fix cmplog for shmem persistent mode

2025-06-15 19:38:09 +00:00 · 2020-06-04 16:31:53 +02:00
parent 9a1e22afab
commit a9348e0acc
6 changed files with 15 additions and 6 deletions
--- a/include/forkserver.h
+++ b/include/forkserver.h
@ -73,7 +73,7 @@ typedef struct afl_forkserver {
  u8 last_kill_signal;                  /* Signal that killed the child     */
-  u8 use_shdmen_fuzz;                   /* use shared mem for test cases    */
+  u8 use_shmem_fuzz;                    /* use shared mem for test cases    */
  u8 support_shmem_fuzz;                /* set by afl-fuzz                  */
--- a/llvm_mode/GNUmakefile
+++ b/llvm_mode/GNUmakefile
@ -68,7 +68,7 @@ endif
 ifeq "$(LLVM_MAJOR)" "11"
  $(info [+] llvm_mode detected llvm 11, enabling afl-clang-lto LTO implementation)
  LLVM_LTO = 1
-  TEST_MMAP = 1
+  #TEST_MMAP = 1
 endif
 ifeq "$(LLVM_LTO)" "0"
@ -236,7 +236,7 @@ ifeq "$(shell echo '$(HASH)include <sys/ipc.h>@$(HASH)include <sys/shm.h>@int ma
        SHMAT_OK=1
 else
        SHMAT_OK=0
-        CFLAGS+=-DUSEMMAP=1
+        #CFLAGS+=-DUSEMMAP=1
        LDFLAGS += -Wno-deprecated-declarations
 endif
--- a/llvm_mode/afl-llvm-rt.o.c
+++ b/llvm_mode/afl-llvm-rt.o.c
@ -311,6 +311,10 @@ static void __afl_map_shm(void) {
  id_str = getenv(CMPLOG_SHM_ENV_VAR);
  if (getenv("AFL_DEBUG"))
    fprintf(stderr, "DEBUG: cmplog id_str %s\n",
            id_str == NULL ? "<null>" : id_str);
  if (id_str) {
 #ifdef USEMMAP
--- a/src/afl-forkserver.c
+++ b/src/afl-forkserver.c
@ -101,6 +101,7 @@ void afl_fsrv_init_dup(afl_forkserver_t *fsrv_to, afl_forkserver_t *from) {
  fsrv_to->exec_tmout = from->exec_tmout;
  fsrv_to->mem_limit = from->mem_limit;
  fsrv_to->map_size = from->map_size;
  fsrv_to->support_shmem_fuzz = from->support_shmem_fuzz;
 #ifndef HAVE_ARC4RANDOM
  fsrv_to->dev_urandom_fd = from->dev_urandom_fd;
@ -435,6 +436,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
       falling through. */
    *(u32 *)fsrv->trace_bits = EXEC_FAIL_SIG;
    fprintf(stderr, "Error: execv to target failed\n");
    exit(0);
  }
@ -508,7 +510,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
        if (fsrv->support_shmem_fuzz) {
-          fsrv->use_shdmen_fuzz = 1;
+          fsrv->use_shmem_fuzz = 1;
          if (!be_quiet) { ACTF("Using SHARED MEMORY FUZZING feature."); }
          if ((status & FS_OPT_AUTODICT) == 0) {
@ -567,7 +569,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
        if (fsrv->function_ptr == NULL || fsrv->function_opt == NULL) {
          // this is not afl-fuzz - we deny and return
-          if (fsrv->use_shdmen_fuzz)
+          if (fsrv->use_shmem_fuzz)
            status = (FS_OPT_ENABLED | FS_OPT_AUTODICT | FS_OPT_SHDMEM_FUZZ);
          else
            status = (FS_OPT_ENABLED | FS_OPT_AUTODICT);
--- a/src/afl-fuzz-run.c
+++ b/src/afl-fuzz-run.c
@ -232,7 +232,7 @@ u8 calibrate_case(afl_state_t *afl, struct queue_entry *q, u8 *use_mem,
    afl_fsrv_start(&afl->fsrv, afl->argv, &afl->stop_soon,
                   afl->afl_env.afl_debug_child_output);
-    if (afl->fsrv.support_shmem_fuzz && !afl->fsrv.use_shdmen_fuzz) {
+    if (afl->fsrv.support_shmem_fuzz && !afl->fsrv.use_shmem_fuzz) {
      afl_shm_deinit(afl->shm_fuzz);
      ck_free(afl->shm_fuzz);
--- a/src/afl-fuzz.c
+++ b/src/afl-fuzz.c
@ -792,6 +792,8 @@ int main(int argc, char **argv_orig, char **envp) {
  }
  if (!mem_limit_given && afl->shm.cmplog_mode) afl->fsrv.mem_limit += 260;
  OKF("afl++ is maintained by Marc \"van Hauser\" Heuse, Heiko \"hexcoder\" "
      "Eißfeldt, Andrea Fioraldi and Dominik Maier");
  OKF("afl++ is open source, get it at "
@ -1228,6 +1230,7 @@ int main(int argc, char **argv_orig, char **envp) {
    afl->cmplog_fsrv.init_child_func = cmplog_exec_child;
    afl_fsrv_start(&afl->cmplog_fsrv, afl->argv, &afl->stop_soon,
                   afl->afl_env.afl_debug_child_output);
    OKF("Cmplog forkserver successfully started");
  }