diff options
| author | vanhauser-thc <vh@thc.org> | 2021-10-18 00:21:33 +0200 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2021-10-18 00:21:33 +0200 |
| commit | 9c278df0385afb03a078e25e27a4763512d8831a (patch) | |
| tree | 56864a2078d41392c068a7d91a59c1e151690ef8 | |
| parent | 4b4244bcf6cad5fdc897edef6ea810647a54ca9f (diff) | |
| download | afl++-9c278df0385afb03a078e25e27a4763512d8831a.tar.gz | |
try fix
| -rw-r--r-- | instrumentation/afl-compiler-rt.o.c | 4 | ||||
| -rw-r--r-- | instrumentation/cmplog-routines-pass.cc | 19 |
2 files changed, 16 insertions, 7 deletions
diff --git a/instrumentation/afl-compiler-rt.o.c b/instrumentation/afl-compiler-rt.o.c index 38beafb7..5caf57b3 100644 --- a/instrumentation/afl-compiler-rt.o.c +++ b/instrumentation/afl-compiler-rt.o.c @@ -1880,7 +1880,7 @@ static int area_is_valid(void *ptr, size_t len) { } -void __cmplog_rtn_hook_n(u8 *ptr1, u8 *ptr2, u32 len) { +void __cmplog_rtn_hook_n(u8 *ptr1, u8 *ptr2, u64 len) { /* u32 i; @@ -1941,7 +1941,7 @@ void __cmplog_rtn_hook_n(u8 *ptr1, u8 *ptr2, u32 len) { } -void __cmplog_rtn_hook_strn(u8 *ptr1, u8 *ptr2, u32 len) { +void __cmplog_rtn_hook_strn(u8 *ptr1, u8 *ptr2, u64 len) { /* if (area_is_valid(ptr1, 32) <= 0 || area_is_valid(ptr2, 32) <= 0) return; diff --git a/instrumentation/cmplog-routines-pass.cc b/instrumentation/cmplog-routines-pass.cc index 50ced5d8..854492b1 100644 --- a/instrumentation/cmplog-routines-pass.cc +++ b/instrumentation/cmplog-routines-pass.cc @@ -94,7 +94,7 @@ bool CmpLogRoutines::hookRtns(Module &M) { Type *VoidTy = Type::getVoidTy(C); // PointerType *VoidPtrTy = PointerType::get(VoidTy, 0); IntegerType *Int8Ty = IntegerType::getInt8Ty(C); - IntegerType *Int32Ty = IntegerType::getInt32Ty(C); + IntegerType *Int64Ty = IntegerType::getInt64Ty(C); PointerType *i8PtrTy = PointerType::get(Int8Ty, 0); #if LLVM_VERSION_MAJOR < 9 @@ -192,7 +192,7 @@ bool CmpLogRoutines::hookRtns(Module &M) { FunctionCallee #endif c5 = M.getOrInsertFunction("__cmplog_rtn_hook_n", VoidTy, i8PtrTy, - i8PtrTy, Int32Ty + i8PtrTy, Int64Ty #if LLVM_VERSION_MAJOR < 5 , NULL @@ -210,7 +210,7 @@ bool CmpLogRoutines::hookRtns(Module &M) { FunctionCallee #endif c6 = M.getOrInsertFunction("__cmplog_rtn_hook_strn", VoidTy, i8PtrTy, - i8PtrTy, Int32Ty + i8PtrTy, Int64Ty #if LLVM_VERSION_MAJOR < 5 , NULL @@ -282,6 +282,15 @@ bool CmpLogRoutines::hookRtns(Module &M) { FT->getParamType(0) == FT->getParamType(1) && FT->getParamType(0)->isPointerTy() && FT->getParamType(2)->isIntegerTy(); + if (isPtrRtnN) { + auto intTyOp = dyn_cast<IntegerType>(callInst->getArgOperand(2)->getType()); + if (intTyOp) { + if (intTyOp->getBitWidth() != 32 && intTyOp->getBitWidth() != 64) { + isPtrRtnN = false; + } + } + } + bool isMemcmp = (!FuncName.compare("memcmp") || !FuncName.compare("bcmp") || @@ -469,7 +478,7 @@ bool CmpLogRoutines::hookRtns(Module &M) { std::vector<Value *> args; Value * v1Pcasted = IRB.CreatePointerCast(v1P, i8PtrTy); Value * v2Pcasted = IRB.CreatePointerCast(v2P, i8PtrTy); - Value * v3Pcasted = IRB.CreateTruncOrBitCast(v3P, Int32Ty); + Value * v3Pcasted = IRB.CreateTruncOrBitCast(v3P, Int64Ty); args.push_back(v1Pcasted); args.push_back(v2Pcasted); args.push_back(v3Pcasted); @@ -524,7 +533,7 @@ bool CmpLogRoutines::hookRtns(Module &M) { std::vector<Value *> args; Value * v1Pcasted = IRB.CreatePointerCast(v1P, i8PtrTy); Value * v2Pcasted = IRB.CreatePointerCast(v2P, i8PtrTy); - Value * v3Pcasted = IRB.CreateTruncOrBitCast(v3P, Int32Ty); + Value * v3Pcasted = IRB.CreateTruncOrBitCast(v3P, Int64Ty); args.push_back(v1Pcasted); args.push_back(v2Pcasted); args.push_back(v3Pcasted); |