ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-11 17:51:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add env var to ignore coverage from dynamically loaded code after forkserver.

Browse Source 
When using TRACEPC instrumentation, loading code dynamically (e.g.
through dlopen()) it can be useful to completely ignore the loaded code,
esp. when it cannot be preloaded and is not the target to be tested.
This patch allows setting AFL_LLVM_IGNORE_PROBLEMS_COVERAGE=1 to do so.
This commit is contained in:
Christian Holler (:decoder)
2023-04-25 16:03:21 +02:00
parent dbb3171624
commit f94a7e8890
1 changed files with 13 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
instrumentation/afl-compiler-rt.o.c
View File

@ -1563,17 +1563,27 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) {
"[-] FATAL: forkserver is already up, but an instrumented dlopen() "
"library loaded afterwards. You must AFL_PRELOAD such libraries to "
"be able to fuzz them or LD_PRELOAD to run outside of afl-fuzz.\n"
"To ignore this set AFL_IGNORE_PROBLEMS=1 but this will be bad for "
"coverage.\n");
"To ignore this set AFL_IGNORE_PROBLEMS=1 but this will lead to "
"ambiguous coverage data.\n"
"In addition, you can set AFL_LLVM_IGNORE_PROBLEMS_COVERAGE=1 to "
"ignore the additional coverage instead (use with caution!).\n");
abort();
} else {
u8 ignore_dso_after_fs = !!getenv("AFL_LLVM_IGNORE_PROBLEMS_COVERAGE");
if (__afl_debug && ignore_dso_after_fs) {
fprintf(stderr, "Ignoring coverage from dynamically loaded code\n");
}
static u32 offset = 5;
while (start < stop) {
if (likely(inst_ratio == 100) || R(100) < inst_ratio) {
if (!ignore_dso_after_fs &&
(likely(inst_ratio == 100) || R(100) < inst_ratio)) {
*(start++) = offset;