Merge pull request #679 from AFLplusplus/dev

Dev
author: van Hauser <vh@thc.org> 2021-01-08 15:43:13 +0100
committer: GitHub <noreply@github.com> 2021-01-08 15:43:13 +0100
commit: 20a47cb23e9c6406b4a6c0c94783667a8b06316a (patch)
tree: 1aeeb9555be23bb55b888e134e5ca50929387236 /include
parent: 7b8c8cf12fde0feab25a1d794e010a5778cf9be8 (diff)
parent: 813627cbd32be9466e0b5ad3a83ce8209dcfeb51 (diff)
download: afl++-20a47cb23e9c6406b4a6c0c94783667a8b06316a.tar.gz
7 files changed, 42 insertions, 32 deletions
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h
index d6a322cc..988a907d 100644
--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@@ -381,7 +381,7 @@ typedef struct afl_env_vars {
       *afl_hang_tmout, *afl_forksrv_init_tmout, *afl_skip_crashes, *afl_preload,
       *afl_max_det_extras, *afl_statsd_host, *afl_statsd_port,
       *afl_crash_exitcode, *afl_statsd_tags_flavor, *afl_testcache_size,
-      *afl_testcache_entries;
+      *afl_testcache_entries, *afl_kill_signal;
 
 } afl_env_vars_t;
 
@@ -573,7 +573,7 @@ typedef struct afl_state {
 
   u8 stage_name_buf[STAGE_BUF_SIZE];    /* reused stagename buf with len 64 */
 
-  s32 stage_cur, stage_max;             /* Stage progression                */
+  u32 stage_cur, stage_max;             /* Stage progression                */
   s32 splicing_with;                    /* Splicing with which test case?   */
 
   u32 main_node_id, main_node_max;      /*   Main instance job splitting    */
@@ -648,7 +648,7 @@ typedef struct afl_state {
   double                 last_avg_execs_saved;
 
 /* foreign sync */
-#define FOREIGN_SYNCS_MAX 32
+#define FOREIGN_SYNCS_MAX 32U
   u8                  foreign_sync_cnt;
   struct foreign_sync foreign_syncs[FOREIGN_SYNCS_MAX];
 
diff --git a/include/common.h b/include/common.h
index 125c3abf..9490ec5f 100644
--- a/include/common.h
+++ b/include/common.h
@@ -56,6 +56,11 @@ extern u8 *doc_path;                    /* path to documentation dir        */
 
 u8 *find_binary(u8 *fname);
 
+/* Parses the kill signal environment variable, FATALs on error.
+  If the env is not set, sets the env to default_signal for the signal handlers
+  and returns the default_signal. */
+int parse_afl_kill_signal_env(u8 *afl_kill_signal_env, int default_signal);
+
 /* Read a bitmap from file fname to memory
    This is for the -B option again. */
 
diff --git a/include/config.h b/include/config.h
index e8a49270..c0cd0ef1 100644
--- a/include/config.h
+++ b/include/config.h
@@ -80,11 +80,11 @@
 /* Default timeout for fuzzed code (milliseconds). This is the upper bound,
    also used for detecting hangs; the actual value is auto-scaled: */
 
-#define EXEC_TIMEOUT 1000
+#define EXEC_TIMEOUT 1000U
 
 /* Timeout rounding factor when auto-scaling (milliseconds): */
 
-#define EXEC_TM_ROUND 20
+#define EXEC_TM_ROUND 20U
 
 /* 64bit arch MACRO */
 #if (defined(__x86_64__) || defined(__arm64__) || defined(__aarch64__))
@@ -93,48 +93,48 @@
 
 /* Default memory limit for child process (MB) 0 = disabled : */
 
-#define MEM_LIMIT 0
+#define MEM_LIMIT 0U
 
 /* Default memory limit when running in QEMU mode (MB) 0 = disabled : */
 
-#define MEM_LIMIT_QEMU 0
+#define MEM_LIMIT_QEMU 0U
 
 /* Default memory limit when running in Unicorn mode (MB) 0 = disabled : */
 
-#define MEM_LIMIT_UNICORN 0
+#define MEM_LIMIT_UNICORN 0U
 
 /* Number of calibration cycles per every new test case (and for test
    cases that show variable behavior): */
 
-#define CAL_CYCLES 8
-#define CAL_CYCLES_LONG 40
+#define CAL_CYCLES 8U
+#define CAL_CYCLES_LONG 40U
 
 /* Number of subsequent timeouts before abandoning an input file: */
 
-#define TMOUT_LIMIT 250
+#define TMOUT_LIMIT 250U
 
 /* Maximum number of unique hangs or crashes to record: */
 
-#define KEEP_UNIQUE_HANG 500
-#define KEEP_UNIQUE_CRASH 5000
+#define KEEP_UNIQUE_HANG 500U
+#define KEEP_UNIQUE_CRASH 5000U
 
 /* Baseline number of random tweaks during a single 'havoc' stage: */
 
-#define HAVOC_CYCLES 256
-#define HAVOC_CYCLES_INIT 1024
+#define HAVOC_CYCLES 256U
+#define HAVOC_CYCLES_INIT 1024U
 
 /* Maximum multiplier for the above (should be a power of two, beware
    of 32-bit int overflows): */
 
-#define HAVOC_MAX_MULT 64
-#define HAVOC_MAX_MULT_MOPT 64
+#define HAVOC_MAX_MULT 64U
+#define HAVOC_MAX_MULT_MOPT 64U
 
 /* Absolute minimum number of havoc cycles (after all adjustments): */
 
-#define HAVOC_MIN 12
+#define HAVOC_MIN 12U
 
 /* Power Schedule Divisor */
-#define POWER_BETA 1
+#define POWER_BETA 1U
 #define MAX_FACTOR (POWER_BETA * 32)
 
 /* Maximum stacking for havoc-stage tweaks. The actual value is calculated
@@ -146,19 +146,19 @@
    In other words, the default (n = 4) produces 2, 4, 8, 16
    stacked tweaks: */
 
-#define HAVOC_STACK_POW2 4
+#define HAVOC_STACK_POW2 4U
 
 /* Caps on block sizes for cloning and deletion operations. Each of these
    ranges has a 33% probability of getting picked, except for the first
    two cycles where smaller blocks are favored: */
 
-#define HAVOC_BLK_SMALL 32
-#define HAVOC_BLK_MEDIUM 128
-#define HAVOC_BLK_LARGE 1500
+#define HAVOC_BLK_SMALL 32U
+#define HAVOC_BLK_MEDIUM 128U
+#define HAVOC_BLK_LARGE 1500U
 
 /* Extra-large blocks, selected very rarely (<5% of the time): */
 
-#define HAVOC_BLK_XL 32768
+#define HAVOC_BLK_XL 32768U
 
 /* Probabilities of skipping non-favored entries in the queue, expressed as
    percentages: */
@@ -186,13 +186,15 @@
 #define TRIM_START_STEPS 16
 #define TRIM_END_STEPS 1024
 
-/* Maximum size of input file, in bytes (keep under 100MB): */
+/* Maximum size of input file, in bytes (keep under 100MB, default 1MB):
+   (note that if this value is changed, several areas in afl-cc.c, afl-fuzz.c
+   and afl-fuzz-state.c have to be changed as well! */
 
-#define MAX_FILE (1 * 1024 * 1024)
+#define MAX_FILE (1 * 1024 * 1024U)
 
 /* The same, for the test case minimizer: */
 
-#define TMIN_MAX_FILE (10 * 1024 * 1024)
+#define TMIN_MAX_FILE (10 * 1024 * 1024U)
 
 /* Block normalization steps for afl-tmin: */
 
@@ -380,7 +382,7 @@
    after changing this - otherwise, SEGVs may ensue. */
 
 #define MAP_SIZE_POW2 16
-#define MAP_SIZE (1 << MAP_SIZE_POW2)
+#define MAP_SIZE (1U << MAP_SIZE_POW2)
 
 /* Maximum allocator request size (keep well under INT_MAX): */
 
diff --git a/include/debug.h b/include/debug.h
index 7f4a6be1..ef5b195b 100644
--- a/include/debug.h
+++ b/include/debug.h
@@ -295,7 +295,7 @@ static inline const char *colorfilter(const char *x) {
                                                                          \
     SAYF(bSTOP RESET_G1 CURSOR_SHOW cRST cLRD                            \
          "\n[-] PROGRAM ABORT : " cRST   x);                               \
-    SAYF(cLRD "\n         Location : " cRST "%s(), %s:%u\n\n", __func__, \
+    SAYF(cLRD "\n         Location : " cRST "%s(), %s:%d\n\n", __func__, \
          __FILE__, __LINE__);                                            \
     exit(1);                                                             \
                                                                          \
@@ -308,7 +308,7 @@ static inline const char *colorfilter(const char *x) {
                                                                          \
     SAYF(bSTOP RESET_G1 CURSOR_SHOW cRST cLRD                            \
          "\n[-] PROGRAM ABORT : " cRST   x);                               \
-    SAYF(cLRD "\n    Stop location : " cRST "%s(), %s:%u\n\n", __func__, \
+    SAYF(cLRD "\n    Stop location : " cRST "%s(), %s:%d\n\n", __func__, \
          __FILE__, __LINE__);                                            \
     abort();                                                             \
                                                                          \
@@ -322,7 +322,7 @@ static inline const char *colorfilter(const char *x) {
     fflush(stdout);                                                    \
     SAYF(bSTOP RESET_G1 CURSOR_SHOW cRST cLRD                          \
          "\n[-]  SYSTEM ERROR : " cRST   x);                             \
-    SAYF(cLRD "\n    Stop location : " cRST "%s(), %s:%u\n", __func__, \
+    SAYF(cLRD "\n    Stop location : " cRST "%s(), %s:%d\n", __func__, \
          __FILE__, __LINE__);                                          \
     SAYF(cLRD "       OS message : " cRST "%s\n", strerror(errno));    \
     exit(1);                                                           \
diff --git a/include/envs.h b/include/envs.h
index e4e49c4d..97367fae 100644
--- a/include/envs.h
+++ b/include/envs.h
@@ -61,6 +61,7 @@ static char *afl_environment_variables[] = {
     "AFL_IMPORT_FIRST",
     "AFL_INST_LIBS",
     "AFL_INST_RATIO",
+    "AFL_KILL_SIGNAL",
     "AFL_KEEP_TRACES",
     "AFL_KEEP_ASSEMBLY",
     "AFL_LD_HARD_FAIL",
diff --git a/include/forkserver.h b/include/forkserver.h
index 8e029266..3019e289 100644
--- a/include/forkserver.h
+++ b/include/forkserver.h
@@ -99,6 +99,8 @@ typedef struct afl_forkserver {
 
   void (*add_extra_func)(void *afl_ptr, u8 *mem, u32 len);
 
+  u8 kill_signal;
+
 } afl_forkserver_t;
 
 typedef enum fsrv_run_result {
diff --git a/include/types.h b/include/types.h
index 39f599a0..3e3bc953 100644
--- a/include/types.h
+++ b/include/types.h
@@ -50,7 +50,7 @@ typedef uint32_t u32;
 #define FS_OPT_SHDMEM_FUZZ 0x01000000
 #define FS_OPT_OLD_AFLPP_WORKAROUND 0x0f000000
 // FS_OPT_MAX_MAPSIZE is 8388608 = 0x800000 = 2^23 = 1 << 22
-#define FS_OPT_MAX_MAPSIZE ((0x00fffffe >> 1) + 1)
+#define FS_OPT_MAX_MAPSIZE ((0x00fffffeU >> 1) + 1)
 #define FS_OPT_GET_MAPSIZE(x) (((x & 0x00fffffe) >> 1) + 1)
 #define FS_OPT_SET_MAPSIZE(x) \
   (x <= 1 || x > FS_OPT_MAX_MAPSIZE ? 0 : ((x - 1) << 1))
author	van Hauser <vh@thc.org>	2021-01-08 15:43:13 +0100
committer	GitHub <noreply@github.com>	2021-01-08 15:43:13 +0100
commit	20a47cb23e9c6406b4a6c0c94783667a8b06316a (patch)
tree	1aeeb9555be23bb55b888e134e5ca50929387236 /include
parent	7b8c8cf12fde0feab25a1d794e010a5778cf9be8 (diff)
parent	813627cbd32be9466e0b5ad3a83ce8209dcfeb51 (diff)
download	afl++-20a47cb23e9c6406b4a6c0c94783667a8b06316a.tar.gz