mirror of
https://github.com/AFLplusplus/AFLplusplus.git
synced 2025-06-15 11:28:08 +00:00
code format
This commit is contained in:
van Hauser
@ -691,17 +691,26 @@ static void __afl_start_forkserver(void) {
|
|||||||
|
|
||||||
void (*old_sigchld_handler)(int) = 0; // = signal(SIGCHLD, SIG_DFL);
|
void (*old_sigchld_handler)(int) = 0; // = signal(SIGCHLD, SIG_DFL);
|
||||||
|
|
||||||
if (__afl_map_size <= FS_OPT_MAX_MAPSIZE)
|
if (__afl_map_size <= FS_OPT_MAX_MAPSIZE) {
|
||||||
|
|
||||||
status_for_fsrv |= (FS_OPT_SET_MAPSIZE(__afl_map_size) | FS_OPT_MAPSIZE);
|
status_for_fsrv |= (FS_OPT_SET_MAPSIZE(__afl_map_size) | FS_OPT_MAPSIZE);
|
||||||
if (__afl_dictionary_len && __afl_dictionary) status_for_fsrv |= FS_OPT_AUTODICT;
|
|
||||||
if (__afl_sharedmem_fuzzing != 0) status_for_fsrv |= FS_OPT_SHDMEM_FUZZ;
|
}
|
||||||
if (status_for_fsrv) status_for_fsrv |= (FS_OPT_ENABLED);
|
|
||||||
|
if (__afl_dictionary_len && __afl_dictionary) {
|
||||||
|
|
||||||
|
status_for_fsrv |= FS_OPT_AUTODICT;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
if (__afl_sharedmem_fuzzing != 0) { status_for_fsrv |= FS_OPT_SHDMEM_FUZZ; }
|
||||||
|
if (status_for_fsrv) { status_for_fsrv |= (FS_OPT_ENABLED); }
|
||||||
memcpy(tmp, &status_for_fsrv, 4);
|
memcpy(tmp, &status_for_fsrv, 4);
|
||||||
|
|
||||||
/* Phone home and tell the parent that we're OK. If parent isn't there,
|
/* Phone home and tell the parent that we're OK. If parent isn't there,
|
||||||
assume we're not running in forkserver mode and just execute program. */
|
assume we're not running in forkserver mode and just execute program. */
|
||||||
|
|
||||||
if (write(FORKSRV_FD + 1, tmp, 4) != 4) return;
|
if (write(FORKSRV_FD + 1, tmp, 4) != 4) { return; }
|
||||||
|
|
||||||
if (__afl_sharedmem_fuzzing || (__afl_dictionary_len && __afl_dictionary)) {
|
if (__afl_sharedmem_fuzzing || (__afl_dictionary_len && __afl_dictionary)) {
|
||||||
|
|
||||||
|
|||||||
@ -100,9 +100,9 @@ class AFLLTOPass : public ModulePass {
|
|||||||
|
|
||||||
bool AFLLTOPass::runOnModule(Module &M) {
|
bool AFLLTOPass::runOnModule(Module &M) {
|
||||||
|
|
||||||
LLVMContext & C = M.getContext();
|
LLVMContext & C = M.getContext();
|
||||||
std::vector<std::string> dictionary;
|
std::vector<std::string> dictionary;
|
||||||
// std::vector<CallInst *> calls;
|
// std::vector<CallInst *> calls;
|
||||||
DenseMap<Value *, std::string *> valueMap;
|
DenseMap<Value *, std::string *> valueMap;
|
||||||
std::vector<BasicBlock *> BlockList;
|
std::vector<BasicBlock *> BlockList;
|
||||||
char * ptr;
|
char * ptr;
|
||||||
|
|||||||
@ -234,9 +234,9 @@ bool CmpLogInstructions::hookInstrs(Module &M) {
|
|||||||
auto ty0 = op0->getType();
|
auto ty0 = op0->getType();
|
||||||
if (ty0->isHalfTy()
|
if (ty0->isHalfTy()
|
||||||
#if LLVM_VERSION_MAJOR >= 11
|
#if LLVM_VERSION_MAJOR >= 11
|
||||||
|| ty0->isBFloatTy()
|
|| ty0->isBFloatTy()
|
||||||
#endif
|
#endif
|
||||||
)
|
)
|
||||||
max_size = 16;
|
max_size = 16;
|
||||||
else if (ty0->isFloatTy())
|
else if (ty0->isFloatTy())
|
||||||
max_size = 32;
|
max_size = 32;
|
||||||
@ -253,15 +253,15 @@ bool CmpLogInstructions::hookInstrs(Module &M) {
|
|||||||
if (intTyOp0 && intTyOp1) {
|
if (intTyOp0 && intTyOp1) {
|
||||||
|
|
||||||
max_size = intTyOp0->getBitWidth() > intTyOp1->getBitWidth()
|
max_size = intTyOp0->getBitWidth() > intTyOp1->getBitWidth()
|
||||||
? intTyOp0->getBitWidth()
|
? intTyOp0->getBitWidth()
|
||||||
: intTyOp1->getBitWidth();
|
: intTyOp1->getBitWidth();
|
||||||
args.push_back(V0);
|
args.push_back(V0);
|
||||||
args.push_back(V1);
|
args.push_back(V1);
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
max_size = 0;
|
max_size = 0;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -68,7 +68,7 @@ class CompareTransform : public ModulePass {
|
|||||||
const char *getPassName() const override {
|
const char *getPassName() const override {
|
||||||
|
|
||||||
#else
|
#else
|
||||||
StringRef getPassName() const override {
|
StringRef getPassName() const override {
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
return "transforms compare functions";
|
return "transforms compare functions";
|
||||||
@ -106,23 +106,26 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp,
|
|||||||
FunctionCallee tolowerFn;
|
FunctionCallee tolowerFn;
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
|
|
||||||
#if LLVM_VERSION_MAJOR < 9
|
#if LLVM_VERSION_MAJOR < 9
|
||||||
Constant *
|
Constant *
|
||||||
#else
|
#else
|
||||||
FunctionCallee
|
FunctionCallee
|
||||||
#endif
|
#endif
|
||||||
c = M.getOrInsertFunction("tolower", Int32Ty, Int32Ty
|
c = M.getOrInsertFunction("tolower", Int32Ty, Int32Ty
|
||||||
#if LLVM_VERSION_MAJOR < 5
|
#if LLVM_VERSION_MAJOR < 5
|
||||||
,
|
,
|
||||||
NULL
|
NULL
|
||||||
#endif
|
#endif
|
||||||
);
|
);
|
||||||
#if LLVM_VERSION_MAJOR < 9
|
#if LLVM_VERSION_MAJOR < 9
|
||||||
tolowerFn = cast<Function>(c);
|
tolowerFn = cast<Function>(c);
|
||||||
#else
|
#else
|
||||||
tolowerFn = c;
|
tolowerFn = c;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* iterate over all functions, bbs and instruction and add suitable calls to
|
/* iterate over all functions, bbs and instruction and add suitable calls to
|
||||||
* strcmp/memcmp/strncmp/strcasecmp/strncasecmp */
|
* strcmp/memcmp/strncmp/strcasecmp/strncasecmp */
|
||||||
for (auto &F : M) {
|
for (auto &F : M) {
|
||||||
|
|||||||
15
src/afl-cc.c
15
src/afl-cc.c
@ -121,9 +121,12 @@ char compiler_mode_string[7][12] = {
|
|||||||
u8 *getthecwd() {
|
u8 *getthecwd() {
|
||||||
|
|
||||||
if (getcwd(cwd, sizeof(cwd)) == NULL) {
|
if (getcwd(cwd, sizeof(cwd)) == NULL) {
|
||||||
|
|
||||||
static u8 fail[] = "";
|
static u8 fail[] = "";
|
||||||
return fail;
|
return fail;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return cwd;
|
return cwd;
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -1451,11 +1454,11 @@ int main(int argc, char **argv, char **envp) {
|
|||||||
"of afl-cc.\n\n");
|
"of afl-cc.\n\n");
|
||||||
|
|
||||||
#if LLVM_MAJOR > 10 || (LLVM_MAJOR == 10 && LLVM_MINOR > 0)
|
#if LLVM_MAJOR > 10 || (LLVM_MAJOR == 10 && LLVM_MINOR > 0)
|
||||||
#define NATIVE_MSG \
|
#define NATIVE_MSG \
|
||||||
" NATIVE: use llvm's native PCGUARD instrumentation (less " \
|
" NATIVE: use llvm's native PCGUARD instrumentation (less " \
|
||||||
"performant)\n"
|
"performant)\n"
|
||||||
#else
|
#else
|
||||||
#define NATIVE_MSG ""
|
#define NATIVE_MSG ""
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
SAYF(
|
SAYF(
|
||||||
@ -1463,7 +1466,7 @@ int main(int argc, char **argv, char **envp) {
|
|||||||
"available)\n"
|
"available)\n"
|
||||||
" PCGUARD: Dominator tree instrumentation (best!) (README.llvm.md)\n"
|
" PCGUARD: Dominator tree instrumentation (best!) (README.llvm.md)\n"
|
||||||
|
|
||||||
NATIVE_MSG
|
NATIVE_MSG
|
||||||
|
|
||||||
" CLASSIC: decision target instrumentation (README.llvm.md)\n"
|
" CLASSIC: decision target instrumentation (README.llvm.md)\n"
|
||||||
" CTX: CLASSIC + callee context (instrumentation/README.ctx.md)\n"
|
" CTX: CLASSIC + callee context (instrumentation/README.ctx.md)\n"
|
||||||
@ -1635,7 +1638,7 @@ int main(int argc, char **argv, char **envp) {
|
|||||||
if (!instrument_mode) {
|
if (!instrument_mode) {
|
||||||
|
|
||||||
instrument_mode = INSTRUMENT_CFG;
|
instrument_mode = INSTRUMENT_CFG;
|
||||||
//ptr = instrument_mode_string[instrument_mode];
|
// ptr = instrument_mode_string[instrument_mode];
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -703,7 +703,7 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
|
|||||||
if (!classified) {
|
if (!classified) {
|
||||||
|
|
||||||
classify_counts(&afl->fsrv);
|
classify_counts(&afl->fsrv);
|
||||||
// classified = 1;
|
// classified = 1;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -450,7 +450,7 @@ void add_extra(afl_state_t *afl, u8 *mem, u32 len) {
|
|||||||
|
|
||||||
if (len > MAX_DICT_FILE) {
|
if (len > MAX_DICT_FILE) {
|
||||||
|
|
||||||
u8 val_bufs[2][STRINGIFY_VAL_SIZE_MAX];
|
u8 val_bufs[2][STRINGIFY_VAL_SIZE_MAX];
|
||||||
WARNF("Extra '%.*s' is too big (%s, limit is %s), skipping file!", (int)len,
|
WARNF("Extra '%.*s' is too big (%s, limit is %s), skipping file!", (int)len,
|
||||||
mem, stringify_mem_size(val_bufs[0], sizeof(val_bufs[0]), len),
|
mem, stringify_mem_size(val_bufs[0], sizeof(val_bufs[0]), len),
|
||||||
stringify_mem_size(val_bufs[1], sizeof(val_bufs[1]), MAX_DICT_FILE));
|
stringify_mem_size(val_bufs[1], sizeof(val_bufs[1]), MAX_DICT_FILE));
|
||||||
|
|||||||
@ -324,7 +324,7 @@ u8 trim_case_custom(afl_state_t *afl, struct queue_entry *q, u8 *in_buf,
|
|||||||
} else {
|
} else {
|
||||||
|
|
||||||
afl->stage_max = retval;
|
afl->stage_max = retval;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (afl->not_on_tty && afl->debug) {
|
if (afl->not_on_tty && afl->debug) {
|
||||||
|
|||||||
@ -489,7 +489,7 @@ void add_to_queue(afl_state_t *afl, u8 *fname, u32 len, u8 passed_det) {
|
|||||||
|
|
||||||
void destroy_queue(afl_state_t *afl) {
|
void destroy_queue(afl_state_t *afl) {
|
||||||
|
|
||||||
u32 i;
|
u32 i;
|
||||||
|
|
||||||
for (i = 0; i < afl->queued_paths; i++) {
|
for (i = 0; i < afl->queued_paths; i++) {
|
||||||
|
|
||||||
|
|||||||
@ -446,7 +446,8 @@ static void try_to_add_to_dict(afl_state_t *afl, u64 v, u8 shape) {
|
|||||||
u32 k;
|
u32 k;
|
||||||
u8 cons_ff = 0, cons_0 = 0;
|
u8 cons_ff = 0, cons_0 = 0;
|
||||||
|
|
||||||
if (shape > sizeof(v)) FATAL("shape is greater than %zu, please report!", sizeof(v));
|
if (shape > sizeof(v))
|
||||||
|
FATAL("shape is greater than %zu, please report!", sizeof(v));
|
||||||
|
|
||||||
for (k = 0; k < shape; ++k) {
|
for (k = 0; k < shape; ++k) {
|
||||||
|
|
||||||
@ -670,8 +671,8 @@ static u8 rtn_fuzz(afl_state_t *afl, u32 key, u8 *orig_buf, u8 *buf, u32 len) {
|
|||||||
|
|
||||||
u8 status = 0;
|
u8 status = 0;
|
||||||
// opt not in the paper
|
// opt not in the paper
|
||||||
// u32 fails = 0;
|
// u32 fails = 0;
|
||||||
u8 found_one = 0;
|
u8 found_one = 0;
|
||||||
|
|
||||||
for (i = 0; i < loggeds; ++i) {
|
for (i = 0; i < loggeds; ++i) {
|
||||||
|
|
||||||
|
|||||||
@ -682,7 +682,7 @@ void sync_fuzzers(afl_state_t *afl) {
|
|||||||
// same time. If so, the first temporary main node running again will demote
|
// same time. If so, the first temporary main node running again will demote
|
||||||
// themselves so this is not an issue
|
// themselves so this is not an issue
|
||||||
|
|
||||||
// u8 path2[PATH_MAX];
|
// u8 path2[PATH_MAX];
|
||||||
afl->is_main_node = 1;
|
afl->is_main_node = 1;
|
||||||
sprintf(path, "%s/is_main_node", afl->out_dir);
|
sprintf(path, "%s/is_main_node", afl->out_dir);
|
||||||
int fd = open(path, O_CREAT | O_RDWR, 0644);
|
int fd = open(path, O_CREAT | O_RDWR, 0644);
|
||||||
|
|||||||
@ -31,7 +31,7 @@
|
|||||||
|
|
||||||
void write_setup_file(afl_state_t *afl, u32 argc, char **argv) {
|
void write_setup_file(afl_state_t *afl, u32 argc, char **argv) {
|
||||||
|
|
||||||
u8 fn[PATH_MAX];
|
u8 fn[PATH_MAX];
|
||||||
snprintf(fn, PATH_MAX, "%s/fuzzer_setup", afl->out_dir);
|
snprintf(fn, PATH_MAX, "%s/fuzzer_setup", afl->out_dir);
|
||||||
FILE *f = create_ffile(fn);
|
FILE *f = create_ffile(fn);
|
||||||
u32 i;
|
u32 i;
|
||||||
|
|||||||
@ -299,7 +299,8 @@ int main(int argc, char **argv_orig, char **envp) {
|
|||||||
|
|
||||||
s32 opt, i, auto_sync = 0 /*, user_set_cache = 0*/;
|
s32 opt, i, auto_sync = 0 /*, user_set_cache = 0*/;
|
||||||
u64 prev_queued = 0;
|
u64 prev_queued = 0;
|
||||||
u32 sync_interval_cnt = 0, seek_to = 0, show_help = 0, map_size = get_map_size();
|
u32 sync_interval_cnt = 0, seek_to = 0, show_help = 0,
|
||||||
|
map_size = get_map_size();
|
||||||
u8 *extras_dir[4];
|
u8 *extras_dir[4];
|
||||||
u8 mem_limit_given = 0, exit_1 = 0, debug = 0,
|
u8 mem_limit_given = 0, exit_1 = 0, debug = 0,
|
||||||
extras_dir_cnt = 0 /*, have_p = 0*/;
|
extras_dir_cnt = 0 /*, have_p = 0*/;
|
||||||
@ -326,7 +327,7 @@ int main(int argc, char **argv_orig, char **envp) {
|
|||||||
|
|
||||||
if (get_afl_env("AFL_DEBUG")) { debug = afl->debug = 1; }
|
if (get_afl_env("AFL_DEBUG")) { debug = afl->debug = 1; }
|
||||||
|
|
||||||
// map_size = get_map_size();
|
// map_size = get_map_size();
|
||||||
afl_state_init(afl, map_size);
|
afl_state_init(afl, map_size);
|
||||||
afl->debug = debug;
|
afl->debug = debug;
|
||||||
afl_fsrv_init(&afl->fsrv);
|
afl_fsrv_init(&afl->fsrv);
|
||||||
|
|||||||
@ -252,8 +252,8 @@ static void edit_params(int argc, char **argv) {
|
|||||||
|
|
||||||
int main(int argc, char **argv) {
|
int main(int argc, char **argv) {
|
||||||
|
|
||||||
s32 pid, i, status;
|
s32 pid, i, status;
|
||||||
// u8 * ptr;
|
// u8 * ptr;
|
||||||
char thecwd[PATH_MAX];
|
char thecwd[PATH_MAX];
|
||||||
|
|
||||||
if (getenv("AFL_LD_CALLER") != NULL) {
|
if (getenv("AFL_LD_CALLER") != NULL) {
|
||||||
|
|||||||
@ -1014,9 +1014,9 @@ int main(int argc, char **argv_orig, char **envp) {
|
|||||||
|
|
||||||
DIR * dir_in, *dir_out = NULL;
|
DIR * dir_in, *dir_out = NULL;
|
||||||
struct dirent *dir_ent;
|
struct dirent *dir_ent;
|
||||||
// int done = 0;
|
// int done = 0;
|
||||||
u8 infile[PATH_MAX], outfile[PATH_MAX];
|
u8 infile[PATH_MAX], outfile[PATH_MAX];
|
||||||
u8 wait_for_gdb = 0;
|
u8 wait_for_gdb = 0;
|
||||||
#if !defined(DT_REG)
|
#if !defined(DT_REG)
|
||||||
struct stat statbuf;
|
struct stat statbuf;
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
Reference in New Issue
Block a user