diff options
| author | vanhauser-thc <vh@thc.org> | 2021-11-15 10:32:44 +0100 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2021-11-15 10:32:44 +0100 |
| commit | de90fd652e01797f129bfc23c24fa766b4c756a2 (patch) | |
| tree | 2950b1eeadd3b44ec2233777ff38650256106a74 /instrumentation/afl-compiler-rt.o.c | |
| parent | 96430fc9e0c53bfa32b03acb615d0c05711b13e1 (diff) | |
| download | afl++-de90fd652e01797f129bfc23c24fa766b4c756a2.tar.gz | |
cmplog fix
Diffstat (limited to 'instrumentation/afl-compiler-rt.o.c')
| -rw-r--r-- | instrumentation/afl-compiler-rt.o.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/instrumentation/afl-compiler-rt.o.c b/instrumentation/afl-compiler-rt.o.c index 91c690c0..759c813a 100644 --- a/instrumentation/afl-compiler-rt.o.c +++ b/instrumentation/afl-compiler-rt.o.c @@ -1889,7 +1889,7 @@ void __cmplog_rtn_hook_n(u8 *ptr1, u8 *ptr2, u64 len) { /* u32 i; - if (area_is_valid(ptr1, 32) <= 0 || area_is_valid(ptr2, 32) <= 0) return; + if (area_is_valid(ptr1, 31) <= 0 || area_is_valid(ptr2, 31) <= 0) return; fprintf(stderr, "rtn_n len=%u arg0=", len); for (i = 0; i < len; i++) fprintf(stderr, "%02x", ptr1[i]); @@ -1904,6 +1904,10 @@ void __cmplog_rtn_hook_n(u8 *ptr1, u8 *ptr2, u64 len) { if (unlikely(!len)) return; int l = MIN(31, len); + if ((l = area_is_valid(ptr1, l)) <= 0 || + (l = area_is_valid(ptr2, l)) <= 0) + return; + // fprintf(stderr, "RTN2 %u\n", l); uintptr_t k = (uintptr_t)__builtin_return_address(0); k = (uintptr_t)(default_hash((u8 *)&k, sizeof(uintptr_t)) & (CMP_MAP_W - 1)); @@ -1943,7 +1947,7 @@ void __cmplog_rtn_hook_n(u8 *ptr1, u8 *ptr2, u64 len) { void __cmplog_rtn_hook_strn(u8 *ptr1, u8 *ptr2, u64 len) { /* - if (area_is_valid(ptr1, 32) <= 0 || area_is_valid(ptr2, 32) <= 0) return; + if (area_is_valid(ptr1, 31) <= 0 || area_is_valid(ptr2, 31) <= 0) return; fprintf(stderr, "rtn_strn len=%u arg0=%s arg1=%s\n", len, ptr1, ptr2); */ @@ -1991,7 +1995,7 @@ void __cmplog_rtn_hook_strn(u8 *ptr1, u8 *ptr2, u64 len) { void __cmplog_rtn_hook_str(u8 *ptr1, u8 *ptr2) { /* - if (area_is_valid(ptr1, 32) <= 0 || area_is_valid(ptr2, 32) <= 0) return; + if (area_is_valid(ptr1, 31) <= 0 || area_is_valid(ptr2, 31) <= 0) return; fprintf(stderr, "rtn_str arg0=%s arg1=%s\n", ptr1, ptr2); */ @@ -2042,7 +2046,7 @@ void __cmplog_rtn_hook(u8 *ptr1, u8 *ptr2) { /* u32 i; - if (area_is_valid(ptr1, 32) <= 0 || area_is_valid(ptr2, 32) <= 0) return; + if (area_is_valid(ptr1, 31) <= 0 || area_is_valid(ptr2, 31) <= 0) return; fprintf(stderr, "rtn arg0="); for (i = 0; i < 32; i++) fprintf(stderr, "%02x", ptr1[i]); @@ -2055,8 +2059,8 @@ void __cmplog_rtn_hook(u8 *ptr1, u8 *ptr2) { if (likely(!__afl_cmp_map)) return; // fprintf(stderr, "RTN1 %p %p\n", ptr1, ptr2); int l1, l2; - if ((l1 = area_is_valid(ptr1, 32)) <= 0 || - (l2 = area_is_valid(ptr2, 32)) <= 0) + if ((l1 = area_is_valid(ptr1, 31)) <= 0 || + (l2 = area_is_valid(ptr2, 31)) <= 0) return; int len = MIN(31, MIN(l1, l2)); |