run code formatter

2025-06-17 04:18:06 +00:00 · 2019-09-02 18:49:43 +02:00
parent 2ae4ca91b4
commit b24639d011
57 changed files with 8674 additions and 7125 deletions
--- a/qemu_mode/libcompcov/libcompcov.so.c
+++ b/qemu_mode/libcompcov/libcompcov.so.c
@ -40,10 +40,9 @@

 #define MAX_CMP_LENGTH 32

-static void *__compcov_code_start,
-            *__compcov_code_end;
+static void *__compcov_code_start, *__compcov_code_end;

-static u8 *__compcov_afl_map;
+static u8* __compcov_afl_map;

 static u32 __compcov_level;

@ -55,15 +54,11 @@ static int (*__libc_memcmp)(const void*, const void*, size_t);

 static int debug_fd = -1;

-
 #define MAX_MAPPINGS 1024

-static struct mapping {
-  void *st, *en;
-} __compcov_ro[MAX_MAPPINGS];
-
-static u32   __compcov_ro_cnt;
+static struct mapping { void *st, *en; } __compcov_ro[MAX_MAPPINGS];

+static u32 __compcov_ro_cnt;

 /* Check an address against the list of read-only mappings. */

@ -71,42 +66,42 @@ static u8 __compcov_is_ro(const void* ptr) {

  u32 i;

-  for (i = 0; i < __compcov_ro_cnt; i++) 
+  for (i = 0; i < __compcov_ro_cnt; i++)
    if (ptr >= __compcov_ro[i].st && ptr <= __compcov_ro[i].en) return 1;

  return 0;
+
 }

+static size_t __strlen2(const char* s1, const char* s2, size_t max_length) {

-static size_t __strlen2(const char *s1, const char *s2, size_t max_length) {
  // from https://github.com/googleprojectzero/CompareCoverage
-  
+
  size_t len = 0;
-  for (; len < max_length && s1[len] != '\0' && s2[len] != '\0'; len++) { }
+  for (; len < max_length && s1[len] != '\0' && s2[len] != '\0'; len++) {}
  return len;
+
 }

 /* Identify the binary boundaries in the memory mapping */

 static void __compcov_load(void) {
-  
+
  __libc_strcmp = dlsym(RTLD_NEXT, "strcmp");
  __libc_strncmp = dlsym(RTLD_NEXT, "strncmp");
  __libc_strcasecmp = dlsym(RTLD_NEXT, "strcasecmp");
  __libc_strncasecmp = dlsym(RTLD_NEXT, "strncasecmp");
  __libc_memcmp = dlsym(RTLD_NEXT, "memcmp");

-  if (getenv("AFL_QEMU_COMPCOV")) {
-
-    __compcov_level = 1;
-  }
+  if (getenv("AFL_QEMU_COMPCOV")) { __compcov_level = 1; }
  if (getenv("AFL_COMPCOV_LEVEL")) {

    __compcov_level = atoi(getenv("AFL_COMPCOV_LEVEL"));
+
  }
-  
-  char *id_str = getenv(SHM_ENV_VAR);
-  int shm_id;
+
+  char* id_str = getenv(SHM_ENV_VAR);
+  int   shm_id;

  if (id_str) {

@ -114,61 +109,72 @@ static void __compcov_load(void) {
    __compcov_afl_map = shmat(shm_id, NULL, 0);

    if (__compcov_afl_map == (void*)-1) exit(1);
+
  } else {
-  
+
    __compcov_afl_map = calloc(1, MAP_SIZE);
+
  }

  if (getenv("AFL_INST_LIBS")) {
-  
+
    __compcov_code_start = (void*)0;
    __compcov_code_end = (void*)-1;
    return;
+
  }

  char* bin_name = getenv("AFL_COMPCOV_BINNAME");

  procmaps_iterator* maps = pmparser_parse(-1);
-  procmaps_struct* maps_tmp = NULL;
+  procmaps_struct*   maps_tmp = NULL;

  while ((maps_tmp = pmparser_next(maps)) != NULL) {
-  
+
    /* If AFL_COMPCOV_BINNAME is not set pick the first executable segment */
    if (!bin_name || strstr(maps_tmp->pathname, bin_name) != NULL) {
-    
+
      if (maps_tmp->is_x) {
-        if (!__compcov_code_start)
-            __compcov_code_start = maps_tmp->addr_start;
-        if (!__compcov_code_end)
-            __compcov_code_end = maps_tmp->addr_end;
+
+        if (!__compcov_code_start) __compcov_code_start = maps_tmp->addr_start;
+        if (!__compcov_code_end) __compcov_code_end = maps_tmp->addr_end;
+
      }
+
    }
-    
+
    if ((maps_tmp->is_w && !maps_tmp->is_r) || __compcov_ro_cnt == MAX_MAPPINGS)
      continue;
-    
+
    __compcov_ro[__compcov_ro_cnt].st = maps_tmp->addr_start;
    __compcov_ro[__compcov_ro_cnt].en = maps_tmp->addr_end;
+
  }

  pmparser_free(maps);
-}

+}

 static void __compcov_trace(u64 cur_loc, const u8* v0, const u8* v1, size_t n) {

  size_t i;
-  
+
  if (debug_fd != 1) {
+
    char debugbuf[4096];
-    snprintf(debugbuf, sizeof(debugbuf), "0x%llx %s %s %lu\n", cur_loc, v0 == NULL ? "(null)" : (char*)v0, v1 == NULL ? "(null)" : (char*)v1, n);
+    snprintf(debugbuf, sizeof(debugbuf), "0x%llx %s %s %lu\n", cur_loc,
+             v0 == NULL ? "(null)" : (char*)v0,
+             v1 == NULL ? "(null)" : (char*)v1, n);
    write(debug_fd, debugbuf, strlen(debugbuf));
+
  }
-  
+
  for (i = 0; i < n && v0[i] == v1[i]; ++i) {
-  
-    __compcov_afl_map[cur_loc +i]++;
+
+    __compcov_afl_map[cur_loc + i]++;
+
  }
+
 }

 /* Check an address against the list of read-only mappings. */
@ -176,8 +182,8 @@ static void __compcov_trace(u64 cur_loc, const u8* v0, const u8* v1, size_t n) {
 static u8 __compcov_is_in_bound(const void* ptr) {

  return ptr >= __compcov_code_start && ptr < __compcov_code_end;
-}

+}

 /* Replacements for strcmp(), memcmp(), and so on. Note that these will be used
   only if the target is compiled with -fno-builtins and linked dynamically. */
@ -187,127 +193,145 @@ static u8 __compcov_is_in_bound(const void* ptr) {
 int strcmp(const char* str1, const char* str2) {

  void* retaddr = __builtin_return_address(0);
-  
-  if (__compcov_is_in_bound(retaddr) && !(__compcov_level < 2 &&
-      !__compcov_is_ro(str1) && !__compcov_is_ro(str2))) {

-    size_t n = __strlen2(str1, str2, MAX_CMP_LENGTH +1);
-    
+  if (__compcov_is_in_bound(retaddr) &&
+      !(__compcov_level < 2 && !__compcov_is_ro(str1) &&
+        !__compcov_is_ro(str2))) {
+
+    size_t n = __strlen2(str1, str2, MAX_CMP_LENGTH + 1);
+
    if (n <= MAX_CMP_LENGTH) {
-    
+
      u64 cur_loc = (u64)retaddr;
-      cur_loc  = (cur_loc >> 4) ^ (cur_loc << 8);
+      cur_loc = (cur_loc >> 4) ^ (cur_loc << 8);
      cur_loc &= MAP_SIZE - 1;
-      
+
      __compcov_trace(cur_loc, str1, str2, n);
+
    }
+
  }

  return __libc_strcmp(str1, str2);
-}

+}

 #undef strncmp

 int strncmp(const char* str1, const char* str2, size_t len) {

  void* retaddr = __builtin_return_address(0);
-  
-  if (__compcov_is_in_bound(retaddr) && !(__compcov_level < 2 &&
-      !__compcov_is_ro(str1) && !__compcov_is_ro(str2))) {

-    size_t n = __strlen2(str1, str2, MAX_CMP_LENGTH +1);
+  if (__compcov_is_in_bound(retaddr) &&
+      !(__compcov_level < 2 && !__compcov_is_ro(str1) &&
+        !__compcov_is_ro(str2))) {
+
+    size_t n = __strlen2(str1, str2, MAX_CMP_LENGTH + 1);
    n = MIN(n, len);
-    
-    if (n <= MAX_CMP_LENGTH) {
-    
-      u64 cur_loc = (u64)retaddr;
-      cur_loc  = (cur_loc >> 4) ^ (cur_loc << 8);
-      cur_loc &= MAP_SIZE - 1;
-      
-      __compcov_trace(cur_loc, str1, str2, n);
-    }
-  }
-  
-  return __libc_strncmp(str1, str2, len);
-}

+    if (n <= MAX_CMP_LENGTH) {
+
+      u64 cur_loc = (u64)retaddr;
+      cur_loc = (cur_loc >> 4) ^ (cur_loc << 8);
+      cur_loc &= MAP_SIZE - 1;
+
+      __compcov_trace(cur_loc, str1, str2, n);
+
+    }
+
+  }
+
+  return __libc_strncmp(str1, str2, len);
+
+}

 #undef strcasecmp

 int strcasecmp(const char* str1, const char* str2) {

  void* retaddr = __builtin_return_address(0);
-  
-  if (__compcov_is_in_bound(retaddr) && !(__compcov_level < 2 &&
-      !__compcov_is_ro(str1) && !__compcov_is_ro(str2))) {
+
+  if (__compcov_is_in_bound(retaddr) &&
+      !(__compcov_level < 2 && !__compcov_is_ro(str1) &&
+        !__compcov_is_ro(str2))) {
+
    /* Fallback to strcmp, maybe improve in future */

-    size_t n = __strlen2(str1, str2, MAX_CMP_LENGTH +1);
-    
+    size_t n = __strlen2(str1, str2, MAX_CMP_LENGTH + 1);
+
    if (n <= MAX_CMP_LENGTH) {
-    
+
      u64 cur_loc = (u64)retaddr;
-      cur_loc  = (cur_loc >> 4) ^ (cur_loc << 8);
+      cur_loc = (cur_loc >> 4) ^ (cur_loc << 8);
      cur_loc &= MAP_SIZE - 1;
-      
+
      __compcov_trace(cur_loc, str1, str2, n);
+
    }
+
  }

  return __libc_strcasecmp(str1, str2);
-}

+}

 #undef strncasecmp

 int strncasecmp(const char* str1, const char* str2, size_t len) {

  void* retaddr = __builtin_return_address(0);
-  
-  if (__compcov_is_in_bound(retaddr) && !(__compcov_level < 2 &&
-      !__compcov_is_ro(str1) && !__compcov_is_ro(str2))) {
+
+  if (__compcov_is_in_bound(retaddr) &&
+      !(__compcov_level < 2 && !__compcov_is_ro(str1) &&
+        !__compcov_is_ro(str2))) {
+
    /* Fallback to strncmp, maybe improve in future */

-    size_t n = __strlen2(str1, str2, MAX_CMP_LENGTH +1);
+    size_t n = __strlen2(str1, str2, MAX_CMP_LENGTH + 1);
    n = MIN(n, len);
-    
+
    if (n <= MAX_CMP_LENGTH) {
-    
+
      u64 cur_loc = (u64)retaddr;
-      cur_loc  = (cur_loc >> 4) ^ (cur_loc << 8);
+      cur_loc = (cur_loc >> 4) ^ (cur_loc << 8);
      cur_loc &= MAP_SIZE - 1;
-      
+
      __compcov_trace(cur_loc, str1, str2, n);
+
    }
+
  }

  return __libc_strncasecmp(str1, str2, len);
-}

+}

 #undef memcmp

 int memcmp(const void* mem1, const void* mem2, size_t len) {

  void* retaddr = __builtin_return_address(0);
-  
-  if (__compcov_is_in_bound(retaddr) && !(__compcov_level < 2 &&
-      !__compcov_is_ro(mem1) && !__compcov_is_ro(mem2))) {
+
+  if (__compcov_is_in_bound(retaddr) &&
+      !(__compcov_level < 2 && !__compcov_is_ro(mem1) &&
+        !__compcov_is_ro(mem2))) {

    size_t n = len;
-    
+
    if (n <= MAX_CMP_LENGTH) {
-    
+
      u64 cur_loc = (u64)retaddr;
-      cur_loc  = (cur_loc >> 4) ^ (cur_loc << 8);
+      cur_loc = (cur_loc >> 4) ^ (cur_loc << 8);
      cur_loc &= MAP_SIZE - 1;
-      
+
      __compcov_trace(cur_loc, mem1, mem2, n);
+
    }
+
  }

  return __libc_memcmp(mem1, mem2, len);
+
 }

 /* Init code to open init the library. */
@ -315,9 +339,10 @@ int memcmp(const void* mem1, const void* mem2, size_t len) {
 __attribute__((constructor)) void __compcov_init(void) {

  if (getenv("AFL_QEMU_COMPCOV_DEBUG") != NULL)
-    debug_fd = open("compcov.debug", O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, 0644);
+    debug_fd =
+        open("compcov.debug", O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, 0644);

  __compcov_load();
+
 }

-