ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-18 20:48:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

LAF_... -> AFL_LLVM_LAF_...

Browse Source
This commit is contained in:
van Hauser
2019-07-03 12:05:58 +02:00
parent 771a9e9cd2
commit b57b2073ac
6 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/ChangeLog
View File

@ -30,6 +30,8 @@ Version ++2.52d (tbd):
- added a -s seed switch to allow afl run with a fixed initial
seed that is not updated. this is good for performance and path discovery
tests as the random numbers are deterministic then
- llvm_mode LAF_... env variables can now be specified as AFL_LLVM_LAF_...
that is longer but in line with other llvm specific env vars
- ... your idea or patch?

6
docs/env_variables.txt
View File

@ -89,11 +89,11 @@ Then there are a few specific features that are only available in llvm_mode:
This great feature will split compares to series of single byte comparisons
to allow afl-fuzz to find otherwise rather impossible paths.
- Setting LAF_SPLIT_SWITCHES will split switch()es
- Setting AFL_LLVM_LAF_SPLIT_SWITCHES will split switch()es
- Setting LAF_TRANSFORM_COMPARES will split string compare functions
- Setting AFL_LLVM_LAF_TRANSFORM_COMPARES will split string compare functions
- Setting LAF_SPLIT_COMPARES will split > 8 bit CMP instructions
- Setting AFL_LLVM_LAF_SPLIT_COMPARES will split > 8 bit CMP instructions
See llvm_mode/README.laf-intel for more information.

2
llvm_mode/Makefile
View File

@ -110,7 +110,7 @@ endif
test_build: $(PROGS)
@echo "[*] Testing the CC wrapper and instrumentation output..."
unset AFL_USE_ASAN AFL_USE_MSAN AFL_INST_RATIO; AFL_QUIET=1 AFL_PATH=. AFL_CC=$(CC) LAF_SPLIT_SWITCHES=1 LAF_TRANSFORM_COMPARES=1 LAF_SPLIT_COMPARES=1 ../afl-clang-fast $(CFLAGS) ../test-instr.c -o test-instr $(LDFLAGS)
unset AFL_USE_ASAN AFL_USE_MSAN AFL_INST_RATIO; AFL_QUIET=1 AFL_PATH=. AFL_CC=$(CC) AFL_LLVM_LAF_SPLIT_SWITCHES=1 AFL_LLVM_LAF_TRANSFORM_COMPARES=1 AFL_LLVM_LAF_SPLIT_COMPARES=1 ../afl-clang-fast $(CFLAGS) ../test-instr.c -o test-instr $(LDFLAGS)
echo 0 | ../afl-showmap -m none -q -o .test-instr0 ./test-instr
echo 1 | ../afl-showmap -m none -q -o .test-instr1 ./test-instr
@rm -f test-instr

8
llvm_mode/README.laf-intel
View File

@ -8,13 +8,13 @@ compile the target project.
The following options exist:
export LAF_SPLIT_SWITCHES=1 Enables the split-switches pass.
export AFL_LLVM_LAF_SPLIT_SWITCHES=1 Enables the split-switches pass.
export LAF_TRANSFORM_COMPARES=1 Enables the transform-compares pass
export AFL_LLVM_LAF_TRANSFORM_COMPARES=1 Enables the transform-compares pass
(strcmp, memcmp, strncmp, strcasecmp, strncasecmp).
export LAF_SPLIT_COMPARES=1 Enables the split-compares pass.
export AFL_LLVM_LAF_SPLIT_COMPARES=1 Enables the split-compares pass.
By default it will split all compares with a bit width <= 64 bits.
You can change this behaviour by setting
export LAF_SPLIT_COMPARES_BITW=<bit_width>.
export AFL_LLVM_LAF_SPLIT_COMPARES_BITW=<bit_width>.

6
llvm_mode/afl-clang-fast.c
View File

@ -120,21 +120,21 @@ static void edit_params(u32 argc, char** argv) {
http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards */
// laf
if (getenv("LAF_SPLIT_SWITCHES")) {
if (getenv("LAF_SPLIT_SWITCHES")||getenv("AFL_LLVM_LAF_SPLIT_SWITCHES")) {
cc_params[cc_par_cnt++] = "-Xclang";
cc_params[cc_par_cnt++] = "-load";
cc_params[cc_par_cnt++] = "-Xclang";
cc_params[cc_par_cnt++] = alloc_printf("%s/split-switches-pass.so", obj_path);
}
if (getenv("LAF_TRANSFORM_COMPARES")) {
if (getenv("LAF_TRANSFORM_COMPARES")||getenv("AFL_LLVM_LAF_TRANSFORM_COMPARES")) {
cc_params[cc_par_cnt++] = "-Xclang";
cc_params[cc_par_cnt++] = "-load";
cc_params[cc_par_cnt++] = "-Xclang";
cc_params[cc_par_cnt++] = alloc_printf("%s/compare-transform-pass.so", obj_path);
}
if (getenv("LAF_SPLIT_COMPARES")) {
if (getenv("LAF_SPLIT_COMPARES")||getenv("AFL_LLVM_LAF_SPLIT_COMPARES")) {
cc_params[cc_par_cnt++] = "-Xclang";
cc_params[cc_par_cnt++] = "-load";
cc_params[cc_par_cnt++] = "-Xclang";

2
llvm_mode/split-compares-pass.so.cc
View File

@ -477,6 +477,8 @@ bool SplitComparesTransform::runOnModule(Module &M) {
int bitw = 64;
char* bitw_env = getenv("LAF_SPLIT_COMPARES_BITW");
if (!bitw_env)
bitw_env = getenv("AFL_LLVM_LAF_SPLIT_COMPARES_BITW");
if (bitw_env) {
bitw = atoi(bitw_env);
}