From 9160805f4a06ee81adfe177875ad8dee09013a40 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 12 Dec 2024 15:26:39 +0100 Subject: [PATCH] add __sanitizer_weak_hook_ support --- docs/Changelog.md | 3 ++ instrumentation/afl-compiler-rt.o.c | 83 +++++++++++++++++++++++++++++ src/afl-cc.c | 1 + 3 files changed, 87 insertions(+) diff --git a/docs/Changelog.md b/docs/Changelog.md index 0b22fc5f..8594d068 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -6,6 +6,9 @@ ### Version ++4.31a (dev) - loose file and shared memory permissions on Android and iPhone + - afl-cc: + - added __sanitizer_weak_hook_* functions (in case that is helpful in + weird setups) ### Version ++4.30c (release) diff --git a/instrumentation/afl-compiler-rt.o.c b/instrumentation/afl-compiler-rt.o.c index 77a9623c..5a3d6af8 100644 --- a/instrumentation/afl-compiler-rt.o.c +++ b/instrumentation/afl-compiler-rt.o.c @@ -2670,6 +2670,89 @@ void __cmplog_rtn_llvm_stdstring_stdstring(u8 *stdstring1, u8 *stdstring2) { } +/* llvm weak hooks */ + +void __sanitizer_weak_hook_memcmp(void *pc, const void *s1, const void *s2, + size_t n, int result) { + + __cmplog_rtn_hook_n((u8 *)s1, (u8 *)s2, (u64)n); + (void)pc; + (void)result; + +} + +void __sanitizer_weak_hook_memmem(void *pc, const void *s1, size_t len1, + const void *s2, size_t len2, void *result) { + + __cmplog_rtn_hook_n((u8 *)s1, (u8 *)s2, len1 < len2 ? (u64)len1 : (u64)len2); + (void)pc; + (void)result; + +} + +void __sanitizer_weak_hook_strncasecmp(void *pc, const void *s1, const void *s2, + size_t n, int result) { + + __cmplog_rtn_hook_strn((u8 *)s1, (u8 *)s2, (u64)n); + (void)pc; + (void)result; + +} + +void __sanitizer_weak_hook_strncasestr(void *pc, const void *s1, const void *s2, + size_t n, char *result) { + + __cmplog_rtn_hook_strn((u8 *)s1, (u8 *)s2, (u64)n); + (void)pc; + (void)result; + +} + +void __sanitizer_weak_hook_strncmp(void *pc, const void *s1, const void *s2, + size_t n, int result) { + + __cmplog_rtn_hook_strn((u8 *)s1, (u8 *)s2, (u64)n); + (void)pc; + (void)result; + +} + +void __sanitizer_weak_hook_strcasecmp(void *pc, const void *s1, const void *s2, + int result) { + + __cmplog_rtn_hook_str((u8 *)s1, (u8 *)s2); + (void)pc; + (void)result; + +} + +void __sanitizer_weak_hook_strcasestr(void *pc, const void *s1, const void *s2, + size_t n, char *result) { + + __cmplog_rtn_hook_str((u8 *)s1, (u8 *)s2); + (void)pc; + (void)result; + +} + +void __sanitizer_weak_hook_strcmp(void *pc, const void *s1, const void *s2, + int result) { + + __cmplog_rtn_hook_str((u8 *)s1, (u8 *)s2); + (void)pc; + (void)result; + +} + +void __sanitizer_weak_hook_strstr(void *pc, const void *s1, const void *s2, + char *result) { + + __cmplog_rtn_hook_str((u8 *)s1, (u8 *)s2); + (void)pc; + (void)result; + +} + /* COVERAGE manipulation features */ // this variable is then used in the shm setup to create an additional map diff --git a/src/afl-cc.c b/src/afl-cc.c index 11e61fab..83984e91 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -2614,6 +2614,7 @@ void add_misc_params(aflcc_state_t *aflcc) { insert_param(aflcc, "-fno-builtin-strcasecmp"); insert_param(aflcc, "-fno-builtin-strncasecmp"); insert_param(aflcc, "-fno-builtin-memcmp"); + insert_param(aflcc, "-fno-builtin-memmem"); insert_param(aflcc, "-fno-builtin-bcmp"); insert_param(aflcc, "-fno-builtin-strstr"); insert_param(aflcc, "-fno-builtin-strcasestr");