forgot cleanup

2025-06-14 02:58:08 +00:00 · 2020-02-19 10:52:44 +01:00
parent 69898722cb
commit f9d7ad8e43
10 changed files with 65 additions and 51 deletions
--- a/include/alloc-inl.h
+++ b/include/alloc-inl.h
@ -141,8 +141,7 @@ static inline void* DFL_ck_realloc(void* orig, u32 size) {

 static inline void* DFL_ck_realloc_block(void* orig, u32 size) {

-  if (orig)
-    size += ALLOC_BLK_INC;
+  if (orig) size += ALLOC_BLK_INC;

  return DFL_ck_realloc(orig, size);

--- a/llvm_mode/afl-clang-fast.c
+++ b/llvm_mode/afl-clang-fast.c
@ -498,7 +498,9 @@ int main(int argc, char** argv, char** envp) {

    exit(1);

-  } else if ((isatty(2) && !getenv("AFL_QUIET")) || getenv("AFL_DEBUG") != NULL) {
+  } else if ((isatty(2) && !getenv("AFL_QUIET")) ||
+
+             getenv("AFL_DEBUG") != NULL) {

 #ifdef USE_TRACE_PC
    SAYF(cCYA "afl-clang-fast" VERSION cRST
--- a/llvm_mode/afl-llvm-pass.so.cc
+++ b/llvm_mode/afl-llvm-pass.so.cc
@ -145,8 +145,6 @@ bool AFLCoverage::runOnModule(Module &M) {

  char be_quiet = 0;

-printf("DEBUG? %s\n", getenv("AFL_DEBUG"));
-
  if ((isatty(2) && !getenv("AFL_QUIET")) || getenv("AFL_DEBUG") != NULL) {

    SAYF(cCYA "afl-llvm-pass" VERSION cRST " by <lszekeres@google.com>\n");
@ -483,7 +481,6 @@ printf("DEBUG? %s\n", getenv("AFL_DEBUG"));
    }

  }
-printf ("BEQUIET!\n");

  return true;

--- a/llvm_mode/split-compares-pass.so.cc
+++ b/llvm_mode/split-compares-pass.so.cc
@ -1244,12 +1244,14 @@ bool SplitComparesTransform::runOnModule(Module &M) {
  simplifyIntSignedness(M);

  if (isatty(2) && getenv("AFL_QUIET") == NULL) {
+
    errs() << "Split-compare-pass by laf.intel@gmail.com, extended by "
              "heiko@hexco.de\n";

    if (enableFPSplit)
      errs() << "Split-floatingpoint-compare-pass: " << splitFPCompares(M)
-           << " FP comparisons splitted\n";
+             << " FP comparisons splitted\n";
+
  }

  switch (bitw) {
--- a/llvm_mode/split-switches-pass.so.cc
+++ b/llvm_mode/split-switches-pass.so.cc
@ -491,7 +491,8 @@ bool SplitSwitchesTransform::splitSwitches(Module &M) {
     * less, don't bother with the code below. */
    if (!SI->getNumCases() || bitw <= 8) {

-      if (isatty(2) && getenv("AFL_QUIET") == NULL) errs() << "skip trivial switch..\n";
+      if (isatty(2) && getenv("AFL_QUIET") == NULL)
+        errs() << "skip trivial switch..\n";
      continue;

    }
--- a/qemu_mode/patches/afl-qemu-tcg-runtime-inl.h
+++ b/qemu_mode/patches/afl-qemu-tcg-runtime-inl.h
@ -35,9 +35,9 @@
 #include "tcg.h"

 void HELPER(afl_entry_routine)(CPUArchState *env) {
-  
+
  afl_forkserver(ENV_GET_CPU(env));
-  
+
 }

 void HELPER(afl_compcov_16)(target_ulong cur_loc, target_ulong arg1,
--- a/src/afl-fuzz-init.c
+++ b/src/afl-fuzz-init.c
@ -603,9 +603,11 @@ void perform_dry_run(char** argv) {
               "binary. Also,\n"
               "      if you are using ASAN, see %s/notes_for_asan.md.\n\n"

-               "    - In QEMU persistent mode the selected address(es) for the loop are not\n"
+               "    - In QEMU persistent mode the selected address(es) for the "
+               "loop are not\n"
               "      properly cleaning up variables and memory. Try adding\n"
-               "      AFL_QEMU_PERSISTENT_GPR=1 or select better addresses in the binary.\n\n"
+               "      AFL_QEMU_PERSISTENT_GPR=1 or select better addresses in "
+               "the binary.\n\n"

               MSG_FORK_ON_APPLE

@ -628,9 +630,11 @@ void perform_dry_run(char** argv) {
               "interesting\n"
               "      inputs - but not ones that cause an outright crash.\n\n"

-               "    - In QEMU persistent mode the selected address(es) for the loop are not\n"
+               "    - In QEMU persistent mode the selected address(es) for the "
+               "loop are not\n"
               "      properly cleaning up variables and memory. Try adding\n"
-               "      AFL_QEMU_PERSISTENT_GPR=1 or select better addresses in the binary.\n\n"
+               "      AFL_QEMU_PERSISTENT_GPR=1 or select better addresses in "
+               "the binary.\n\n"

               MSG_FORK_ON_APPLE

--- a/src/afl-fuzz.c
+++ b/src/afl-fuzz.c
@ -113,7 +113,8 @@ static void usage(u8* argv0) {
      "                  pacemaker mode (minutes of no new paths, 0 = "
      "immediately).\n"
      "                  a recommended value is 10-60. see docs/README.MOpt\n"
-      "  -c program    - enable CmpLog by specifying a binary compiled for it.\n"
+      "  -c program    - enable CmpLog by specifying a binary compiled for "
+      "it.\n"
      "                  if using QEMU, just use -c 0.\n\n"

      "Fuzzing behavior settings:\n"
@ -829,24 +830,30 @@ int main(int argc, char** argv, char** envp) {

  if ((tmp_dir = getenv("AFL_TMPDIR")) != NULL && !in_place_resume) {

-    char tmpfile[file_extension 
-         ? strlen(tmp_dir) + 1 + 10 + 1 + strlen(file_extension) + 1
-         : strlen(tmp_dir) + 1 + 10 + 1];
+    char tmpfile[file_extension
+                     ? strlen(tmp_dir) + 1 + 10 + 1 + strlen(file_extension) + 1
+                     : strlen(tmp_dir) + 1 + 10 + 1];
    if (file_extension) {
+
      sprintf(tmpfile, "%s/.cur_input.%s", tmp_dir, file_extension);
+
    } else {
+
      sprintf(tmpfile, "%s/.cur_input", tmp_dir);
+
    }
+
    if (access(tmpfile, F_OK) !=
        -1)  // there is still a race condition here, but well ...
-      FATAL("AFL_TMPDIR already has an existing temporary input file: %s - if this is not from another instance, then just remove the file.",
-            tmpfile);
+      FATAL(
+          "AFL_TMPDIR already has an existing temporary input file: %s - if "
+          "this is not from another instance, then just remove the file.",
+          tmpfile);

  } else

    tmp_dir = out_dir;

-
  /* If we don't have a file name chosen yet, use a safe default. */

  if (!out_file) {
@ -884,11 +891,13 @@ int main(int argc, char** argv, char** envp) {
  if (!out_file) setup_stdio_file();

  if (cmplog_binary) {
+
    if (unicorn_mode)
      FATAL("CmpLog and Unicorn mode are not compatible at the moment, sorry");
-    if (!qemu_mode)
-      check_binary(cmplog_binary);
+    if (!qemu_mode) check_binary(cmplog_binary);
+
  }
+
  check_binary(argv[optind]);

  start_time = get_cur_time();
--- a/src/afl-gcc.c
+++ b/src/afl-gcc.c
@ -342,31 +342,30 @@ static void edit_params(u32 argc, char** argv) {

 int main(int argc, char** argv) {

-  char *env_info =
-        "Environment variables used by afl-gcc:\n"
-        "AFL_CC: path to the C compiler to use\n"
-        "AFL_CXX: path to the C++ compiler to use\n"
-        "AFL_GCJ: path to the java compiler to use\n"
-        "AFL_PATH: path to the instrumenting assembler\n"
-        "AFL_DONT_OPTIMIZE: disable optimization instead of -O3\n"
-        "AFL_NO_BUILTIN: compile for use with libtokencap.so\n"
-        "AFL_QUIET: suppress verbose output\n"
-        "AFL_CAL_FAST: speed up the initial calibration\n"
-        "AFL_HARDEN: adds code hardening to catch memory bugs\n"
-        "AFL_USE_ASAN: activate address sanitizer\n"
-        "AFL_USE_MSAN: activate memory sanitizer\n"
-        "AFL_USE_UBSAN: activate undefined behaviour sanitizer\n"
+  char* env_info =
+      "Environment variables used by afl-gcc:\n"
+      "AFL_CC: path to the C compiler to use\n"
+      "AFL_CXX: path to the C++ compiler to use\n"
+      "AFL_GCJ: path to the java compiler to use\n"
+      "AFL_PATH: path to the instrumenting assembler\n"
+      "AFL_DONT_OPTIMIZE: disable optimization instead of -O3\n"
+      "AFL_NO_BUILTIN: compile for use with libtokencap.so\n"
+      "AFL_QUIET: suppress verbose output\n"
+      "AFL_CAL_FAST: speed up the initial calibration\n"
+      "AFL_HARDEN: adds code hardening to catch memory bugs\n"
+      "AFL_USE_ASAN: activate address sanitizer\n"
+      "AFL_USE_MSAN: activate memory sanitizer\n"
+      "AFL_USE_UBSAN: activate undefined behaviour sanitizer\n"

-        "\nEnvironment variables used by afl-as (called by afl-gcc):\n"
-        "AFL_AS: path to the assembler to use\n"
-        "TMPDIR: set the directory for temporary files of afl-as\n"
-        "TEMP: fall back path to directory for temporary files\n"
-        "TMP: fall back path to directory for temporary files\n"
-        "AFL_INST_RATIO: percentage of branches to instrument\n"
-        "AFL_QUIET: suppress verbose output\n"
-        "AFL_KEEP_ASSEMBLY: leave instrumented assembly files\n"
-        "AFL_AS_FORCE_INSTRUMENT: force instrumentation for asm sources\n"
-	;
+      "\nEnvironment variables used by afl-as (called by afl-gcc):\n"
+      "AFL_AS: path to the assembler to use\n"
+      "TMPDIR: set the directory for temporary files of afl-as\n"
+      "TEMP: fall back path to directory for temporary files\n"
+      "TMP: fall back path to directory for temporary files\n"
+      "AFL_INST_RATIO: percentage of branches to instrument\n"
+      "AFL_QUIET: suppress verbose output\n"
+      "AFL_KEEP_ASSEMBLY: leave instrumented assembly files\n"
+      "AFL_AS_FORCE_INSTRUMENT: force instrumentation for asm sources\n";

  if (argc == 2 && strcmp(argv[1], "-h") == 0) {

@ -410,7 +409,8 @@ int main(int argc, char** argv) {
        "Setting AFL_HARDEN enables hardening optimizations in the compiled "
        "code.\n\n%s"

-        , BIN_PATH, BIN_PATH, env_info);
+        ,
+        BIN_PATH, BIN_PATH, env_info);

    exit(1);

--- a/src/afl-showmap.c
+++ b/src/afl-showmap.c
@ -1014,12 +1014,12 @@ int main(int argc, char** argv, char** envp) {
        tcnt, highest, total, out_file);

  }
-  
+
  if (stdin_file) {
-  
+
    unlink(stdin_file);
    stdin_file = NULL;
-    
+
  }

  exit(child_crashed * 2 + child_timed_out);