ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-09 00:31:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1774 from amykweon/dev

Browse Source 
fix bug in SanitizerCoveragePCGUARD
This commit is contained in:
van Hauser 2023-06-20 21:04:21 +03:00 committed by GitHub
commit 68aacc4269
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
instrumentation/SanitizerCoveragePCGUARD.so.cc
View File

@ -892,7 +892,7 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage(
IRB.CreatePointerCast(FunctionGuardArray, IntptrTy), IRB.CreatePointerCast(FunctionGuardArray, IntptrTy),
ConstantInt::get( ConstantInt::get(
IntptrTy, IntptrTy,
(cnt_cov + ++local_selects + AllBlocks.size()) * 4)), (cnt_cov + local_selects++ + AllBlocks.size()) * 4)),
Int32PtrTy); Int32PtrTy);
auto GuardPtr2 = IRB.CreateIntToPtr( auto GuardPtr2 = IRB.CreateIntToPtr(
@ -900,7 +900,7 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage(
IRB.CreatePointerCast(FunctionGuardArray, IntptrTy), IRB.CreatePointerCast(FunctionGuardArray, IntptrTy),
ConstantInt::get( ConstantInt::get(
IntptrTy, IntptrTy,
(cnt_cov + ++local_selects + AllBlocks.size()) * 4)), (cnt_cov + local_selects++ + AllBlocks.size()) * 4)),
Int32PtrTy); Int32PtrTy);
result = IRB.CreateSelect(condition, GuardPtr1, GuardPtr2); result = IRB.CreateSelect(condition, GuardPtr1, GuardPtr2);
@ -937,7 +937,7 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage(
IRB.CreatePointerCast(FunctionGuardArray, IntptrTy), IRB.CreatePointerCast(FunctionGuardArray, IntptrTy),
ConstantInt::get( ConstantInt::get(
IntptrTy, IntptrTy,
(cnt_cov + ++local_selects + AllBlocks.size()) * 4)), (cnt_cov + local_selects++ + AllBlocks.size()) * 4)),
Int32PtrTy); Int32PtrTy);
x = IRB.CreateInsertElement(GuardPtr1, val1, (uint64_t)0); x = IRB.CreateInsertElement(GuardPtr1, val1, (uint64_t)0);
@ -946,7 +946,7 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage(
IRB.CreatePointerCast(FunctionGuardArray, IntptrTy), IRB.CreatePointerCast(FunctionGuardArray, IntptrTy),
ConstantInt::get( ConstantInt::get(
IntptrTy, IntptrTy,
(cnt_cov + ++local_selects + AllBlocks.size()) * 4)), (cnt_cov + local_selects++ + AllBlocks.size()) * 4)),
Int32PtrTy); Int32PtrTy);
y = IRB.CreateInsertElement(GuardPtr2, val2, (uint64_t)0); y = IRB.CreateInsertElement(GuardPtr2, val2, (uint64_t)0);
@ -955,7 +955,7 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage(
val1 = IRB.CreateIntToPtr( val1 = IRB.CreateIntToPtr(
IRB.CreateAdd( IRB.CreateAdd(
IRB.CreatePointerCast(FunctionGuardArray, IntptrTy), IRB.CreatePointerCast(FunctionGuardArray, IntptrTy),
ConstantInt::get(IntptrTy, (cnt_cov + ++local_selects + ConstantInt::get(IntptrTy, (cnt_cov + local_selects++ +
AllBlocks.size()) * AllBlocks.size()) *
4)), 4)),
Int32PtrTy); Int32PtrTy);
@ -964,7 +964,7 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage(
val2 = IRB.CreateIntToPtr( val2 = IRB.CreateIntToPtr(
IRB.CreateAdd( IRB.CreateAdd(
IRB.CreatePointerCast(FunctionGuardArray, IntptrTy), IRB.CreatePointerCast(FunctionGuardArray, IntptrTy),
ConstantInt::get(IntptrTy, (cnt_cov + ++local_selects + ConstantInt::get(IntptrTy, (cnt_cov + local_selects++ +
AllBlocks.size()) * AllBlocks.size()) *
4)), 4)),
Int32PtrTy); Int32PtrTy);