making AFL_MAP_SIZE obsolete

2025-06-17 04:18:06 +00:00 · 2021-02-01 12:01:23 +01:00
parent 522eacce71
commit 981ffb27a8
15 changed files with 211 additions and 51 deletions
--- a/src/afl-showmap.c
+++ b/src/afl-showmap.c
@ -86,7 +86,8 @@ static u8 quiet_mode,                  /* Hide non-essential messages?      */
    remove_shm = 1,                    /* remove shmem?                     */
    collect_coverage,                  /* collect coverage                  */
    have_coverage,                     /* have coverage?                    */
-    no_classify;                       /* do not classify counts            */
+    no_classify,                       /* do not classify counts            */
+    debug;                             /* debug mode                        */

 static volatile u8 stop_soon,          /* Ctrl-C pressed?                   */
    child_crashed;                     /* Child crashed?                    */
@ -743,6 +744,7 @@ int main(int argc, char **argv_orig, char **envp) {
  char **argv = argv_cpy_dup(argc, argv_orig);

  afl_forkserver_t fsrv_var = {0};
+  if (getenv("AFL_DEBUG")) { debug = 1; }
  fsrv = &fsrv_var;
  afl_fsrv_init(fsrv);
  map_size = get_map_size();
@ -991,14 +993,16 @@ int main(int argc, char **argv_orig, char **envp) {

  //  if (afl->shmem_testcase_mode) { setup_testcase_shmem(afl); }

+  setenv("AFL_NO_AUTODICT", "1", 1);
+
  /* initialize cmplog_mode */
  shm.cmplog_mode = 0;
-  fsrv->trace_bits = afl_shm_init(&shm, map_size, 0);
  setup_signal_handlers();

  set_up_environment(fsrv);

  fsrv->target_path = find_binary(argv[optind]);
+  fsrv->trace_bits = afl_shm_init(&shm, map_size, 0);

  if (!quiet_mode) {

@ -1051,6 +1055,7 @@ int main(int argc, char **argv_orig, char **envp) {
  /* initialize cmplog_mode */
  shm_fuzz->cmplog_mode = 0;
  u8 *map = afl_shm_init(shm_fuzz, MAX_FILE + sizeof(u32), 1);
+  shm_fuzz->shmemfuzz_mode = 1;
  if (!map) { FATAL("BUG: Zero return from afl_shm_init."); }
 #ifdef USEMMAP
  setenv(SHM_FUZZ_ENV_VAR, shm_fuzz->g_shm_file_path, 1);
@ -1063,6 +1068,38 @@ int main(int argc, char **argv_orig, char **envp) {
  fsrv->shmem_fuzz_len = (u32 *)map;
  fsrv->shmem_fuzz = map + sizeof(u32);

+  u32 save_be_quiet = be_quiet;
+  be_quiet = debug;
+  fsrv->map_size = 4194304;  // dummy temporary value
+  u32 new_map_size = afl_fsrv_get_mapsize(
+      fsrv, use_argv, &stop_soon,
+      (get_afl_env("AFL_DEBUG_CHILD") || get_afl_env("AFL_DEBUG_CHILD_OUTPUT"))
+          ? 1
+          : 0);
+  be_quiet = save_be_quiet;
+
+  if (new_map_size) {
+
+    // only reinitialize when it makes sense
+    if (map_size < new_map_size ||
+        (new_map_size > map_size && new_map_size - map_size > MAP_SIZE)) {
+
+      if (!be_quiet)
+        ACTF("Aquired new map size for target: %u bytes\n", new_map_size);
+
+      afl_shm_deinit(&shm);
+      afl_fsrv_kill(fsrv);
+      fsrv->map_size = new_map_size;
+      fsrv->trace_bits = afl_shm_init(&shm, new_map_size, 0);
+
+    }
+
+    map_size = new_map_size;
+
+  }
+
+  fsrv->map_size = map_size;
+
  if (in_dir) {

    DIR *          dir_in, *dir_out = NULL;