ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-17 12:18:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix not using autodict

Browse Source
This commit is contained in:
vanhauser-thc
2024-02-29 14:31:47 +01:00
parent acc178e5dd
commit 6062668679
4 changed files with 65 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/afl-forkserver.c
View File

@ -724,7 +724,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
} }
/* autodict in Nyx mode */ /* autodict in Nyx mode */
if (!ignore_autodict) { if (!ignore_autodict && fsrv->add_extra_func) {
char *x = char *x =
alloc_printf("%s/workdir/dump/afl_autodict.txt", fsrv->out_dir_path); alloc_printf("%s/workdir/dump/afl_autodict.txt", fsrv->out_dir_path);
@ -1111,7 +1111,8 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
} }
if ((status & FS_NEW_OPT_SHDMEM_FUZZ)) { if ((status & FS_NEW_OPT_SHDMEM_FUZZ) && fsrv->add_extra_func &&
!ignore_autodict) {
if (fsrv->support_shmem_fuzz) { if (fsrv->support_shmem_fuzz) {
@ -1130,6 +1131,8 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
if ((status & FS_NEW_OPT_AUTODICT)) { if ((status & FS_NEW_OPT_AUTODICT)) {
// even if we do not need the dictionary we have to read it
u32 dict_size; u32 dict_size;
if (read(fsrv->fsrv_st_fd, &dict_size, 4) != 4) { if (read(fsrv->fsrv_st_fd, &dict_size, 4) != 4) {
@ -1173,14 +1176,24 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
offset = 0; offset = 0;
while (offset < dict_size && (u8)dict[offset] + offset < dict_size) { while (offset < dict_size && (u8)dict[offset] + offset < dict_size) {
fsrv->add_extra_func(fsrv->afl_ptr, dict + offset + 1, if (!ignore_autodict && fsrv->add_extra_func) {
(u8)dict[offset]);
fsrv->add_extra_func(fsrv->afl_ptr, dict + offset + 1,
(u8)dict[offset]);
count++;
}
offset += (1 + dict[offset]); offset += (1 + dict[offset]);
count++;
} }
if (!be_quiet) { ACTF("Loaded %u autodictionary entries", count); } if (!be_quiet && count) {
ACTF("Loaded %u autodictionary entries", count);
}
ck_free(dict); ck_free(dict);
} }
@ -2067,7 +2080,7 @@ store_persistent_record: {
snprintf(fn, sizeof(fn), persistent_out_fmt, fsrv->persistent_record_dir, snprintf(fn, sizeof(fn), persistent_out_fmt, fsrv->persistent_record_dir,
fsrv->persistent_record_cnt, writecnt++, fsrv->persistent_record_cnt, writecnt++,
afl->file_extension ? "." : "", afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
int fd = open(fn, O_CREAT | O_TRUNC | O_WRONLY, 0644); int fd = open(fn, O_CREAT | O_TRUNC | O_WRONLY, 0644);
if (fd >= 0) { if (fd >= 0) {

35
src/afl-fuzz-bitmap.c
View File

@ -527,19 +527,19 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
#ifndef SIMPLE_FILES #ifndef SIMPLE_FILES
queue_fn = queue_fn = alloc_printf(
alloc_printf("%s/queue/id:%06u,%s%s%s", afl->out_dir, afl->queued_items, "%s/queue/id:%06u,%s%s%s", afl->out_dir, afl->queued_items,
describe_op(afl, new_bits + is_timeout, describe_op(afl, new_bits + is_timeout,
NAME_MAX - strlen("id:000000,")), NAME_MAX - strlen("id:000000,")),
afl->file_extension ? "." : "", afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
#else #else
queue_fn = queue_fn = alloc_printf(
alloc_printf("%s/queue/id_%06u", afl->out_dir, afl->queued_items, "%s/queue/id_%06u", afl->out_dir, afl->queued_items,
afl->file_extension ? "." : "", afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
#endif /* ^!SIMPLE_FILES */ #endif /* ^!SIMPLE_FILES */
fd = open(queue_fn, O_WRONLY | O_CREAT | O_EXCL, DEFAULT_PERMISSION); fd = open(queue_fn, O_WRONLY | O_CREAT | O_EXCL, DEFAULT_PERMISSION);
@ -747,14 +747,13 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
afl->saved_hangs, afl->saved_hangs,
describe_op(afl, 0, NAME_MAX - strlen("id:000000,")), describe_op(afl, 0, NAME_MAX - strlen("id:000000,")),
afl->file_extension ? "." : "", afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
#else #else
snprintf(fn, PATH_MAX, "%s/hangs/id_%06llu%s%s", afl->out_dir, snprintf(fn, PATH_MAX, "%s/hangs/id_%06llu%s%s", afl->out_dir,
afl->saved_hangs, afl->saved_hangs, afl->file_extension ? "." : "",
afl->file_extension ? "." : "", afl->file_extension ? (const char *)afl->file_extension : "");
afl->file_extension ? (const char*)afl->file_extension : "");
#endif /* ^!SIMPLE_FILES */ #endif /* ^!SIMPLE_FILES */
@ -800,18 +799,18 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
#ifndef SIMPLE_FILES #ifndef SIMPLE_FILES
snprintf(fn, PATH_MAX, "%s/crashes/id:%06llu,sig:%02u,%s%s%s", afl->out_dir, snprintf(fn, PATH_MAX, "%s/crashes/id:%06llu,sig:%02u,%s%s%s",
afl->saved_crashes, afl->fsrv.last_kill_signal, afl->out_dir, afl->saved_crashes, afl->fsrv.last_kill_signal,
describe_op(afl, 0, NAME_MAX - strlen("id:000000,sig:00,")), describe_op(afl, 0, NAME_MAX - strlen("id:000000,sig:00,")),
afl->file_extension ? "." : "", afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
#else #else
snprintf(fn, PATH_MAX, "%s/crashes/id_%06llu_%02u%s%s", afl->out_dir, snprintf(fn, PATH_MAX, "%s/crashes/id_%06llu_%02u%s%s", afl->out_dir,
afl->saved_crashes, afl->fsrv.last_kill_signal, afl->saved_crashes, afl->fsrv.last_kill_signal,
afl->file_extension ? "." : "", afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
#endif /* ^!SIMPLE_FILES */ #endif /* ^!SIMPLE_FILES */

8
src/afl-fuzz-extras.c
View File

@ -742,10 +742,10 @@ void save_auto(afl_state_t *afl) {
for (i = 0; i < MIN((u32)USE_AUTO_EXTRAS, afl->a_extras_cnt); ++i) { for (i = 0; i < MIN((u32)USE_AUTO_EXTRAS, afl->a_extras_cnt); ++i) {
u8 *fn = u8 *fn = alloc_printf(
alloc_printf("%s/queue/.state/auto_extras/auto_%06u%s%s", afl->out_dir, i, "%s/queue/.state/auto_extras/auto_%06u%s%s", afl->out_dir, i,
afl->file_extension ? "." : "", afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
s32 fd; s32 fd;

47
src/afl-fuzz-init.c
View File

@ -1157,22 +1157,22 @@ void perform_dry_run(afl_state_t *afl) {
#ifndef SIMPLE_FILES #ifndef SIMPLE_FILES
snprintf(crash_fn, PATH_MAX, "%s/crashes/id:%06llu,sig:%02u,%s%s%s%s", snprintf(
afl->out_dir, afl->saved_crashes, afl->fsrv.last_kill_signal, crash_fn, PATH_MAX, "%s/crashes/id:%06llu,sig:%02u,%s%s%s%s",
describe_op(afl, 0, afl->out_dir, afl->saved_crashes, afl->fsrv.last_kill_signal,
NAME_MAX - strlen("id:000000,sig:00,") - describe_op(
strlen(use_name)), afl, 0,
use_name, NAME_MAX - strlen("id:000000,sig:00,") - strlen(use_name)),
afl->file_extension ? "." : "", use_name, afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
#else #else
snprintf(crash_fn, PATH_MAX, "%s/crashes/id_%06llu_%02u%s%s", snprintf(
afl->out_dir, afl->saved_crashes, crash_fn, PATH_MAX, "%s/crashes/id_%06llu_%02u%s%s", afl->out_dir,
afl->fsrv.last_kill_signal, afl->saved_crashes, afl->fsrv.last_kill_signal,
afl->file_extension ? "." : "", afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
#endif #endif
@ -1443,9 +1443,9 @@ void pivot_inputs(afl_state_t *afl) {
u32 src_id; u32 src_id;
afl->resuming_fuzz = 1; afl->resuming_fuzz = 1;
nfn = alloc_printf("%s/queue/%s%s%s", afl->out_dir, rsl, nfn = alloc_printf(
afl->file_extension ? "." : "", "%s/queue/%s%s%s", afl->out_dir, rsl, afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
/* Since we're at it, let's also get the parent and figure out the /* Since we're at it, let's also get the parent and figure out the
appropriate depth for this entry. */ appropriate depth for this entry. */
@ -1485,16 +1485,17 @@ void pivot_inputs(afl_state_t *afl) {
} }
nfn = alloc_printf("%s/queue/id:%06u,time:0,execs:%llu,orig:%s%s%s", nfn = alloc_printf(
afl->out_dir, id, afl->fsrv.total_execs, use_name, "%s/queue/id:%06u,time:0,execs:%llu,orig:%s%s%s", afl->out_dir, id,
afl->file_extension ? "." : "", afl->fsrv.total_execs, use_name, afl->file_extension ? "." : "",
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? (const char *)afl->file_extension : "");
#else #else
nfn = alloc_printf("%s/queue/id_%06u%s%s", afl->out_dir, id, nfn = alloc_printf(
afl->file_extension ? "." : "", "%s/queue/id_%06u%s%s", afl->out_dir, id,
afl->file_extension ? (const char*)afl->file_extension : ""); afl->file_extension ? "." : "",
afl->file_extension ? (const char *)afl->file_extension : "");
#endif /* ^!SIMPLE_FILES */ #endif /* ^!SIMPLE_FILES */