diff options
| author | van Hauser <vh@thc.org> | 2019-12-24 20:56:10 +0100 |
|---|---|---|
| committer | van Hauser <vh@thc.org> | 2019-12-24 20:56:10 +0100 |
| commit | 67b6298895e8db0cc91c3bbd0bc29c48f8572c2e (patch) | |
| tree | d3a398366b212ddfdac35b332c844c14dd3ba57a /experimental/post_library | |
| parent | 3122790295489dee77ffc9993561807fe09be3b8 (diff) | |
| download | afl++-67b6298895e8db0cc91c3bbd0bc29c48f8572c2e.tar.gz | |
qemu ld_preload support and added socket_fuzzing ld_preload library
Diffstat (limited to 'experimental/post_library')
| -rw-r--r-- | experimental/post_library/post_library.so.c | 11 | ||||
| -rw-r--r-- | experimental/post_library/post_library_png.so.c | 5 |
2 files changed, 9 insertions, 7 deletions
diff --git a/experimental/post_library/post_library.so.c b/experimental/post_library/post_library.so.c index 048eea70..90d45e3f 100644 --- a/experimental/post_library/post_library.so.c +++ b/experimental/post_library/post_library.so.c @@ -21,9 +21,9 @@ in the targeted binary (as shown in ../libpng_no_checksum/). One possible exception is the process of fuzzing binary-only software in QEMU mode. - 2) The use of postprocessors for anything other than checksums is questionable - and may cause more harm than good. AFL is normally pretty good about - dealing with length fields, magic values, etc. + 2) The use of postprocessors for anything other than checksums is + questionable and may cause more harm than good. AFL is normally pretty good + about dealing with length fields, magic values, etc. 3) Postprocessors that do anything non-trivial must be extremely robust to gracefully handle malformed data and other error conditions - otherwise, @@ -77,10 +77,10 @@ /* The actual postprocessor routine called by afl-fuzz: */ const unsigned char* afl_postprocess(const unsigned char* in_buf, - unsigned int* len) { + unsigned int* len) { static unsigned char* saved_buf; - unsigned char* new_buf; + unsigned char* new_buf; /* Skip execution altogether for buffers shorter than 6 bytes (just to show how it's done). We can trust *len to be sane. */ @@ -117,3 +117,4 @@ const unsigned char* afl_postprocess(const unsigned char* in_buf, return new_buf; } + diff --git a/experimental/post_library/post_library_png.so.c b/experimental/post_library/post_library_png.so.c index 6ba95c1a..093c6022 100644 --- a/experimental/post_library/post_library_png.so.c +++ b/experimental/post_library/post_library_png.so.c @@ -36,13 +36,13 @@ #define UP4K(_i) ((((_i) >> 12) + 1) << 12) const unsigned char* afl_postprocess(const unsigned char* in_buf, - unsigned int* len) { + unsigned int* len) { static unsigned char* saved_buf; static unsigned int saved_len; unsigned char* new_buf = (unsigned char*)in_buf; - unsigned int pos = 8; + unsigned int pos = 8; /* Don't do anything if there's not enough room for the PNG header (8 bytes). */ @@ -111,3 +111,4 @@ const unsigned char* afl_postprocess(const unsigned char* in_buf, return new_buf; } + |