diff options
| author | van Hauser <vh@thc.org> | 2019-07-01 11:46:14 +0200 |
|---|---|---|
| committer | van Hauser <vh@thc.org> | 2019-07-01 11:46:14 +0200 |
| commit | 9eb2cd73274362f117621696dd407ac631334e74 (patch) | |
| tree | 7202de99f41dbbaeb6ca220e1cc3f9fe8a9e09ce | |
| parent | d9ff84e39ecad47deec8808ea127fd90d9f5e8ef (diff) | |
| download | afl++-9eb2cd73274362f117621696dd407ac631334e74.tar.gz | |
various fixes
| -rw-r--r-- | Makefile | 46 | ||||
| -rw-r--r-- | sharedmem.c | 19 | ||||
| -rw-r--r-- | sharedmem.h | 4 |
3 files changed, 50 insertions, 19 deletions
diff --git a/Makefile b/Makefile index 4f85b53a..18e91b1e 100644 --- a/Makefile +++ b/Makefile @@ -30,7 +30,7 @@ SH_PROGS = afl-plot afl-cmin afl-whatsup afl-system-config CFLAGS ?= -O3 -funroll-loops CFLAGS += -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign \ -DAFL_PATH=\"$(HELPER_PATH)\" -DDOC_PATH=\"$(DOC_PATH)\" \ - -DBIN_PATH=\"$(BIN_PATH)\" -DUSEMMAP=1 + -DBIN_PATH=\"$(BIN_PATH)\" PYTHON_INCLUDE ?= /usr/include/python2.7 @@ -54,15 +54,24 @@ else PYFLAGS= endif -all: test_x86 test_python27 $(PROGS) afl-as test_build all_done +ifeq "$(shell echo '\#include <stdio.h>XXX\#include <sys/ipc.h>XXX\#include <sys/shm.h>XXXvoid main() { int _id = shmget(IPC_PRIVATE, 65536, IPC_CREAT | IPC_EXCL | 0600); shmctl(_id, IPC_RMID, NULL);}' | sed 's/XXX/\n/g' | $(CC) -x c - -o .test2 && echo 1 || echo 0 )" "1" + SHM_OK=1 +else + SHM_OK=0 + CFLAGS+=-DUSEMMAP=1 + LDFLAGS+=-Wno-deprecated-declarations +endif + + +all: test_x86 test_shm test_python27 ready $(PROGS) afl-as test_build all_done + ifndef AFL_NO_X86 test_x86: @echo "[*] Checking for the ability to compile x86 code..." - @echo 'main() { __asm__("xorb %al, %al"); }' | $(CC) -w -x c - -o .test || ( echo; echo "Oops, looks like your compiler can't generate x86 code."; echo; echo "Don't panic! You can use the LLVM or QEMU mode, but see docs/INSTALL first."; echo "(To ignore this error, set AFL_NO_X86=1 and try again.)"; echo; exit 1 ) - @rm -f .test - @echo "[+] Everything seems to be working, ready to compile." + @echo 'main() { __asm__("xorb %al, %al"); }' | $(CC) -w -x c - -o .test1 || ( echo; echo "Oops, looks like your compiler can't generate x86 code."; echo; echo "Don't panic! You can use the LLVM or QEMU mode, but see docs/INSTALL first."; echo "(To ignore this error, set AFL_NO_X86=1 and try again.)"; echo; exit 1 ) + @rm -f .test1 else @@ -71,6 +80,21 @@ test_x86: endif + +ifeq "$(SHM_OK)" "1" + +test_shm: + @rm -f .test2 2> /dev/null + @echo "[+] shmem seems to be working." + +else + +test_shm: + @echo "[-] shmem seems not to be working, switchig to mmap implementation" + +endif + + ifeq "$(PYTHON_OK)" "1" test_python27: @@ -84,6 +108,10 @@ test_python27: endif + +ready: + @echo "[+] Everything seems to be working, ready to compile." + afl-gcc: afl-gcc.c $(COMM_HDR) | test_x86 $(CC) $(CFLAGS) $@.c -o $@ $(LDFLAGS) set -e; for i in afl-g++ afl-clang afl-clang++; do ln -sf afl-gcc $$i; done @@ -130,14 +158,18 @@ endif all_done: test_build @if [ ! "`which clang 2>/dev/null`" = "" ]; then echo "[+] LLVM users: see llvm_mode/README.llvm for a faster alternative to afl-gcc."; fi - @echo "[+] All done! Be sure to review README - it's pretty short and useful." + @echo "[+] All done! Be sure to review the README - it's pretty short and useful." +ifeq "$(SHM_OK)" "1" + @echo "[!] shmem isn't working on your platform - compile every target with -lrt:" + @echo "[!] CFLAGS=-lrt LDFLAGS=-lrt CC=afl-gcc CXX=afl-g++ ./configure" +endif @if [ "`uname`" = "Darwin" ]; then printf "\nWARNING: Fuzzing on MacOS X is slow because of the unusually high overhead of\nfork() on this OS. Consider using Linux or *BSD. You can also use VirtualBox\n(virtualbox.org) to put AFL inside a Linux or *BSD VM.\n\n"; fi @! tty <&1 >/dev/null || printf "\033[0;30mNOTE: If you can read this, your terminal probably uses white background.\nThis will make the UI hard to read. See docs/status_screen.txt for advice.\033[0m\n" 2>/dev/null .NOTPARALLEL: clean clean: - rm -f $(PROGS) afl-as as afl-g++ afl-clang afl-clang++ *.o *~ a.out core core.[1-9][0-9]* *.stackdump test .test test-instr .test-instr0 .test-instr1 qemu_mode/qemu-2.10.0.tar.bz2 afl-qemu-trace + rm -f $(PROGS) afl-as as afl-g++ afl-clang afl-clang++ *.o *~ a.out core core.[1-9][0-9]* *.stackdump test .test .test1 .test2 test-instr .test-instr0 .test-instr1 qemu_mode/qemu-2.10.0.tar.bz2 afl-qemu-trace rm -rf out_dir qemu_mode/qemu-2.10.0 $(MAKE) -C llvm_mode clean $(MAKE) -C libdislocator clean diff --git a/sharedmem.c b/sharedmem.c index 23cc8984..5ee16959 100644 --- a/sharedmem.c +++ b/sharedmem.c @@ -23,13 +23,16 @@ #include <sys/wait.h> #include <sys/time.h> -#include <sys/shm.h> #include <sys/stat.h> #include <sys/types.h> #include <sys/resource.h> + #include <sys/mman.h> + #include <fcntl.h> -#include <sys/mman.h> -#include <fcntl.h> +#ifndef USEMMAP + #include <sys/ipc.h> + #include <sys/shm.h> +#endif extern unsigned char*trace_bits; @@ -67,14 +70,10 @@ void remove_shm(void) { void setup_shm(unsigned char dumb_mode) { #ifdef USEMMAP /* generate random file name for multi instance */ - memset(g_shm_file_path, 0x0, L_tmpnam); - - char *result = tmpnam(g_shm_file_path); - if (result == 0) - PFATAL("cannot generate filename for shared memory"); - /* get rid of second slash in /tmp/blabla */ - g_shm_file_path[4] = '_'; + /* thanks to f*cking glibc we can not use tmpnam securely, it generates a security warning that cannot be suppressed */ + /* so we do this worse workaround */ + snprintf(g_shm_file_path, L_tmpnam, "/afl_%d_%ld", getpid(), random()); /* create the shared memory segment as if it was a file */ g_shm_fd = shm_open(g_shm_file_path, O_CREAT | O_RDWR | O_EXCL, 0600); diff --git a/sharedmem.h b/sharedmem.h index 9300ccf1..53a85fcb 100644 --- a/sharedmem.h +++ b/sharedmem.h @@ -1,5 +1,5 @@ -#ifndef SHAREDMEM -#define SHAREDMEM +#ifndef __SHAREDMEM_H +#define __SHAREDMEM_H void setup_shm(unsigned char dumb_mode); void remove_shm(void); |