ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-16 03:48:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

nits

Browse Source
This commit is contained in:
vanhauser-thc
2023-03-31 11:02:27 +02:00
parent 2d0d1e267e
commit be96253f52
4 changed files with 18 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
instrumentation/SanitizerCoverageLTO.so.cc
View File

@ -431,6 +431,8 @@ bool ModuleSanitizerCoverageLTO::instrumentModule(
if ((afl_global_id = atoi(ptr)) < 0) if ((afl_global_id = atoi(ptr)) < 0)
FATAL("AFL_LLVM_LTO_STARTID value of \"%s\" is negative\n", ptr); FATAL("AFL_LLVM_LTO_STARTID value of \"%s\" is negative\n", ptr);
if (afl_global_id < 4) { afl_global_id = 4; }
if ((ptr = getenv("AFL_LLVM_DOCUMENT_IDS")) != NULL) { if ((ptr = getenv("AFL_LLVM_DOCUMENT_IDS")) != NULL) {
dFile.open(ptr, std::ofstream::out | std::ofstream::app); dFile.open(ptr, std::ofstream::out | std::ofstream::app);

11
instrumentation/afl-compiler-rt.o.c
View File

@ -1536,7 +1536,7 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) {
} }
if (start == stop || *start) return; if (start == stop || *start) { return; }
x = getenv("AFL_INST_RATIO"); x = getenv("AFL_INST_RATIO");
if (x) { if (x) {
@ -1563,12 +1563,13 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) {
"[-] FATAL: forkserver is already up, but an instrumented dlopen() " "[-] FATAL: forkserver is already up, but an instrumented dlopen() "
"library loaded afterwards. You must AFL_PRELOAD such libraries to " "library loaded afterwards. You must AFL_PRELOAD such libraries to "
"be able to fuzz them or LD_PRELOAD to run outside of afl-fuzz.\n" "be able to fuzz them or LD_PRELOAD to run outside of afl-fuzz.\n"
"To ignore this set AFL_IGNORE_PROBLEMS=1.\n"); "To ignore this set AFL_IGNORE_PROBLEMS=1 but this will be bad for "
"coverage.\n");
abort(); abort();
} else { } else {
static u32 offset = 4; static u32 offset = 5;
while (start < stop) { while (start < stop) {
@ -1582,7 +1583,7 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) {
} }
if (unlikely(++offset >= __afl_final_loc)) { offset = 4; } if (unlikely(++offset >= __afl_final_loc)) { offset = 5; }
} }
@ -1596,7 +1597,7 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) {
to avoid duplicate calls (which can happen as an artifact of the underlying to avoid duplicate calls (which can happen as an artifact of the underlying
implementation in LLVM). */ implementation in LLVM). */
if (__afl_final_loc < 3) __afl_final_loc = 3; // we skip the first 4 entries if (__afl_final_loc < 5) __afl_final_loc = 5; // we skip the first 5 entries
*(start++) = ++__afl_final_loc; *(start++) = ++__afl_final_loc;

10
src/afl-fuzz-bitmap.c
View File

@ -465,7 +465,8 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
u8 fn[PATH_MAX]; u8 fn[PATH_MAX];
u8 *queue_fn = ""; u8 *queue_fn = "";
u8 new_bits = 0, keeping = 0, res, classified = 0, is_timeout = 0; u8 new_bits = 0, keeping = 0, res, classified = 0, is_timeout = 0,
need_hash = 1;
s32 fd; s32 fd;
u64 cksum = 0; u64 cksum = 0;
@ -477,6 +478,7 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
classify_counts(&afl->fsrv); classify_counts(&afl->fsrv);
classified = 1; classified = 1;
need_hash = 0;
cksum = hash64(afl->fsrv.trace_bits, afl->fsrv.map_size, HASH_CONST); cksum = hash64(afl->fsrv.trace_bits, afl->fsrv.map_size, HASH_CONST);
@ -499,6 +501,8 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
new_bits = has_new_bits_unclassified(afl, afl->virgin_bits); new_bits = has_new_bits_unclassified(afl, afl->virgin_bits);
if (unlikely(new_bits)) { classified = 1; }
} }
if (likely(!new_bits)) { if (likely(!new_bits)) {
@ -565,12 +569,12 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
} }
if (unlikely(!classified && new_bits)) { if (unlikely(need_hash && new_bits)) {
/* due to classify counts we have to recalculate the checksum */ /* due to classify counts we have to recalculate the checksum */
afl->queue_top->exec_cksum = afl->queue_top->exec_cksum =
hash64(afl->fsrv.trace_bits, afl->fsrv.map_size, HASH_CONST); hash64(afl->fsrv.trace_bits, afl->fsrv.map_size, HASH_CONST);
classified = 1; need_hash = 0;
} }

6
src/afl-fuzz-one.c
View File

@ -2071,7 +2071,7 @@ havoc_stage:
afl->stage_short = "havoc"; afl->stage_short = "havoc";
afl->stage_max = ((doing_det ? HAVOC_CYCLES_INIT : HAVOC_CYCLES) * afl->stage_max = ((doing_det ? HAVOC_CYCLES_INIT : HAVOC_CYCLES) *
perf_score / afl->havoc_div) >> perf_score / afl->havoc_div) >>
7; 8;
} else { } else {
@ -2080,7 +2080,7 @@ havoc_stage:
snprintf(afl->stage_name_buf, STAGE_BUF_SIZE, "splice %u", splice_cycle); snprintf(afl->stage_name_buf, STAGE_BUF_SIZE, "splice %u", splice_cycle);
afl->stage_name = afl->stage_name_buf; afl->stage_name = afl->stage_name_buf;
afl->stage_short = "splice"; afl->stage_short = "splice";
afl->stage_max = (SPLICE_HAVOC * perf_score / afl->havoc_div) >> 7; afl->stage_max = (SPLICE_HAVOC * perf_score / afl->havoc_div) >> 8;
} }
@ -4640,7 +4640,7 @@ pacemaker_fuzzing:
MOpt_globals.splice_stageformat, splice_cycle); MOpt_globals.splice_stageformat, splice_cycle);
afl->stage_name = afl->stage_name_buf; afl->stage_name = afl->stage_name_buf;
afl->stage_short = MOpt_globals.splice_stagenameshort; afl->stage_short = MOpt_globals.splice_stagenameshort;
afl->stage_max = (SPLICE_HAVOC * perf_score / afl->havoc_div) >> 7; afl->stage_max = (SPLICE_HAVOC * perf_score / afl->havoc_div) >> 8;
} }