ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-16 20:08:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

ensure all fuzz targets are killed on exit

Browse Source
This commit is contained in:
vanhauser-thc
2022-01-25 14:51:02 +01:00
parent 0fd6315dfb
commit d9ed784298
2 changed files with 47 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
src/afl-fuzz.c
View File

@ -46,15 +46,31 @@ extern u64 time_spent_working;
static void at_exit() {
s32 i, pid1 = 0, pid2 = 0;
s32 i, pid1 = 0, pid2 = 0, pgrp = -1;
char *list[4] = {SHM_ENV_VAR, SHM_FUZZ_ENV_VAR, CMPLOG_SHM_ENV_VAR, NULL};
char *ptr;
ptr = getenv("__AFL_TARGET_PID2");
if (ptr && *ptr && (pid2 = atoi(ptr)) > 0) kill(pid2, SIGTERM);
if (ptr && *ptr && (pid2 = atoi(ptr)) > 0) {
#if defined(__linux__)
pgrp = getpgid(pid2);
#endif
if (pgrp > 0) { killpg(pgrp, SIGTERM); }
kill(pid2, SIGTERM);
}
ptr = getenv("__AFL_TARGET_PID1");
if (ptr && *ptr && (pid1 = atoi(ptr)) > 0) kill(pid1, SIGTERM);
if (ptr && *ptr && (pid1 = atoi(ptr)) > 0) {
#if defined(__linux__)
pgrp = getpgid(pid1);
#endif
if (pgrp > 0) { killpg(pgrp, SIGTERM); }
kill(pid1, SIGTERM);
}
ptr = getenv(CPU_AFFINITY_ENV_VAR);
if (ptr && *ptr) unlink(ptr);
@ -85,8 +101,25 @@ static void at_exit() {
/* AFL_KILL_SIGNAL should already be a valid int at this point */
if ((ptr = getenv("AFL_KILL_SIGNAL"))) { kill_signal = atoi(ptr); }
if (pid1 > 0) { kill(pid1, kill_signal); }
if (pid2 > 0) { kill(pid2, kill_signal); }
if (pid1 > 0) {
#if defined(__linux__)
pgrp = getpgid(pid1);
#endif
if (pgrp > 0) { killpg(pgrp, kill_signal); }
kill(pid1, kill_signal);
}
if (pid2 > 0) {
#if defined(__linux__)
pgrp = getpgid(pid1);
#endif
if (pgrp > 0) { killpg(pgrp, kill_signal); }
kill(pid2, kill_signal);
}
}
@ -121,8 +154,7 @@ static void usage(u8 *argv0, int more_help) {
#if defined(__linux__)
" -Q - use binary-only instrumentation (QEMU mode)\n"
" -U - use unicorn-based instrumentation (Unicorn mode)\n"
" -W - use qemu-based instrumentation with Wine (Wine "
"mode)\n"
" -W - use qemu-based instrumentation with Wine (Wine mode)\n"
#endif
#if defined(__linux__)
" -X - use VM fuzzing (NYX mode - standalone mode)\n"
@ -173,8 +205,8 @@ static void usage(u8 *argv0, int more_help) {
" -T text - text banner to show on the screen\n"
" -I command - execute this command/script when a new crash is "
"found\n"
//" -B bitmap.txt - mutate a specific test case, use the out/fuzz_bitmap
//" "file\n"
//" -B bitmap.txt - mutate a specific test case, use the
//out/default/fuzz_bitmap file\n"
" -C - crash exploration mode (the peruvian rabbit thing)\n"
" -b cpu_id - bind the fuzzing process to the specified CPU core "
"(0-...)\n"
@ -744,6 +776,7 @@ int main(int argc, char **argv_orig, char **envp) {
case 'f': /* target file */
if (afl->fsrv.out_file) { FATAL("Multiple -f options not supported"); }
afl->fsrv.out_file = ck_strdup(optarg);
afl->fsrv.use_stdin = 0;
break;
@ -923,6 +956,7 @@ int main(int argc, char **argv_orig, char **envp) {
case 'Y': /* NYX distributed mode */
if (afl->fsrv.nyx_mode) { FATAL("Multiple -Y options not supported"); }
afl->fsrv.nyx_mode = 1;
break;
@ -966,6 +1000,7 @@ int main(int argc, char **argv_orig, char **envp) {
case 'Q': /* QEMU mode */
if (afl->fsrv.qemu_mode) { FATAL("Multiple -Q options not supported"); }
afl->fsrv.qemu_mode = 1;
if (!mem_limit_given) { afl->fsrv.mem_limit = MEM_LIMIT_QEMU; }
@ -1076,6 +1111,7 @@ int main(int argc, char **argv_orig, char **envp) {
case 'L': { /* MOpt mode */
if (afl->limit_time_sig) { FATAL("Multiple -L options not supported"); }
afl->havoc_max_mult = HAVOC_MAX_MULT_MOPT;
if (sscanf(optarg, "%d", &afl->limit_time_puppet) < 1) {
@ -1276,8 +1312,7 @@ int main(int argc, char **argv_orig, char **envp) {
if (afl->fsrv.nyx_mode) {
OKF("afl++ Nyx mode is enabled (developed and mainted by Sergej Schumilo)");
OKF("Nyx is open source, get it at "
"https://github.com/Nyx-Fuzz");
OKF("Nyx is open source, get it at https://github.com/Nyx-Fuzz");
}