code format

2025-06-14 02:58:08 +00:00 · 2020-03-27 23:30:15 +01:00
parent 3d6c58df53
commit e71c2937de
10 changed files with 66 additions and 55 deletions
--- a/examples/custom_mutators/example.c
+++ b/examples/custom_mutators/example.c
@ -149,6 +149,7 @@ size_t afl_custom_pre_save(my_mutator_t *data, uint8_t *buf, size_t buf_size,
    data->pre_save_size = buf_size + 5;

  }
+
  *out_buf = data->pre_save_buf;

  memcpy(*out_buf + 5, buf, buf_size);
--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@ -583,27 +583,26 @@ typedef struct afl_state {
  u8 clean_trace_custom[MAP_SIZE];
  u8 first_trace[MAP_SIZE];

-/*needed for afl_fuzz_one */
-// TODO: see which we can reuse
-  u8 *out_buf;
+  /*needed for afl_fuzz_one */
+  // TODO: see which we can reuse
+  u8 *   out_buf;
  size_t out_size;

-  u8 *out_scratch_buf;
+  u8 *   out_scratch_buf;
  size_t out_scratch_size;

-  u8 *eff_buf;
+  u8 *   eff_buf;
  size_t eff_size;

-  u8 *in_buf;
+  u8 *   in_buf;
  size_t in_size;

-  u8 *in_scratch_buf;
+  u8 *   in_scratch_buf;
  size_t in_scratch_size;

-  u8 *ex_buf;
+  u8 *   ex_buf;
  size_t ex_size;

-
 } afl_state_t;

 /* A global pointer to all instances is needed (for now) for signals to arrive
--- a/include/alloc-inl.h
+++ b/include/alloc-inl.h
@ -774,7 +774,8 @@ static inline void TRK_ck_free(void *ptr, const char *file, const char *func,
 Will FATAL if size_needed is <1 or *size is negative.
 @return For convenience, this function returns *buf.
 */
-static inline void *ck_maybe_grow(void **buf, size_t *size, size_t size_needed) {
+static inline void *ck_maybe_grow(void **buf, size_t *size,
+                                  size_t size_needed) {

  /* Oops. found a bug? */
  if (unlikely(size_needed < 1)) FATAL("cannot grow to non-positive size");
@ -785,21 +786,27 @@ static inline void *ck_maybe_grow(void **buf, size_t *size, size_t size_needed)
  /* No inital size was set */
  if (*size == 0) *size = INITIAL_GROWTH_SIZE;
  while (*size < size_needed) {
+
    *size *= 2;
+
  }
+
  *buf = ck_realloc(*buf, *size);
  return *buf;

 }

 /* Swaps buf1 ptr and buf2 ptr, as well as their sizes */
-static inline void swap_bufs(void **buf1, size_t *size1, void **buf2, size_t *size2) {
-  void *scratch_buf = *buf1;
+static inline void swap_bufs(void **buf1, size_t *size1, void **buf2,
+                             size_t *size2) {
+
+  void * scratch_buf = *buf1;
  size_t scratch_size = *size1;
  *buf1 = *buf2;
  *size1 = *size2;
  *buf2 = scratch_buf;
  *size2 = scratch_size;
+
 }

 #undef INITIAL_GROWTH_SIZE
--- a/llvm_mode/afl-clang-fast.c
+++ b/llvm_mode/afl-clang-fast.c
@ -401,11 +401,11 @@ static void edit_params(u32 argc, char **argv, char **envp) {

      uint32_t i = 0, found = 0;
      while (envp[i] != NULL && !found)
-        if (strncmp("-flto", envp[i++], 5) == 0)
-          found = 1;
+        if (strncmp("-flto", envp[i++], 5) == 0) found = 1;
      if (!found) cc_params[cc_par_cnt++] = "-flto";

    }
+
    cc_params[cc_par_cnt++] = "-fsanitize=cfi";
    cc_params[cc_par_cnt++] = "-fvisibility=hidden";

--- a/llvm_mode/afl-llvm-pass.so.cc
+++ b/llvm_mode/afl-llvm-pass.so.cc
@ -132,8 +132,11 @@ class AFLCoverage : public ModulePass {
 char AFLCoverage::ID = 0;

 /* needed up to 3.9.0 */
-#if LLVM_VERSION_MAJOR == 3 && (LLVM_VERSION_MINOR < 9 || (LLVM_VERSION_MINOR == 9 && LLVM_VERSION_PATCH < 1))
+#if LLVM_VERSION_MAJOR == 3 && \
+    (LLVM_VERSION_MINOR < 9 || \
+     (LLVM_VERSION_MINOR == 9 && LLVM_VERSION_PATCH < 1))
 uint64_t PowerOf2Ceil(unsigned in) {
+
  uint64_t in64 = in - 1;
  in64 |= (in64 >> 1);
  in64 |= (in64 >> 2);
@ -142,7 +145,9 @@ uint64_t PowerOf2Ceil(unsigned in) {
  in64 |= (in64 >> 16);
  in64 |= (in64 >> 32);
  return in64 + 1;
+
 }
+
 #endif

 bool AFLCoverage::runOnModule(Module &M) {
--- a/src/afl-fuzz-bitmap.c
+++ b/src/afl-fuzz-bitmap.c
@ -558,12 +558,13 @@ u8 save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {

 #ifndef SIMPLE_FILES

-    queue_fn = alloc_printf("%s/queue/id:%06u,%s", afl->out_dir, afl->queued_paths,
-                      describe_op(afl, hnb));
+    queue_fn = alloc_printf("%s/queue/id:%06u,%s", afl->out_dir,
+                            afl->queued_paths, describe_op(afl, hnb));

 #else

-    queue_fn = alloc_printf("%s/queue/id_%06u", afl->out_dir, afl->queued_paths);
+    queue_fn =
+        alloc_printf("%s/queue/id_%06u", afl->out_dir, afl->queued_paths);

 #endif                                                    /* ^!SIMPLE_FILES */

@ -649,7 +650,8 @@ u8 save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {

 #else

-      snprintf(fn, PATH_MAX, "%s/hangs/id_%06llu", afl->out_dir, afl->unique_hangs);
+      snprintf(fn, PATH_MAX, "%s/hangs/id_%06llu", afl->out_dir,
+               afl->unique_hangs);

 #endif                                                    /* ^!SIMPLE_FILES */

@ -687,11 +689,13 @@ u8 save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {

 #ifndef SIMPLE_FILES

-      snprintf(fn, PATH_MAX, "%s/crashes/id:%06llu,sig:%02u,%s", afl->out_dir, afl->unique_crashes, afl->kill_signal, describe_op(afl, 0));
+      snprintf(fn, PATH_MAX, "%s/crashes/id:%06llu,sig:%02u,%s", afl->out_dir,
+               afl->unique_crashes, afl->kill_signal, describe_op(afl, 0));

 #else

-      snprintf(fn, PATH_MAX, "%s/crashes/id_%06llu_%02u", afl->out_dir, afl->unique_crashes, afl->kill_signal);
+      snprintf(fn, PATH_MAX, "%s/crashes/id_%06llu_%02u", afl->out_dir,
+               afl->unique_crashes, afl->kill_signal);

 #endif                                                    /* ^!SIMPLE_FILES */

--- a/src/afl-fuzz-init.c
+++ b/src/afl-fuzz-init.c
@ -85,11 +85,7 @@ void bind_to_free_cpu(afl_state_t *afl) {

    snprintf(fn, PATH_MAX, "/proc/%s/status", de->d_name);

-    if (!(f = fopen(fn, "r"))) {
-
-      continue;
-
-    }
+    if (!(f = fopen(fn, "r"))) { continue; }

    while (fgets(tmp, MAX_LINE, f)) {

@ -368,7 +364,8 @@ void read_testcases(afl_state_t *afl) {
    struct stat st;

    u8 dfn[PATH_MAX];
-    snprintf(dfn, PATH_MAX, "%s/.state/deterministic_done/%s", afl->in_dir, nl[i]->d_name);
+    snprintf(dfn, PATH_MAX, "%s/.state/deterministic_done/%s", afl->in_dir,
+             nl[i]->d_name);
    u8 *fn2 = alloc_printf("%s/%s", afl->in_dir, nl[i]->d_name);

    u8 passed_det = 0;
--- a/src/afl-fuzz-one.c
+++ b/src/afl-fuzz-one.c
@ -1957,7 +1957,9 @@ havoc_stage:

            clone_to = rand_below(afl, temp_len);

-            new_buf = ck_maybe_grow((void **)&afl->out_scratch_buf, &afl->out_scratch_size, temp_len + clone_len);
+            new_buf =
+                ck_maybe_grow((void **)&afl->out_scratch_buf,
+                              &afl->out_scratch_size, temp_len + clone_len);

            /* Head */

@ -1977,8 +1979,8 @@ havoc_stage:
            memcpy(new_buf + clone_to + clone_len, out_buf + clone_to,
                   temp_len - clone_to);

-
-            swap_bufs((void **)&afl->out_buf, &afl->out_size, (void **)&afl->out_scratch_buf, &afl->out_scratch_size);
+            swap_bufs((void **)&afl->out_buf, &afl->out_size,
+                      (void **)&afl->out_scratch_buf, &afl->out_scratch_size);
            out_buf = new_buf;
            temp_len += clone_len;

@ -2072,7 +2074,8 @@ havoc_stage:

            if (temp_len + extra_len >= MAX_FILE) break;

-            new_buf = ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + extra_len);
+            new_buf =
+                ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + extra_len);

            /* Head */
            memcpy(new_buf, out_buf, insert_at);
@ -2088,7 +2091,8 @@ havoc_stage:

            if (temp_len + extra_len >= MAX_FILE) break;

-            new_buf = ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + extra_len);
+            new_buf =
+                ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + extra_len);

            /* Head */
            memcpy(new_buf, out_buf, insert_at);
@ -2236,11 +2240,7 @@ retry_splicing:

    locate_diffs(in_buf, new_buf, MIN(len, target->len), &f_diff, &l_diff);

-    if (f_diff < 0 || l_diff < 2 || f_diff == l_diff) {
-
-      goto retry_splicing;
-
-    }
+    if (f_diff < 0 || l_diff < 2 || f_diff == l_diff) { goto retry_splicing; }

    /* Split somewhere between the first and last differing byte. */

@ -2308,11 +2308,7 @@ radamsa_stage:

    }

-    if (common_fuzz_stuff(afl, tmp_buf, temp_len)) {
-
-      goto abandon_entry;
-
-    }
+    if (common_fuzz_stuff(afl, tmp_buf, temp_len)) { goto abandon_entry; }

  }

@ -3885,7 +3881,8 @@ pacemaker_fuzzing:

                clone_to = rand_below(afl, temp_len);

-                new_buf = ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + clone_len);
+                new_buf = ck_maybe_grow(BUF_PARAMS(out_scratch),
+                                        temp_len + clone_len);

                /* Head */

@ -4399,7 +4396,6 @@ u8 fuzz_one(afl_state_t *afl) {

  return key_val_lv;

-
 #undef BUF_PARAMS

 }
--- a/src/afl-fuzz-queue.c
+++ b/src/afl-fuzz-queue.c
@ -33,7 +33,8 @@ void mark_as_det_done(afl_state_t *afl, struct queue_entry *q) {
  u8  fn[PATH_MAX];
  s32 fd;

-  snprintf(fn, PATH_MAX, "%s/queue/.state/deterministic_done/%s", afl->out_dir, strrchr(q->fname, '/') + 1);
+  snprintf(fn, PATH_MAX, "%s/queue/.state/deterministic_done/%s", afl->out_dir,
+           strrchr(q->fname, '/') + 1);

  fd = open(fn, O_WRONLY | O_CREAT | O_EXCL, 0600);
  if (fd < 0) PFATAL("Unable to create '%s'", fn);
@ -79,7 +80,8 @@ void mark_as_redundant(afl_state_t *afl, struct queue_entry *q, u8 state) {

  q->fs_redundant = state;

-  sprintf(fn, "%s/queue/.state/redundant_edges/%s", afl->out_dir, strrchr(q->fname, '/') + 1);
+  sprintf(fn, "%s/queue/.state/redundant_edges/%s", afl->out_dir,
+          strrchr(q->fname, '/') + 1);

  if (state) {