ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-08 08:11:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

done implementing AFL_MAP_SIZE

Browse Source
This commit is contained in:
van Hauser 2020-04-17 10:08:56 +02:00
parent 5b70d23211
commit ef311ec70c
5 changed files with 41 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/env_variables.md
View File

@ -243,6 +243,11 @@ checks or alter some of the more exotic semantics of the tool:
normally indicated by the cycle counter in the UI turning green. May be normally indicated by the cycle counter in the UI turning green. May be
convenient for some types of automated jobs. convenient for some types of automated jobs.
- AFL_MAP_SIZE sets the size of the shared map that afl-fuzz, afl-showmap,
afl-tmin and afl-analyze create to gather instrumentation data from
the target. This must be equal or larger than the size the target was
compiled with.
- Setting AFL_NO_AFFINITY disables attempts to bind to a specific CPU core - Setting AFL_NO_AFFINITY disables attempts to bind to a specific CPU core
on Linux systems. This slows things down, but lets you run more instances on Linux systems. This slows things down, but lets you run more instances
of afl-fuzz than would be prudent (if you really want to). of afl-fuzz than would be prudent (if you really want to).

10
gcc_plugin/afl-gcc-fast.c
View File

@ -364,6 +364,16 @@ int main(int argc, char **argv, char **envp) {
be_quiet = 1; be_quiet = 1;
u8 *ptr;
if (!be_quiet &&
((ptr = getenv("AFL_MAP_SIZE")) || (ptr = getenv("AFL_MAPSIZE")))) {
u32 map_size = atoi(ptr);
if (map_size != MAP_SIZE)
FATAL("AFL_MAP_SIZE is not supported by afl-gcc-fast");
}
check_environment_vars(envp); check_environment_vars(envp);
find_obj(argv[0]); find_obj(argv[0]);

10
llvm_mode/afl-clang-fast.c
View File

@ -796,6 +796,16 @@ int main(int argc, char **argv, char **envp) {
} }
u8 *ptr2;
if (!be_quiet && instrument_mode != INSTRUMENT_LTO &&
((ptr2 = getenv("AFL_MAP_SIZE")) || (ptr2 = getenv("AFL_MAPSIZE")))) {
u32 map_size = atoi(ptr2);
if (map_size != MAP_SIZE)
FATAL("AFL_MAP_SIZE is not supported by afl-clang-fast");
}
if (debug) { if (debug) {
SAYF(cMGN "[D]" cRST " cd \"%s\";", getthecwd()); SAYF(cMGN "[D]" cRST " cd \"%s\";", getthecwd());

18
llvm_mode/afl-llvm-lto-instrumentation.so.cc
View File

@ -608,20 +608,22 @@ bool AFLLTOPass::runOnModule(Module &M) {
} }
}
// save highest location ID to global variable // save highest location ID to global variable
// do this after each function to fail faster // do this after each function to fail faster
if (afl_global_id > MAP_SIZE) { if (!be_quiet && afl_global_id > MAP_SIZE) {
uint32_t pow2map = 1, map = afl_global_id; uint32_t pow2map = 1, map = afl_global_id;
while ((map = map >> 1)) while ((map = map >> 1))
pow2map++; pow2map++;
FATAL( WARNF(
"We have %u blocks to instrument but the map size is only %u! Edit " "We have %u blocks to instrument but the map size is only %u. Either "
"config.h and set MAP_SIZE_POW2 from %u to %u, then recompile " "edit config.h and set MAP_SIZE_POW2 from %u to %u, then recompile "
"afl-fuzz and llvm_mode.", "afl-fuzz and llvm_mode and then make this target - or set "
afl_global_id, MAP_SIZE, MAP_SIZE_POW2, pow2map); "AFL_MAP_SIZE with at least size %u when running afl-fuzz with this "
"target.",
} afl_global_id, MAP_SIZE, MAP_SIZE_POW2, pow2map, afl_global_id);
} }

3
src/afl-gcc.c
View File

@ -412,7 +412,8 @@ int main(int argc, char **argv) {
} }
u8 *ptr; u8 *ptr;
if ((ptr = getenv("AFL_MAP_SIZE")) || (ptr = getenv("AFL_MAPSIZE"))) { if (!be_quiet &&
((ptr = getenv("AFL_MAP_SIZE")) || (ptr = getenv("AFL_MAPSIZE")))) {
u32 map_size = atoi(ptr); u32 map_size = atoi(ptr);
if (map_size != MAP_SIZE) FATAL("AFL_MAP_SIZE is not supported by afl-gcc"); if (map_size != MAP_SIZE) FATAL("AFL_MAP_SIZE is not supported by afl-gcc");