ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-13 10:38:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

real fix plus code format

Browse Source
This commit is contained in:
van Hauser
2021-01-26 17:12:11 +01:00
parent e0663c91b9
commit 9c393adbb9
6 changed files with 122 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
include/android-ashmem.h
View File

@ -23,59 +23,61 @@
#define ASHMEM_DEVICE "/dev/ashmem" #define ASHMEM_DEVICE "/dev/ashmem"
int shmctl(int __shmid, int __cmd, struct shmid_ds *__buf) { int shmctl(int __shmid, int __cmd, struct shmid_ds *__buf) {
int ret = 0; int ret = 0;
if (__cmd == IPC_RMID) { if (__cmd == IPC_RMID) {
int length = ioctl(__shmid, ASHMEM_GET_SIZE, NULL); int length = ioctl(__shmid, ASHMEM_GET_SIZE, NULL);
struct ashmem_pin pin = {0, length}; struct ashmem_pin pin = {0, length};
ret = ioctl(__shmid, ASHMEM_UNPIN, &pin); ret = ioctl(__shmid, ASHMEM_UNPIN, &pin);
close(__shmid); close(__shmid);
} }
return ret; return ret;
} }
int shmget(key_t __key, size_t __size, int __shmflg) { int shmget(key_t __key, size_t __size, int __shmflg) {
(void)__shmflg; (void)__shmflg;
int fd, ret; int fd, ret;
char ourkey[11]; char ourkey[11];
fd = open(ASHMEM_DEVICE, O_RDWR); fd = open(ASHMEM_DEVICE, O_RDWR);
if (fd < 0) if (fd < 0) return fd;
return fd;
sprintf(ourkey, "%d", __key); sprintf(ourkey, "%d", __key);
ret = ioctl(fd, ASHMEM_SET_NAME, ourkey); ret = ioctl(fd, ASHMEM_SET_NAME, ourkey);
if (ret < 0) if (ret < 0) goto error;
goto error;
ret = ioctl(fd, ASHMEM_SET_SIZE, __size); ret = ioctl(fd, ASHMEM_SET_SIZE, __size);
if (ret < 0) if (ret < 0) goto error;
goto error;
return fd; return fd;
error: error:
close(fd); close(fd);
return ret; return ret;
} }
void *shmat(int __shmid, const void *__shmaddr, int __shmflg) { void *shmat(int __shmid, const void *__shmaddr, int __shmflg) {
(void)__shmflg; (void)__shmflg;
int size; int size;
void *ptr; void *ptr;
size = ioctl(__shmid, ASHMEM_GET_SIZE, NULL); size = ioctl(__shmid, ASHMEM_GET_SIZE, NULL);
if (size < 0) { if (size < 0) { return NULL; }
return NULL;
}
ptr = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, __shmid, 0); ptr = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, __shmid, 0);
if (ptr == MAP_FAILED) { if (ptr == MAP_FAILED) { return NULL; }
return NULL;
}
return ptr; return ptr;
} }
#endif /* !_ANDROID_ASHMEM_H */ #endif /* !_ANDROID_ASHMEM_H */
#endif /* !__ANDROID__ */ #endif /* !__ANDROID__ */

28
src/afl-fuzz-init.c
View File

@ -1027,7 +1027,7 @@ void perform_dry_run(afl_state_t *afl) {
struct queue_entry *p = afl->queue; struct queue_entry *p = afl->queue;
if (!p->disabled && !p->was_fuzzed) { if (!p->was_fuzzed) {
--afl->pending_not_fuzzed; --afl->pending_not_fuzzed;
--afl->active_paths; --afl->active_paths;
@ -1128,16 +1128,6 @@ restart_outer_cull_loop:
if (!p->cal_failed && p->exec_cksum == q->exec_cksum) { if (!p->cal_failed && p->exec_cksum == q->exec_cksum) {
duplicates = 1; duplicates = 1;
if (!p->disabled && !q->disabled && !p->was_fuzzed && !q->was_fuzzed) {
--afl->pending_not_fuzzed;
afl->active_paths--;
} else {
FATAL("disabled entry? this should not happen, please report!");
}
// We do not remove any of the memory allocated because for // We do not remove any of the memory allocated because for
// splicing the data might still be interesting. // splicing the data might still be interesting.
@ -1147,6 +1137,14 @@ restart_outer_cull_loop:
// we keep the shorter file // we keep the shorter file
if (p->len >= q->len) { if (p->len >= q->len) {
if (!p->was_fuzzed) {
p->was_fuzzed = 1;
--afl->pending_not_fuzzed;
afl->active_paths--;
}
p->disabled = 1; p->disabled = 1;
p->perf_score = 0; p->perf_score = 0;
q->next = p->next; q->next = p->next;
@ -1154,6 +1152,14 @@ restart_outer_cull_loop:
} else { } else {
if (!q->was_fuzzed) {
q->was_fuzzed = 1;
--afl->pending_not_fuzzed;
afl->active_paths--;
}
q->disabled = 1; q->disabled = 1;
q->perf_score = 0; q->perf_score = 0;
if (prev) if (prev)

24
src/afl-showmap.c
View File

@ -317,8 +317,16 @@ static void showmap_run_target_forkserver(afl_forkserver_t *fsrv, u8 *mem,
} }
if (fsrv->trace_bits[0] == 1) { fsrv->trace_bits[0] = 0; have_coverage = 1; } if (fsrv->trace_bits[0] == 1) {
else { have_coverage = 0; }
fsrv->trace_bits[0] = 0;
have_coverage = 1;
} else {
have_coverage = 0;
}
if (!no_classify) { classify_counts(fsrv); } if (!no_classify) { classify_counts(fsrv); }
@ -493,8 +501,16 @@ static void showmap_run_target(afl_forkserver_t *fsrv, char **argv) {
} }
if (fsrv->trace_bits[0] == 1) { fsrv->trace_bits[0] = 0; have_coverage = 1; } if (fsrv->trace_bits[0] == 1) {
else { have_coverage = 0; }
fsrv->trace_bits[0] = 0;
have_coverage = 1;
} else {
have_coverage = 0;
}
if (!no_classify) { classify_counts(fsrv); } if (!no_classify) { classify_counts(fsrv); }

8
utils/afl_frida/afl-frida.c
View File

@ -166,10 +166,15 @@ int main(int argc, char** argv) {
void *dl = NULL; void *dl = NULL;
if (argc > 2) { if (argc > 2) {
dl = dlopen(argv[1], RTLD_LAZY); dl = dlopen(argv[1], RTLD_LAZY);
} else { } else {
dl = dlopen(TARGET_LIBRARY, RTLD_LAZY); dl = dlopen(TARGET_LIBRARY, RTLD_LAZY);
} }
if (!dl) { if (!dl) {
if (argc > 2) if (argc > 2)
@ -197,6 +202,7 @@ int main(int argc, char** argv) {
// END STEP 2 // END STEP 2
if (!getenv("AFL_FRIDA_TEST_INPUT")) { if (!getenv("AFL_FRIDA_TEST_INPUT")) {
gum_init_embedded(); gum_init_embedded();
if (!gum_stalker_is_supported()) { if (!gum_stalker_is_supported()) {
@ -292,10 +298,12 @@ int main(int argc, char** argv) {
gum_deinit_embedded(); gum_deinit_embedded();
} else { } else {
char buf[8 * 1024] = {0}; char buf[8 * 1024] = {0};
int count = read(0, buf, sizeof(buf)); int count = read(0, buf, sizeof(buf));
buf[8 * 1024 - 1] = '\0'; buf[8 * 1024 - 1] = '\0';
(*o_function)(buf, count); (*o_function)(buf, count);
} }
return 0; return 0;