diff options
| author | Dominik Maier <domenukk@gmail.com> | 2020-04-11 01:09:07 +0200 |
|---|---|---|
| committer | Dominik Maier <domenukk@gmail.com> | 2020-04-11 01:09:07 +0200 |
| commit | 29ee3a1ffca2aa5a3939beb84d7c6a81621f3355 (patch) | |
| tree | de84a56e03a29f111586c0532d4b7b81276b0afd /include | |
| parent | 39e8b918062ee92be03480075fedefcb7801f32a (diff) | |
| download | afl++-29ee3a1ffca2aa5a3939beb84d7c6a81621f3355.tar.gz | |
refactored cmplog
Diffstat (limited to 'include')
| -rw-r--r-- | include/afl-fuzz.h | 6 | ||||
| -rw-r--r-- | include/cmplog.h | 6 | ||||
| -rw-r--r-- | include/forkserver.h | 10 |
3 files changed, 17 insertions, 5 deletions
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index edda81e1..97c1f31c 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -439,7 +439,6 @@ typedef struct afl_state { no_arith, /* Skip most arithmetic ops */ shuffle_queue, /* Shuffle input queue? */ bitmap_changed, /* Time to update bitmap? */ - qemu_mode, /* Running in QEMU mode? */ unicorn_mode, /* Running in Unicorn mode? */ use_wine, /* Use WINE with QEMU mode */ skip_requested, /* Skip request, via SIGUSR1 */ @@ -560,7 +559,7 @@ typedef struct afl_state { /* CmpLog */ char *cmplog_binary; - s32 cmplog_child_pid, cmplog_fsrv_pid; + afl_forkserver_t cmplog_fsrv; /* cmplog has its own little forkserver */ /* Custom mutators */ struct custom_mutator *mutator; @@ -878,7 +877,7 @@ void show_init_stats(afl_state_t *); /* Run */ -u8 run_target(afl_state_t *, u32); +u8 run_target(afl_state_t *, afl_forkserver_t *fsrv, u32); void write_to_testcase(afl_state_t *, void *, u32); u8 calibrate_case(afl_state_t *, struct queue_entry *, u8 *, u32, u8); void sync_fuzzers(afl_state_t *); @@ -922,7 +921,6 @@ void save_cmdline(afl_state_t *, u32, char **); /* CmpLog */ -void init_cmplog_forkserver(afl_state_t *afl); u8 common_fuzz_cmplog_stuff(afl_state_t *afl, u8 *out_buf, u32 len); /* RedQueen */ diff --git a/include/cmplog.h b/include/cmplog.h index 36f8f2c5..4731f779 100644 --- a/include/cmplog.h +++ b/include/cmplog.h @@ -29,6 +29,7 @@ #define _AFL_CMPLOG_H #include "config.h" +#include "forkserver.h" #define CMP_MAP_W 65536 #define CMP_MAP_H 256 @@ -74,5 +75,10 @@ struct cmp_map { }; +/* Execs the child */ + +void cmplog_exec_child(afl_forkserver_t *fsrv, char **argv); + + #endif diff --git a/include/forkserver.h b/include/forkserver.h index 7470dbbc..24fa3e1b 100644 --- a/include/forkserver.h +++ b/include/forkserver.h @@ -66,15 +66,23 @@ typedef struct afl_forkserver { u32 prev_timed_out; /* if prev forkserver run timed out */ + u8 qemu_mode; /* if running in qemu mode or not */ + + char *cmplog_binary; /* the name of the cmplog binary */ + + /* Function to kick off the forkserver child */ + void (*init_child_func)(struct afl_forkserver *fsrv, char **argv); + u8 *function_opt; /* for autodictionary: afl ptr */ void (*function_ptr)(void *afl_tmp, u8 *mem, u32 len); + } afl_forkserver_t; void afl_fsrv_init(afl_forkserver_t *fsrv); void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, - volatile u8 *stop_soon_p); + volatile u8 *stop_soon_p, u8 debug_child_output); void afl_fsrv_deinit(afl_forkserver_t *fsrv); void afl_fsrv_killall(); |