diff options
| author | Andrea Fioraldi <andreafioraldi@gmail.com> | 2021-03-01 17:16:34 +0100 |
|---|---|---|
| committer | Andrea Fioraldi <andreafioraldi@gmail.com> | 2021-03-01 17:16:34 +0100 |
| commit | a29b360d55026b43989ab653958bfd86fc854927 (patch) | |
| tree | 55c2d22eba81c516c79f9a0a5b2c5a3ec3c01d59 | |
| parent | 75d6a8b7011699c22e6d7c7ad9869b9a850e053b (diff) | |
| download | afl++-a29b360d55026b43989ab653958bfd86fc854927.tar.gz | |
area_is_valid with write
| -rw-r--r-- | instrumentation/afl-compiler-rt.o.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/instrumentation/afl-compiler-rt.o.c b/instrumentation/afl-compiler-rt.o.c index 1151cd52..15bc823a 100644 --- a/instrumentation/afl-compiler-rt.o.c +++ b/instrumentation/afl-compiler-rt.o.c @@ -123,6 +123,10 @@ static u8 is_persistent; static u8 _is_sancov; +/* Dummy pipe for area_is_valid() */ + +static int dummy_pipe; + /* ensure we kill the child on termination */ void at_exit(int signal) { @@ -476,6 +480,11 @@ static void __afl_map_shm(void) { } if (id_str) { + + if (pipe(dummy_pipe) < 0) { + perror("pipe() failed\n"); + exit(1); + } #ifdef USEMMAP const char * shm_file_path = id_str; @@ -1567,9 +1576,8 @@ static int area_is_valid(void *ptr, size_t len) { char *p = (char *)ptr; char *page = (char *)((uintptr_t)p & ~(sysconf(_SC_PAGE_SIZE) - 1)); - int r = syscall(SYS_msync, page, (p - page) + len, MS_ASYNC); - if (r < 0) return errno != ENOMEM; - return 1; + int r = syscall(dummy_pipe[1], SYS_write, page, (p - page) + len); + return errno != EFAULT; } |