ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-14 11:08:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

nyx code format

Browse Source
This commit is contained in:
vanhauser-thc
2021-12-28 17:26:54 +01:00
parent f511ebd125
commit 8b8aaa93bd
6 changed files with 229 additions and 179 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
include/forkserver.h
View File

@ -39,6 +39,7 @@
*/ */
typedef enum NyxReturnValue { typedef enum NyxReturnValue {
Normal, Normal,
Crash, Crash,
Asan, Asan,
@ -47,22 +48,23 @@ typedef enum NyxReturnValue {
Error, Error,
IoError, IoError,
Abort, Abort,
} NyxReturnValue; } NyxReturnValue;
typedef struct{ typedef struct {
void* (*nyx_new)(const char *sharedir,
const char *workdir, void *(*nyx_new)(const char *sharedir, const char *workdir,
uint32_t worker_id, uint32_t worker_id, uint32_t cpu_id, bool create_snapshot);
uint32_t cpu_id,
bool create_snapshot);
void (*nyx_shutdown)(void *qemu_process); void (*nyx_shutdown)(void *qemu_process);
void (*nyx_option_set_reload_mode)(void *qemu_process, bool enable); void (*nyx_option_set_reload_mode)(void *qemu_process, bool enable);
void (*nyx_option_set_timeout)(void *qemu_process, uint8_t timeout_sec, uint32_t timeout_usec); void (*nyx_option_set_timeout)(void *qemu_process, uint8_t timeout_sec,
uint32_t timeout_usec);
void (*nyx_option_apply)(void *qemu_process); void (*nyx_option_apply)(void *qemu_process);
void (*nyx_set_afl_input)(void *qemu_process, uint8_t *buffer, uint32_t size); void (*nyx_set_afl_input)(void *qemu_process, uint8_t *buffer, uint32_t size);
enum NyxReturnValue (*nyx_exec)(void *qemu_process); enum NyxReturnValue (*nyx_exec)(void *qemu_process);
uint8_t* (*nyx_get_bitmap_buffer)(void *qemu_process); uint8_t *(*nyx_get_bitmap_buffer)(void *qemu_process);
size_t (*nyx_get_bitmap_buffer_size)(void *qemu_process); size_t (*nyx_get_bitmap_buffer_size)(void *qemu_process);
} nyx_plugin_handler_t; } nyx_plugin_handler_t;
#endif #endif
@ -156,14 +158,14 @@ typedef struct afl_forkserver {
u8 kill_signal; u8 kill_signal;
#ifdef __linux__ #ifdef __linux__
nyx_plugin_handler_t* nyx_handlers; nyx_plugin_handler_t *nyx_handlers;
char *out_dir_path; /* path to the output directory */ char * out_dir_path; /* path to the output directory */
u8 nyx_mode; /* if running in nyx mode or not */ u8 nyx_mode; /* if running in nyx mode or not */
bool nyx_parent; /* create initial snapshot */ bool nyx_parent; /* create initial snapshot */
bool nyx_standalone; /* don't serialize the snapshot */ bool nyx_standalone; /* don't serialize the snapshot */
void* nyx_runner; /* nyx runner object */ void * nyx_runner; /* nyx runner object */
u32 nyx_id; /* nyx runner id (0 -> master) */ u32 nyx_id; /* nyx runner id (0 -> master) */
u32 nyx_bind_cpu_id; /* nyx runner cpu id */ u32 nyx_bind_cpu_id; /* nyx runner cpu id */
#endif #endif
} afl_forkserver_t; } afl_forkserver_t;

103
src/afl-forkserver.c
View File

@ -389,43 +389,47 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
#ifdef __linux__ #ifdef __linux__
if (fsrv->nyx_mode) { if (fsrv->nyx_mode) {
if(fsrv->nyx_runner != NULL){ if (fsrv->nyx_runner != NULL) { return; }
return;
}
if (!be_quiet) { ACTF("Spinning up the NYX backend..."); } if (!be_quiet) { ACTF("Spinning up the NYX backend..."); }
if(fsrv->out_dir_path == NULL){ if (fsrv->out_dir_path == NULL) { FATAL("Nyx workdir path not found..."); }
FATAL("Nyx workdir path not found...");
}
char *x = alloc_printf("%s/workdir", fsrv->out_dir_path); char *x = alloc_printf("%s/workdir", fsrv->out_dir_path);
if(fsrv->nyx_id == 0xFFFFFFFF){ if (fsrv->nyx_id == 0xFFFFFFFF) { FATAL("Nyx ID is not set..."); }
FATAL("Nyx ID is not set...");
if (fsrv->nyx_bind_cpu_id == 0xFFFFFFFF) {
FATAL("Nyx CPU ID is not set...");
} }
if(fsrv->nyx_bind_cpu_id == 0xFFFFFFFF){ if (fsrv->nyx_parent) {
FATAL("Nyx CPU ID is not set...");
fsrv->nyx_runner = fsrv->nyx_handlers->nyx_new(
fsrv->target_path, x, fsrv->nyx_id, fsrv->nyx_bind_cpu_id,
!fsrv->nyx_standalone);
} else {
fsrv->nyx_runner = fsrv->nyx_handlers->nyx_new(
fsrv->target_path, x, fsrv->nyx_id, fsrv->nyx_bind_cpu_id, true);
} }
if (fsrv->nyx_parent){ if (fsrv->nyx_runner == NULL) { FATAL("Something went wrong ..."); }
fsrv->nyx_runner = fsrv->nyx_handlers->nyx_new(fsrv->target_path, x, fsrv->nyx_id, fsrv->nyx_bind_cpu_id, !fsrv->nyx_standalone);
}
else{
fsrv->nyx_runner = fsrv->nyx_handlers->nyx_new(fsrv->target_path, x, fsrv->nyx_id, fsrv->nyx_bind_cpu_id, true);
}
if(fsrv->nyx_runner == NULL){ fsrv->map_size =
FATAL("Something went wrong ..."); fsrv->nyx_handlers->nyx_get_bitmap_buffer_size(fsrv->nyx_runner);
} ;
fsrv->map_size = fsrv->nyx_handlers->nyx_get_bitmap_buffer_size(fsrv->nyx_runner);;
fsrv->real_map_size = fsrv->map_size; fsrv->real_map_size = fsrv->map_size;
fsrv->trace_bits = fsrv->nyx_handlers->nyx_get_bitmap_buffer(fsrv->nyx_runner); fsrv->trace_bits =
fsrv->nyx_handlers->nyx_get_bitmap_buffer(fsrv->nyx_runner);
fsrv->nyx_handlers->nyx_option_set_reload_mode(fsrv->nyx_runner, getenv("NYX_DISABLE_SNAPSHOT_MODE") == NULL); fsrv->nyx_handlers->nyx_option_set_reload_mode(
fsrv->nyx_runner, getenv("NYX_DISABLE_SNAPSHOT_MODE") == NULL);
fsrv->nyx_handlers->nyx_option_apply(fsrv->nyx_runner); fsrv->nyx_handlers->nyx_option_apply(fsrv->nyx_runner);
fsrv->nyx_handlers->nyx_option_set_timeout(fsrv->nyx_runner, 2, 0); fsrv->nyx_handlers->nyx_option_set_timeout(fsrv->nyx_runner, 2, 0);
@ -433,7 +437,8 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
/* dry run */ /* dry run */
fsrv->nyx_handlers->nyx_set_afl_input(fsrv->nyx_runner, "INIT", 4); fsrv->nyx_handlers->nyx_set_afl_input(fsrv->nyx_runner, "INIT", 4);
switch(fsrv->nyx_handlers->nyx_exec(fsrv->nyx_runner)){ switch (fsrv->nyx_handlers->nyx_exec(fsrv->nyx_runner)) {
case Abort: case Abort:
fsrv->nyx_handlers->nyx_shutdown(fsrv->nyx_runner); fsrv->nyx_handlers->nyx_shutdown(fsrv->nyx_runner);
FATAL("Error: Nyx abort occured..."); FATAL("Error: Nyx abort occured...");
@ -447,9 +452,13 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
break; break;
default: default:
break; break;
} }
return; return;
} }
#endif #endif
if (!be_quiet) { ACTF("Spinning up the fork server..."); } if (!be_quiet) { ACTF("Spinning up the fork server..."); }
@ -1163,10 +1172,9 @@ void afl_fsrv_kill(afl_forkserver_t *fsrv) {
fsrv->child_pid = -1; fsrv->child_pid = -1;
#ifdef __linux__ #ifdef __linux__
if(fsrv->nyx_mode){ if (fsrv->nyx_mode) { fsrv->nyx_handlers->nyx_shutdown(fsrv->nyx_runner); }
fsrv->nyx_handlers->nyx_shutdown(fsrv->nyx_runner);
}
#endif #endif
} }
/* Get the map size from the target forkserver */ /* Get the map size from the target forkserver */
@ -1184,10 +1192,13 @@ u32 afl_fsrv_get_mapsize(afl_forkserver_t *fsrv, char **argv,
void afl_fsrv_write_to_testcase(afl_forkserver_t *fsrv, u8 *buf, size_t len) { void afl_fsrv_write_to_testcase(afl_forkserver_t *fsrv, u8 *buf, size_t len) {
#ifdef __linux__ #ifdef __linux__
if(fsrv->nyx_mode){ if (fsrv->nyx_mode) {
fsrv->nyx_handlers->nyx_set_afl_input(fsrv->nyx_runner, buf, len); fsrv->nyx_handlers->nyx_set_afl_input(fsrv->nyx_runner, buf, len);
return; return;
} }
#endif #endif
#ifdef AFL_PERSISTENT_RECORD #ifdef AFL_PERSISTENT_RECORD
if (unlikely(fsrv->persistent_record)) { if (unlikely(fsrv->persistent_record)) {
@ -1303,21 +1314,26 @@ fsrv_run_result_t afl_fsrv_run_target(afl_forkserver_t *fsrv, u32 timeout,
u32 write_value = fsrv->last_run_timed_out; u32 write_value = fsrv->last_run_timed_out;
#ifdef __linux__ #ifdef __linux__
if(fsrv->nyx_mode){ if (fsrv->nyx_mode) {
static uint32_t last_timeout_value = 0; static uint32_t last_timeout_value = 0;
if (last_timeout_value != timeout){ if (last_timeout_value != timeout) {
fsrv->nyx_handlers->nyx_option_set_timeout(fsrv->nyx_runner, timeout/1000, (timeout%1000) * 1000);
fsrv->nyx_handlers->nyx_option_set_timeout(
fsrv->nyx_runner, timeout / 1000, (timeout % 1000) * 1000);
fsrv->nyx_handlers->nyx_option_apply(fsrv->nyx_runner); fsrv->nyx_handlers->nyx_option_apply(fsrv->nyx_runner);
last_timeout_value = timeout; last_timeout_value = timeout;
} }
enum NyxReturnValue ret_val = fsrv->nyx_handlers->nyx_exec(fsrv->nyx_runner); enum NyxReturnValue ret_val =
fsrv->nyx_handlers->nyx_exec(fsrv->nyx_runner);
fsrv->total_execs++; fsrv->total_execs++;
switch(ret_val){ switch (ret_val) {
case Normal: case Normal:
return FSRV_RUN_OK; return FSRV_RUN_OK;
case Crash: case Crash:
@ -1333,29 +1349,40 @@ fsrv_run_result_t afl_fsrv_run_target(afl_forkserver_t *fsrv, u32 timeout,
fsrv->nyx_handlers->nyx_shutdown(fsrv->nyx_runner); fsrv->nyx_handlers->nyx_shutdown(fsrv->nyx_runner);
FATAL("Error: Nyx abort occured..."); FATAL("Error: Nyx abort occured...");
case IoError: case IoError:
if (*stop_soon_p){ if (*stop_soon_p) {
return 0; return 0;
}
else{ } else {
FATAL("Error: QEMU-Nyx has died..."); FATAL("Error: QEMU-Nyx has died...");
} }
break; break;
case Error: case Error:
FATAL("Error: Nyx runtime error has occured..."); FATAL("Error: Nyx runtime error has occured...");
break; break;
} }
return FSRV_RUN_OK; return FSRV_RUN_OK;
}
}
#endif #endif
/* After this memset, fsrv->trace_bits[] are effectively volatile, so we /* After this memset, fsrv->trace_bits[] are effectively volatile, so we
must prevent any earlier operations from venturing into that must prevent any earlier operations from venturing into that
territory. */ territory. */
#ifdef __linux__ #ifdef __linux__
if(!fsrv->nyx_mode){ if (!fsrv->nyx_mode) {
memset(fsrv->trace_bits, 0, fsrv->map_size); memset(fsrv->trace_bits, 0, fsrv->map_size);
MEM_BARRIER(); MEM_BARRIER();
} }
#else #else
memset(fsrv->trace_bits, 0, fsrv->map_size); memset(fsrv->trace_bits, 0, fsrv->map_size);
MEM_BARRIER(); MEM_BARRIER();

37
src/afl-fuzz-init.c
View File

@ -411,11 +411,10 @@ void bind_to_free_cpu(afl_state_t *afl) {
OKF("Found a free CPU core, try binding to #%u.", i); OKF("Found a free CPU core, try binding to #%u.", i);
if (bind_cpu(afl, i)) { if (bind_cpu(afl, i)) {
#ifdef __linux__
if(afl->fsrv.nyx_mode){ #ifdef __linux__
afl->fsrv.nyx_bind_cpu_id = i; if (afl->fsrv.nyx_mode) { afl->fsrv.nyx_bind_cpu_id = i; }
} #endif
#endif
/* Success :) */ /* Success :) */
break; break;
@ -1095,9 +1094,12 @@ void perform_dry_run(afl_state_t *afl) {
case FSRV_RUN_NOINST: case FSRV_RUN_NOINST:
#ifdef __linux__ #ifdef __linux__
if(afl->fsrv.nyx_mode && afl->fsrv.nyx_runner != NULL){ if (afl->fsrv.nyx_mode && afl->fsrv.nyx_runner != NULL) {
afl->fsrv.nyx_handlers->nyx_shutdown(afl->fsrv.nyx_runner); afl->fsrv.nyx_handlers->nyx_shutdown(afl->fsrv.nyx_runner);
} }
#endif #endif
FATAL("No instrumentation detected"); FATAL("No instrumentation detected");
@ -2453,9 +2455,7 @@ void fix_up_sync(afl_state_t *afl) {
x = alloc_printf("%s/%s", afl->out_dir, afl->sync_id); x = alloc_printf("%s/%s", afl->out_dir, afl->sync_id);
#ifdef __linux__ #ifdef __linux__
if(afl->fsrv.nyx_mode){ if (afl->fsrv.nyx_mode) { afl->fsrv.out_dir_path = afl->out_dir; }
afl->fsrv.out_dir_path = afl->out_dir;
}
#endif #endif
afl->sync_dir = afl->out_dir; afl->sync_dir = afl->out_dir;
afl->out_dir = x; afl->out_dir = x;
@ -2595,17 +2595,26 @@ void check_binary(afl_state_t *afl, u8 *fname) {
afl->fsrv.target_path = ck_strdup(fname); afl->fsrv.target_path = ck_strdup(fname);
#ifdef __linux__ #ifdef __linux__
if(afl->fsrv.nyx_mode){ if (afl->fsrv.nyx_mode) {
/* check if target_path is a nyx sharedir */ /* check if target_path is a nyx sharedir */
if (stat(afl->fsrv.target_path, &st) || S_ISDIR(st.st_mode)){ if (stat(afl->fsrv.target_path, &st) || S_ISDIR(st.st_mode)) {
char* tmp = alloc_printf("%s/config.ron", afl->fsrv.target_path);
if (stat(tmp, &st) || S_ISREG(st.st_mode)){ char *tmp = alloc_printf("%s/config.ron", afl->fsrv.target_path);
if (stat(tmp, &st) || S_ISREG(st.st_mode)) {
free(tmp); free(tmp);
return; return;
} }
} }
FATAL("Directory '%s' not found or is not a nyx share directory", afl->fsrv.target_path);
FATAL("Directory '%s' not found or is not a nyx share directory",
afl->fsrv.target_path);
} }
#endif #endif
if (stat(afl->fsrv.target_path, &st) || !S_ISREG(st.st_mode) || if (stat(afl->fsrv.target_path, &st) || !S_ISREG(st.st_mode) ||
!(st.st_mode & 0111) || (f_len = st.st_size) < 4) { !(st.st_mode & 0111) || (f_len = st.st_size) < 4) {

11
src/afl-fuzz-stats.c
View File

@ -680,14 +680,16 @@ void show_stats(afl_state_t *afl) {
memset(banner, ' ', banner_pad); memset(banner, ' ', banner_pad);
#ifdef __linux__ #ifdef __linux__
if(afl->fsrv.nyx_mode){ if (afl->fsrv.nyx_mode) {
sprintf(banner + banner_pad, sprintf(banner + banner_pad,
"%s " cLCY VERSION cLBL " {%s} " cLGN "(%s) " cPIN "[%s] - Nyx", "%s " cLCY VERSION cLBL " {%s} " cLGN "(%s) " cPIN "[%s] - Nyx",
afl->crash_mode ? cPIN "peruvian were-rabbit" afl->crash_mode ? cPIN "peruvian were-rabbit"
: cYEL "american fuzzy lop", : cYEL "american fuzzy lop",
si, afl->use_banner, afl->power_name); si, afl->use_banner, afl->power_name);
}
else{ } else {
#endif #endif
sprintf(banner + banner_pad, sprintf(banner + banner_pad,
"%s " cLCY VERSION cLBL " {%s} " cLGN "(%s) " cPIN "[%s]", "%s " cLCY VERSION cLBL " {%s} " cLGN "(%s) " cPIN "[%s]",
@ -696,8 +698,11 @@ void show_stats(afl_state_t *afl) {
si, afl->use_banner, afl->power_name); si, afl->use_banner, afl->power_name);
#ifdef __linux__ #ifdef __linux__
} }
#endif #endif
} }
SAYF("\n%s\n", banner); SAYF("\n%s\n", banner);

212
src/afl-fuzz.c
View File

@ -389,74 +389,59 @@ static void fasan_check_afl_preload(char *afl_preload) {
} }
#ifdef __linux__ #ifdef __linux__
#include <dlfcn.h> #include <dlfcn.h>
nyx_plugin_handler_t* afl_load_libnyx_plugin(u8* libnyx_binary){ nyx_plugin_handler_t *afl_load_libnyx_plugin(u8 *libnyx_binary) {
void *handle;
nyx_plugin_handler_t* plugin = calloc(1, sizeof(nyx_plugin_handler_t));
ACTF("Trying to load libnyx.so plugin..."); void * handle;
handle = dlopen((char*) libnyx_binary, RTLD_NOW); nyx_plugin_handler_t *plugin = calloc(1, sizeof(nyx_plugin_handler_t));
if (!handle) {
goto fail;
}
plugin->nyx_new = dlsym(handle, "nyx_new"); ACTF("Trying to load libnyx.so plugin...");
if (plugin->nyx_new == NULL){ handle = dlopen((char *)libnyx_binary, RTLD_NOW);
goto fail; if (!handle) { goto fail; }
}
plugin->nyx_shutdown = dlsym(handle, "nyx_shutdown");
if (plugin->nyx_shutdown == NULL){
goto fail;
}
plugin->nyx_option_set_reload_mode = dlsym(handle, "nyx_option_set_reload_mode");
if (plugin->nyx_option_set_reload_mode == NULL){
goto fail;
}
plugin->nyx_option_set_timeout = dlsym(handle, "nyx_option_set_timeout");
if (plugin->nyx_option_set_timeout == NULL){
goto fail;
}
plugin->nyx_option_apply = dlsym(handle, "nyx_option_apply");
if (plugin->nyx_option_apply == NULL){
goto fail;
}
plugin->nyx_set_afl_input = dlsym(handle, "nyx_set_afl_input");
if (plugin->nyx_set_afl_input == NULL){
goto fail;
}
plugin->nyx_exec = dlsym(handle, "nyx_exec"); plugin->nyx_new = dlsym(handle, "nyx_new");
if (plugin->nyx_exec == NULL){ if (plugin->nyx_new == NULL) { goto fail; }
goto fail;
}
plugin->nyx_get_bitmap_buffer = dlsym(handle, "nyx_get_bitmap_buffer"); plugin->nyx_shutdown = dlsym(handle, "nyx_shutdown");
if (plugin->nyx_get_bitmap_buffer == NULL){ if (plugin->nyx_shutdown == NULL) { goto fail; }
goto fail;
}
plugin->nyx_get_bitmap_buffer_size = dlsym(handle, "nyx_get_bitmap_buffer_size"); plugin->nyx_option_set_reload_mode =
if (plugin->nyx_get_bitmap_buffer_size == NULL){ dlsym(handle, "nyx_option_set_reload_mode");
goto fail; if (plugin->nyx_option_set_reload_mode == NULL) { goto fail; }
}
OKF("libnyx plugin is ready!");
return plugin;
fail: plugin->nyx_option_set_timeout = dlsym(handle, "nyx_option_set_timeout");
if (plugin->nyx_option_set_timeout == NULL) { goto fail; }
plugin->nyx_option_apply = dlsym(handle, "nyx_option_apply");
if (plugin->nyx_option_apply == NULL) { goto fail; }
plugin->nyx_set_afl_input = dlsym(handle, "nyx_set_afl_input");
if (plugin->nyx_set_afl_input == NULL) { goto fail; }
plugin->nyx_exec = dlsym(handle, "nyx_exec");
if (plugin->nyx_exec == NULL) { goto fail; }
plugin->nyx_get_bitmap_buffer = dlsym(handle, "nyx_get_bitmap_buffer");
if (plugin->nyx_get_bitmap_buffer == NULL) { goto fail; }
plugin->nyx_get_bitmap_buffer_size =
dlsym(handle, "nyx_get_bitmap_buffer_size");
if (plugin->nyx_get_bitmap_buffer_size == NULL) { goto fail; }
OKF("libnyx plugin is ready!");
return plugin;
fail:
FATAL("failed to load libnyx: %s\n", dlerror());
free(plugin);
return NULL;
FATAL("failed to load libnyx: %s\n", dlerror());
free(plugin);
return NULL;
} }
#endif
#endif
/* Main entry point */ /* Main entry point */
@ -918,13 +903,10 @@ int main(int argc, char **argv_orig, char **envp) {
afl->use_banner = optarg; afl->use_banner = optarg;
break; break;
#ifdef __linux__ #ifdef __linux__
case 'X': /* NYX mode */ case 'X': /* NYX mode */
if (afl->fsrv.nyx_mode) { if (afl->fsrv.nyx_mode) { FATAL("Multiple -X options not supported"); }
FATAL("Multiple -X options not supported");
}
afl->fsrv.nyx_parent = true; afl->fsrv.nyx_parent = true;
afl->fsrv.nyx_standalone = true; afl->fsrv.nyx_standalone = true;
@ -933,21 +915,17 @@ int main(int argc, char **argv_orig, char **envp) {
break; break;
case 'Y': /* NYX distributed mode */ case 'Y': /* NYX distributed mode */
if (afl->fsrv.nyx_mode) { if (afl->fsrv.nyx_mode) { FATAL("Multiple -Y options not supported"); }
FATAL("Multiple -Y options not supported");
}
afl->fsrv.nyx_mode = 1; afl->fsrv.nyx_mode = 1;
break; break;
#else #else
case 'X': case 'X':
case 'Y': case 'Y':
FATAL("Nyx mode is only availabe on linux..."); FATAL("Nyx mode is only availabe on linux...");
break; break;
#endif #endif
case 'A': /* CoreSight mode */ case 'A': /* CoreSight mode */
#if !defined(__aarch64__) || !defined(__linux__) #if !defined(__aarch64__) || !defined(__linux__)
@ -1288,13 +1266,16 @@ int main(int argc, char **argv_orig, char **envp) {
OKF("NOTE: This is v3.x which changes defaults and behaviours - see " OKF("NOTE: This is v3.x which changes defaults and behaviours - see "
"README.md"); "README.md");
#ifdef __linux__ #ifdef __linux__
if (afl->fsrv.nyx_mode){ if (afl->fsrv.nyx_mode) {
OKF("afl++ Nyx mode is enabled (developed and mainted by Sergej Schumilo)"); OKF("afl++ Nyx mode is enabled (developed and mainted by Sergej Schumilo)");
OKF("Nyx is open source, get it at " OKF("Nyx is open source, get it at "
"https://github.com/Nyx-Fuzz"); "https://github.com/Nyx-Fuzz");
} }
#endif
#endif
if (afl->sync_id && afl->is_main_node && if (afl->sync_id && afl->is_main_node &&
afl->afl_env.afl_custom_mutator_only) { afl->afl_env.afl_custom_mutator_only) {
@ -1337,32 +1318,55 @@ int main(int argc, char **argv_orig, char **envp) {
} }
#ifdef __linux__ #ifdef __linux__
if (afl->fsrv.nyx_mode) { if (afl->fsrv.nyx_mode) {
if (afl->fsrv.nyx_standalone && strncmp(afl->sync_id, "default", strlen("default")) != 0){ if (afl->fsrv.nyx_standalone &&
FATAL("distributed fuzzing is not supported in this Nyx mode (use -Y instead)"); strncmp(afl->sync_id, "default", strlen("default")) != 0) {
FATAL(
"distributed fuzzing is not supported in this Nyx mode (use -Y "
"instead)");
} }
if (!afl->fsrv.nyx_standalone){ if (!afl->fsrv.nyx_standalone) {
if (afl->is_main_node){
if(strncmp("0", afl->sync_id, strlen("0") != 0)){ if (afl->is_main_node) {
FATAL("for Nyx -Y mode, the Main (-M) parameter has to be set to 0 (-M 0)");
if (strncmp("0", afl->sync_id, strlen("0") != 0)) {
FATAL(
"for Nyx -Y mode, the Main (-M) parameter has to be set to 0 (-M "
"0)");
} }
afl->fsrv.nyx_id = 0; afl->fsrv.nyx_id = 0;
} }
if (afl->is_secondary_node){ if (afl->is_secondary_node) {
long nyx_id = strtol(afl->sync_id, NULL, 10); long nyx_id = strtol(afl->sync_id, NULL, 10);
if (nyx_id == 0 || nyx_id == LONG_MAX){ if (nyx_id == 0 || nyx_id == LONG_MAX) {
FATAL("for Nyx -Y mode, the Secondary (-S) parameter has to be a numeric value and >= 1 (e.g. -S 1)");
FATAL(
"for Nyx -Y mode, the Secondary (-S) parameter has to be a "
"numeric value and >= 1 (e.g. -S 1)");
} }
afl->fsrv.nyx_id = nyx_id; afl->fsrv.nyx_id = nyx_id;
} }
} }
} }
#endif
#endif
if (afl->sync_id) { if (afl->sync_id) {
@ -1587,22 +1591,28 @@ int main(int argc, char **argv_orig, char **envp) {
afl->fsrv.use_fauxsrv = afl->non_instrumented_mode == 1 || afl->no_forkserver; afl->fsrv.use_fauxsrv = afl->non_instrumented_mode == 1 || afl->no_forkserver;
#ifdef __linux__ #ifdef __linux__
if (!afl->fsrv.nyx_mode){ if (!afl->fsrv.nyx_mode) {
check_crash_handling(); check_crash_handling();
check_cpu_governor(afl); check_cpu_governor(afl);
}
else{ } else {
u8* libnyx_binary = find_afl_binary(argv[0], "nyx_mode/libnyx.so");
u8 *libnyx_binary = find_afl_binary(argv[0], "nyx_mode/libnyx.so");
afl->fsrv.nyx_handlers = afl_load_libnyx_plugin(libnyx_binary); afl->fsrv.nyx_handlers = afl_load_libnyx_plugin(libnyx_binary);
if(afl->fsrv.nyx_handlers == NULL){ if (afl->fsrv.nyx_handlers == NULL) {
FATAL("failed to initialize libnyx.so..."); FATAL("failed to initialize libnyx.so...");
} }
} }
#else
#else
check_crash_handling(); check_crash_handling();
check_cpu_governor(afl); check_cpu_governor(afl);
#endif #endif
if (getenv("LD_PRELOAD")) { if (getenv("LD_PRELOAD")) {
@ -2085,11 +2095,15 @@ int main(int argc, char **argv_orig, char **envp) {
if (!afl->queue_buf[entry]->disabled) { ++valid_seeds; } if (!afl->queue_buf[entry]->disabled) { ++valid_seeds; }
if (!afl->pending_not_fuzzed || !valid_seeds) { if (!afl->pending_not_fuzzed || !valid_seeds) {
#ifdef __linux__
if(afl->fsrv.nyx_mode){ #ifdef __linux__
if (afl->fsrv.nyx_mode) {
afl->fsrv.nyx_handlers->nyx_shutdown(afl->fsrv.nyx_runner); afl->fsrv.nyx_handlers->nyx_shutdown(afl->fsrv.nyx_runner);
} }
#endif
#endif
FATAL("We need at least one valid input seed that does not crash!"); FATAL("We need at least one valid input seed that does not crash!");
} }

11
src/afl-showmap.c
View File

@ -105,15 +105,8 @@ static sharedmem_t * shm_fuzz;
static const u8 count_class_human[256] = { static const u8 count_class_human[256] = {
[0] = 0, [0] = 0, [1] = 1, [2] = 2, [3] = 3, [4] = 4,
[1] = 1, [8] = 5, [16] = 6, [32] = 7, [128] = 8
[2] = 2,
[3] = 3,
[4] = 4,
[8] = 5,
[16] = 6,
[32] = 7,
[128] = 8
}; };