argc, char **argv_orig, char **envp) {
     u8 *libnyx_binary = find_afl_binary(argv[0], "libnyx.so");
     fsrv->nyx_handlers = afl_load_libnyx_plugin(libnyx_binary);
     if (fsrv->nyx_handlers == NULL) {
+
       FATAL("failed to initialize libnyx.so...");
+
     }
 
     fsrv->nyx_use_tmp_workdir = true;
@@ -1207,9 +1215,7 @@ int main(int argc, char **argv_orig, char **envp) {
   read_initial_file();
 
 #ifdef __linux__
-  if(!fsrv->nyx_mode){
+  if (!fsrv->nyx_mode) { (void)check_binary_signatures(fsrv->target_path); }
-    (void)check_binary_signatures(fsrv->target_path);
-  }
 #else
   (void)check_binary_signatures(fsrv->target_path);
 #endif
@@ -1316,7 +1322,6 @@ int main(int argc, char **argv_orig, char **envp) {
 
   OKF("We're done here. Have a nice day!\n");
 
-
   remove_shm = 0;
   afl_shm_deinit(&shm);
   if (fsrv->use_shmem_fuzz) shm_fuzz = deinit_shmem(fsrv, shm_fuzz);

utils/aflpp_driver/aflpp_driver.c

@@ -276,6 +276,7 @@ __attribute__((weak)) int main(int argc, char **argv) {
       abort();
 
     }
+
   */
 
   if (argc < 2 || strncmp(argv[1], "-h", 2) == 0)