diff options
| author | Andrea Fioraldi <andreafioraldi@gmail.com> | 2019-09-04 10:03:51 +0200 |
|---|---|---|
| committer | Andrea Fioraldi <andreafioraldi@gmail.com> | 2019-09-04 10:03:51 +0200 |
| commit | e1f18f6212fdab581c3bf732a51dcc5a9cdaa8e7 (patch) | |
| tree | 90b9797ca310168cf1be02959d1738df9650a3f6 /include/alloc-inl.h | |
| parent | 9705ccee677eb3009c6d06d1bff4d2b6cf80c4a7 (diff) | |
| download | afl++-e1f18f6212fdab581c3bf732a51dcc5a9cdaa8e7.tar.gz | |
fix typo in custom format
Diffstat (limited to 'include/alloc-inl.h')
| -rw-r--r-- | include/alloc-inl.h | 27 |
1 files changed, 16 insertions, 11 deletions
diff --git a/include/alloc-inl.h b/include/alloc-inl.h index de9ac1fc..d851fd61 100644 --- a/include/alloc-inl.h +++ b/include/alloc-inl.h @@ -3,7 +3,7 @@ -------------------------------------------------------------------- Originally written by Michal Zalewski <lcamtuf@google.com> - + Now maintained by by Marc Heuse <mh@mh-sec.de>, Heiko Eißfeldt <heiko.eissfeldt@hexco.de> and Andrea Fioraldi <andreafioraldi@gmail.com> @@ -69,9 +69,9 @@ /* Magic tokens used to mark used / freed chunks. */ -#define ALLOC_MAGIC_C1 0xFF00FF00 /* Used head (dword) */ -#define ALLOC_MAGIC_F 0xFE00FE00 /* Freed head (dword) */ -#define ALLOC_MAGIC_C2 0xF0 /* Used tail (byte) */ +#define ALLOC_MAGIC_C1 0xFF00FF00 /* Used head (dword) */ +#define ALLOC_MAGIC_F 0xFE00FE00 /* Freed head (dword) */ +#define ALLOC_MAGIC_C2 0xF0 /* Used tail (byte) */ /* Positions of guard tokens in relation to the user-visible pointer. */ @@ -111,14 +111,17 @@ \ \ \ + \ if (_p) { \ \ \ \ + \ if (ALLOC_C1(_p) ^ ALLOC_MAGIC_C1) {\ \ \ \ + \ if (ALLOC_C1(_p) == ALLOC_MAGIC_F) \ ABORT("Use after free."); \ else ABORT("Corrupted head alloc canary."); \ @@ -126,6 +129,7 @@ } \ \ \ + \ if (ALLOC_C2(_p) ^ ALLOC_MAGIC_C2) \ ABORT("Corrupted tail alloc canary."); \ \ @@ -134,6 +138,7 @@ \ \ \ + \ } while (0) */ @@ -197,7 +202,7 @@ static inline void DFL_ck_free(void* mem) { /* Catch pointer issues sooner. */ memset(mem, 0xFF, ALLOC_S(mem)); -#endif /* DEBUG_BUILD */ +#endif /* DEBUG_BUILD */ ALLOC_C1(mem) = ALLOC_MAGIC_F; @@ -228,7 +233,7 @@ static inline void* DFL_ck_realloc(void* orig, u32 size) { #ifndef DEBUG_BUILD ALLOC_C1(orig) = ALLOC_MAGIC_F; -#endif /* !DEBUG_BUILD */ +#endif /* !DEBUG_BUILD */ old_size = ALLOC_S(orig); u8* origu8 = orig; @@ -266,7 +271,7 @@ static inline void* DFL_ck_realloc(void* orig, u32 size) { } -#endif /* ^!DEBUG_BUILD */ +#endif /* ^!DEBUG_BUILD */ ret += ALLOC_OFF_HEAD; @@ -297,7 +302,7 @@ static inline void* DFL_ck_realloc_block(void* orig, u32 size) { } -#endif /* !DEBUG_BUILD */ +#endif /* !DEBUG_BUILD */ return DFL_ck_realloc(orig, size); @@ -424,7 +429,7 @@ extern u32 TRK_cnt[ALLOC_BUCKETS]; #define alloc_report() -#endif /* ^AFL_MAIN */ +#endif /* ^AFL_MAIN */ /* Bucket-assigning function for a given pointer: */ @@ -600,7 +605,7 @@ static inline void TRK_ck_free(void* ptr, const char* file, const char* func, #define ck_free(_p1) TRK_ck_free(_p1, __FILE__, __FUNCTION__, __LINE__) -#endif /* ^!DEBUG_BUILD */ +#endif /* ^!DEBUG_BUILD */ -#endif /* ! _HAVE_ALLOC_INL_H */ +#endif /* ! _HAVE_ALLOC_INL_H */ |