diff options
| author | vanhauser-thc <vh@thc.org> | 2022-10-11 08:53:49 +0200 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2022-10-11 08:53:49 +0200 |
| commit | e6e82948bf95fab90466cb2dfa78457c4d2d80a6 (patch) | |
| tree | 30236db4d02ab69a654abf2242baeb34813c32e4 | |
| parent | c5008362c64c4c70d53f7533661c22307bfcbb6e (diff) | |
| download | afl++-e6e82948bf95fab90466cb2dfa78457c4d2d80a6.tar.gz | |
fastexit + code format
| -rw-r--r-- | GNUmakefile | 1 | ||||
| -rw-r--r-- | docs/Changelog.md | 3 | ||||
| -rw-r--r-- | instrumentation/afl-gcc-cmplog-pass.so.cc | 4 | ||||
| -rw-r--r-- | instrumentation/afl-gcc-common.h | 5 | ||||
| -rw-r--r-- | instrumentation/afl-gcc-pass.so.cc | 2 | ||||
| -rw-r--r-- | qemu_mode/fastexit/Makefile | 30 | ||||
| -rw-r--r-- | qemu_mode/fastexit/README.md | 5 | ||||
| -rw-r--r-- | qemu_mode/fastexit/fastexit.c | 6 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 1 | ||||
| -rw-r--r-- | utils/aflpp_driver/aflpp_driver.c | 6 | ||||
| -rw-r--r-- | utils/libdislocator/libdislocator.so.c | 2 |
11 files changed, 56 insertions, 9 deletions
diff --git a/GNUmakefile b/GNUmakefile index 70299fc3..d1f28a76 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -592,6 +592,7 @@ clean: -$(MAKE) -C utils/argv_fuzzing clean -$(MAKE) -C utils/plot_ui clean -$(MAKE) -C qemu_mode/unsigaction clean + -$(MAKE) -C qemu_mode/fastexit clean -$(MAKE) -C qemu_mode/libcompcov clean -$(MAKE) -C qemu_mode/libqasan clean -$(MAKE) -C frida_mode clean diff --git a/docs/Changelog.md b/docs/Changelog.md index d4dfb709..b4f758e8 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -8,11 +8,14 @@ - fix gramatron and grammar_mutator build scripts - enhancements to the afl-persistent-config and afl-system-config scripts + - afl-fuzz: + - force writing all stats on exit - afl-cc: - make gcc_mode (afl-gcc-fast) work with gcc down to version 3.6 - qemu_mode: - fixed 10x speed degredation in v4.03c, thanks to @ele7enxxh for reporting! + - added qemu_mode/fastexit helper library - unicorn_mode: - Enabled tricore arch (by @jma-qb) - Updated Capstone version in Rust bindings diff --git a/instrumentation/afl-gcc-cmplog-pass.so.cc b/instrumentation/afl-gcc-cmplog-pass.so.cc index e42e8bc0..3c781fd7 100644 --- a/instrumentation/afl-gcc-cmplog-pass.so.cc +++ b/instrumentation/afl-gcc-cmplog-pass.so.cc @@ -245,7 +245,7 @@ struct afl_cmplog_pass : afl_base_pass { tree s = make_ssa_name(t); gimple g = gimple_build_assign(s, VIEW_CONVERT_EXPR, - build1(VIEW_CONVERT_EXPR, t, lhs)); + build1(VIEW_CONVERT_EXPR, t, lhs)); lhs = s; gsi_insert_before(&gsi, g, GSI_SAME_STMT); @@ -281,7 +281,7 @@ struct afl_cmplog_pass : afl_base_pass { } /* Insert the call. */ - tree att = build_int_cst(t8u, attr); + tree att = build_int_cst(t8u, attr); gimple call; if (pass_n) call = gimple_build_call(fn, 4, lhs, rhs, att, diff --git a/instrumentation/afl-gcc-common.h b/instrumentation/afl-gcc-common.h index 766c0eff..cda3f9d8 100644 --- a/instrumentation/afl-gcc-common.h +++ b/instrumentation/afl-gcc-common.h @@ -501,7 +501,8 @@ struct afl_base_pass : gimple_opt_pass { // compatibility for older gcc versions #if (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) >= \ 60200 /* >= version 6.2.0 */ -#define gimple gimple * + #define gimple gimple * #else -#define gimple gimple + #define gimple gimple #endif + diff --git a/instrumentation/afl-gcc-pass.so.cc b/instrumentation/afl-gcc-pass.so.cc index 2b251075..ea938a7f 100644 --- a/instrumentation/afl-gcc-pass.so.cc +++ b/instrumentation/afl-gcc-pass.so.cc @@ -127,7 +127,7 @@ #include "afl-gcc-common.h" #if (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) >= \ 60200 /* >= version 6.2.0 */ -#include "memmodel.h" + #include "memmodel.h" #endif /* This plugin, being under the same license as GCC, satisfies the diff --git a/qemu_mode/fastexit/Makefile b/qemu_mode/fastexit/Makefile new file mode 100644 index 00000000..80a5ec48 --- /dev/null +++ b/qemu_mode/fastexit/Makefile @@ -0,0 +1,30 @@ +# +# american fuzzy lop++ - fastexit +# -------------------------------- +# +# Written by Andrea Fioraldi <andreafioraldi@gmail.com> +# +# Copyright 2019-2022 Andrea Fioraldi. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TARGETS=fastexit.so fastexit32.so fastexit64.so + +all: $(TARGETS) + +fastexit.so: fastexit.c + @if $(CC) -fPIC -shared fastexit.c -o fastexit.so 2>/dev/null ; then echo "fastexit build success"; else echo "fastexit build failure (that's fine)"; fi + +fastexit32.so: fastexit.c + @if $(CC) -fPIC -m32 -shared fastexit.c -o fastexit32.so 2>/dev/null ; then echo "fastexit32 build success"; else echo "fastexit32 build failure (that's fine)"; fi + +fastexit64.so: fastexit.c + @if $(CC) -fPIC -m64 -shared fastexit.c -o fastexit64.so 2>/dev/null ; then echo "fastexit64 build success"; else echo "fastexit64 build failure (that's fine)"; fi + +clean: + rm -f fastexit.so diff --git a/qemu_mode/fastexit/README.md b/qemu_mode/fastexit/README.md new file mode 100644 index 00000000..f01340c2 --- /dev/null +++ b/qemu_mode/fastexit/README.md @@ -0,0 +1,5 @@ +# fastexit + +This library forces _exit on exit when preloaded to gain speed. + +Gives speed on complex tarets like Android or Wine. diff --git a/qemu_mode/fastexit/fastexit.c b/qemu_mode/fastexit/fastexit.c new file mode 100644 index 00000000..44141af1 --- /dev/null +++ b/qemu_mode/fastexit/fastexit.c @@ -0,0 +1,6 @@ +#include <unistd.h> +#include <stdlib.h> + +void exit(int status) { + _exit(status); +} diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 84ae54ff..d116822a 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -2570,6 +2570,7 @@ int main(int argc, char **argv_orig, char **envp) { stop_fuzzing: afl->force_ui_update = 1; // ensure the screen is reprinted + afl->stop_soon = 1; // ensure everything is written show_stats(afl); // print the screen one last time write_bitmap(afl); save_auto(afl); diff --git a/utils/aflpp_driver/aflpp_driver.c b/utils/aflpp_driver/aflpp_driver.c index 87bd2aa2..a76ba6c2 100644 --- a/utils/aflpp_driver/aflpp_driver.c +++ b/utils/aflpp_driver/aflpp_driver.c @@ -292,10 +292,10 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp, } bool in_afl = !(!getenv(SHM_FUZZ_ENV_VAR) || !getenv(SHM_ENV_VAR) || - fcntl(FORKSRV_FD, F_GETFD) == -1 || - fcntl(FORKSRV_FD + 1, F_GETFD) == -1); + fcntl(FORKSRV_FD, F_GETFD) == -1 || + fcntl(FORKSRV_FD + 1, F_GETFD) == -1); - if (!in_afl) { __afl_sharedmem_fuzzing = 0; } + if (!in_afl) { __afl_sharedmem_fuzzing = 0; } output_file = stderr; maybe_duplicate_stderr(); diff --git a/utils/libdislocator/libdislocator.so.c b/utils/libdislocator/libdislocator.so.c index 638735ef..c390d004 100644 --- a/utils/libdislocator/libdislocator.so.c +++ b/utils/libdislocator/libdislocator.so.c @@ -512,7 +512,7 @@ __attribute__((alloc_size(2, 3))) void *reallocarray(void *ptr, size_t elem_len, int reallocarr(void *ptr, size_t elem_len, size_t elem_cnt) { - void *ret = NULL; + void *ret = NULL; const size_t elem_tot = elem_len * elem_cnt; if (elem_tot == 0) { |