ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-18 20:48:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

LAF_... -> AFL_LLVM_LAF_...

Browse Source
This commit is contained in:
van Hauser
2019-07-03 12:05:58 +02:00
parent 771a9e9cd2
commit b57b2073ac
6 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/ChangeLog
View File

@ -30,6 +30,8 @@ Version ++2.52d (tbd):
- added a -s seed switch to allow afl run with a fixed initial - added a -s seed switch to allow afl run with a fixed initial
seed that is not updated. this is good for performance and path discovery seed that is not updated. this is good for performance and path discovery
tests as the random numbers are deterministic then tests as the random numbers are deterministic then
- llvm_mode LAF_... env variables can now be specified as AFL_LLVM_LAF_...
that is longer but in line with other llvm specific env vars
- ... your idea or patch? - ... your idea or patch?

6
docs/env_variables.txt
View File

@ -89,11 +89,11 @@ Then there are a few specific features that are only available in llvm_mode:
This great feature will split compares to series of single byte comparisons This great feature will split compares to series of single byte comparisons
to allow afl-fuzz to find otherwise rather impossible paths. to allow afl-fuzz to find otherwise rather impossible paths.
- Setting LAF_SPLIT_SWITCHES will split switch()es - Setting AFL_LLVM_LAF_SPLIT_SWITCHES will split switch()es
- Setting LAF_TRANSFORM_COMPARES will split string compare functions - Setting AFL_LLVM_LAF_TRANSFORM_COMPARES will split string compare functions
- Setting LAF_SPLIT_COMPARES will split > 8 bit CMP instructions - Setting AFL_LLVM_LAF_SPLIT_COMPARES will split > 8 bit CMP instructions
See llvm_mode/README.laf-intel for more information. See llvm_mode/README.laf-intel for more information.

2
llvm_mode/Makefile
View File

@ -110,7 +110,7 @@ endif
test_build: $(PROGS) test_build: $(PROGS)
@echo "[*] Testing the CC wrapper and instrumentation output..." @echo "[*] Testing the CC wrapper and instrumentation output..."
unset AFL_USE_ASAN AFL_USE_MSAN AFL_INST_RATIO; AFL_QUIET=1 AFL_PATH=. AFL_CC=$(CC) LAF_SPLIT_SWITCHES=1 LAF_TRANSFORM_COMPARES=1 LAF_SPLIT_COMPARES=1 ../afl-clang-fast $(CFLAGS) ../test-instr.c -o test-instr $(LDFLAGS) unset AFL_USE_ASAN AFL_USE_MSAN AFL_INST_RATIO; AFL_QUIET=1 AFL_PATH=. AFL_CC=$(CC) AFL_LLVM_LAF_SPLIT_SWITCHES=1 AFL_LLVM_LAF_TRANSFORM_COMPARES=1 AFL_LLVM_LAF_SPLIT_COMPARES=1 ../afl-clang-fast $(CFLAGS) ../test-instr.c -o test-instr $(LDFLAGS)
echo 0 | ../afl-showmap -m none -q -o .test-instr0 ./test-instr echo 0 | ../afl-showmap -m none -q -o .test-instr0 ./test-instr
echo 1 | ../afl-showmap -m none -q -o .test-instr1 ./test-instr echo 1 | ../afl-showmap -m none -q -o .test-instr1 ./test-instr
@rm -f test-instr @rm -f test-instr

8
llvm_mode/README.laf-intel
View File

@ -8,13 +8,13 @@ compile the target project.
The following options exist: The following options exist:
export LAF_SPLIT_SWITCHES=1 Enables the split-switches pass. export AFL_LLVM_LAF_SPLIT_SWITCHES=1 Enables the split-switches pass.
export LAF_TRANSFORM_COMPARES=1 Enables the transform-compares pass export AFL_LLVM_LAF_TRANSFORM_COMPARES=1 Enables the transform-compares pass
(strcmp, memcmp, strncmp, strcasecmp, strncasecmp). (strcmp, memcmp, strncmp, strcasecmp, strncasecmp).
export LAF_SPLIT_COMPARES=1 Enables the split-compares pass. export AFL_LLVM_LAF_SPLIT_COMPARES=1 Enables the split-compares pass.
By default it will split all compares with a bit width <= 64 bits. By default it will split all compares with a bit width <= 64 bits.
You can change this behaviour by setting You can change this behaviour by setting
export LAF_SPLIT_COMPARES_BITW=<bit_width>. export AFL_LLVM_LAF_SPLIT_COMPARES_BITW=<bit_width>.

6
llvm_mode/afl-clang-fast.c
View File

@ -120,21 +120,21 @@ static void edit_params(u32 argc, char** argv) {
http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards */ http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards */
// laf // laf
if (getenv("LAF_SPLIT_SWITCHES")) { if (getenv("LAF_SPLIT_SWITCHES")||getenv("AFL_LLVM_LAF_SPLIT_SWITCHES")) {
cc_params[cc_par_cnt++] = "-Xclang"; cc_params[cc_par_cnt++] = "-Xclang";
cc_params[cc_par_cnt++] = "-load"; cc_params[cc_par_cnt++] = "-load";
cc_params[cc_par_cnt++] = "-Xclang"; cc_params[cc_par_cnt++] = "-Xclang";
cc_params[cc_par_cnt++] = alloc_printf("%s/split-switches-pass.so", obj_path); cc_params[cc_par_cnt++] = alloc_printf("%s/split-switches-pass.so", obj_path);
} }
if (getenv("LAF_TRANSFORM_COMPARES")) { if (getenv("LAF_TRANSFORM_COMPARES")||getenv("AFL_LLVM_LAF_TRANSFORM_COMPARES")) {
cc_params[cc_par_cnt++] = "-Xclang"; cc_params[cc_par_cnt++] = "-Xclang";
cc_params[cc_par_cnt++] = "-load"; cc_params[cc_par_cnt++] = "-load";
cc_params[cc_par_cnt++] = "-Xclang"; cc_params[cc_par_cnt++] = "-Xclang";
cc_params[cc_par_cnt++] = alloc_printf("%s/compare-transform-pass.so", obj_path); cc_params[cc_par_cnt++] = alloc_printf("%s/compare-transform-pass.so", obj_path);
} }
if (getenv("LAF_SPLIT_COMPARES")) { if (getenv("LAF_SPLIT_COMPARES")||getenv("AFL_LLVM_LAF_SPLIT_COMPARES")) {
cc_params[cc_par_cnt++] = "-Xclang"; cc_params[cc_par_cnt++] = "-Xclang";
cc_params[cc_par_cnt++] = "-load"; cc_params[cc_par_cnt++] = "-load";
cc_params[cc_par_cnt++] = "-Xclang"; cc_params[cc_par_cnt++] = "-Xclang";

2
llvm_mode/split-compares-pass.so.cc
View File

@ -477,6 +477,8 @@ bool SplitComparesTransform::runOnModule(Module &M) {
int bitw = 64; int bitw = 64;
char* bitw_env = getenv("LAF_SPLIT_COMPARES_BITW"); char* bitw_env = getenv("LAF_SPLIT_COMPARES_BITW");
if (!bitw_env)
bitw_env = getenv("AFL_LLVM_LAF_SPLIT_COMPARES_BITW");
if (bitw_env) { if (bitw_env) {
bitw = atoi(bitw_env); bitw = atoi(bitw_env);
} }