diff options
| author | vanhauser-thc <vh@thc.org> | 2021-10-31 12:40:32 +0100 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2021-10-31 12:40:32 +0100 |
| commit | 01d266f2b4870fbdfd8daba7498ec422fed84c91 (patch) | |
| tree | b780394abd15633ea9fab8b75384f77aa27da62d /instrumentation/afl-compiler-rt.o.c | |
| parent | 639d108512027bda6e7baf4a96f9d4e058e3c1d3 (diff) | |
| download | afl++-01d266f2b4870fbdfd8daba7498ec422fed84c91.tar.gz | |
wipe overflow data
Diffstat (limited to 'instrumentation/afl-compiler-rt.o.c')
| -rw-r--r-- | instrumentation/afl-compiler-rt.o.c | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/instrumentation/afl-compiler-rt.o.c b/instrumentation/afl-compiler-rt.o.c index 6ee86add..ff3998e6 100644 --- a/instrumentation/afl-compiler-rt.o.c +++ b/instrumentation/afl-compiler-rt.o.c @@ -1935,9 +1935,12 @@ void __cmplog_rtn_hook_n(u8 *ptr1, u8 *ptr2, u64 len) { struct cmpfn_operands *cmpfn = (struct cmpfn_operands *)__afl_cmp_map->log[k]; hits &= CMP_MAP_RTN_H - 1; - if (unlikely(reset && !hits)) { - __builtin_memset(cmpfn, 0, sizeof(struct cmpfn_operands)); + if (unlikely(reset && !hits)) { __afl_cmp_map->headers[k].overflow = 1; } + + if (unlikely(__afl_cmp_map->headers[k].overflow)) { + + __builtin_memset((char *)&cmpfn[hits], 0, sizeof(struct cmpfn_operands)); } @@ -1988,9 +1991,12 @@ void __cmplog_rtn_hook_strn(u8 *ptr1, u8 *ptr2, u64 len) { struct cmpfn_operands *cmpfn = (struct cmpfn_operands *)__afl_cmp_map->log[k]; hits &= CMP_MAP_RTN_H - 1; - if (unlikely(reset && !hits)) { - __builtin_memset(cmpfn, 0, sizeof(struct cmpfn_operands)); + if (unlikely(reset && !hits)) { __afl_cmp_map->headers[k].overflow = 1; } + + if (unlikely(__afl_cmp_map->headers[k].overflow)) { + + __builtin_memset((char *)&cmpfn[hits], 0, sizeof(struct cmpfn_operands)); } @@ -2043,9 +2049,12 @@ void __cmplog_rtn_hook_str(u8 *ptr1, u8 *ptr2) { struct cmpfn_operands *cmpfn = (struct cmpfn_operands *)__afl_cmp_map->log[k]; hits &= CMP_MAP_RTN_H - 1; - if (unlikely(reset && !hits)) { - __builtin_memset(cmpfn, 0, sizeof(struct cmpfn_operands)); + if (unlikely(reset && !hits)) { __afl_cmp_map->headers[k].overflow = 1; } + + if (unlikely(__afl_cmp_map->headers[k].overflow)) { + + __builtin_memset((char *)&cmpfn[hits], 0, sizeof(struct cmpfn_operands)); } @@ -2106,9 +2115,12 @@ void __cmplog_rtn_hook(u8 *ptr1, u8 *ptr2) { struct cmpfn_operands *cmpfn = (struct cmpfn_operands *)__afl_cmp_map->log[k]; hits &= CMP_MAP_RTN_H - 1; - if (unlikely(reset && !hits)) { - __builtin_memset(cmpfn, 0, sizeof(struct cmpfn_operands)); + if (unlikely(reset && !hits)) { __afl_cmp_map->headers[k].overflow = 1; } + + if (unlikely(__afl_cmp_map->headers[k].overflow)) { + + __builtin_memset((char *)&cmpfn[hits], 0, sizeof(struct cmpfn_operands)); } |