Merge pull request #821 from AFLplusplus/stable

3.11c
author: van Hauser <vh@thc.org> 2021-03-15 23:15:37 +0100
committer: GitHub <noreply@github.com> 2021-03-15 23:15:37 +0100
commit: 37829765282421d9e3cb9448bceedcb58256e76a (patch)
tree: 79c15c7a4f879c90f683a61a8ad878bd19e2a69e /instrumentation/compare-transform-pass.so.cc
parent: 41788950ccb99e8d2bdc274916ce815bf3d5035c (diff)
parent: 23f7bee81c46ad4f0f65fa56d08064ab5f1e2e6f (diff)
download: afl++-37829765282421d9e3cb9448bceedcb58256e76a.tar.gz
1 files changed, 20 insertions, 6 deletions
diff --git a/instrumentation/compare-transform-pass.so.cc b/instrumentation/compare-transform-pass.so.cc
index bd524a69..3ecba4e6 100644
--- a/instrumentation/compare-transform-pass.so.cc
+++ b/instrumentation/compare-transform-pass.so.cc
@@ -229,9 +229,9 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp,
                           dyn_cast<ConstantDataArray>(Var->getInitializer())) {
 
                     HasStr2 = true;
-                    Str2 = Array->getAsString();
+                    Str2 = Array->getRawDataValues();
                     valueMap[Str2P] = new std::string(Str2.str());
-                    fprintf(stderr, "glo2 %s\n", Str2.str().c_str());
+                    // fprintf(stderr, "glo2 %s\n", Str2.str().c_str());
 
                   }
 
@@ -254,7 +254,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp,
                             Var->getInitializer())) {
 
                       HasStr1 = true;
-                      Str1 = Array->getAsString();
+                      Str1 = Array->getRawDataValues();
                       valueMap[Str1P] = new std::string(Str1.str());
                       // fprintf(stderr, "glo1 %s\n", Str1.str().c_str());
 
@@ -316,7 +316,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp,
               uint64_t len = ilen->getZExtValue();
               // if len is zero this is a pointless call but allow real
               // implementation to worry about that
-              if (!len) continue;
+              if (len < 2) continue;
 
               if (isMemcmp) {
 
@@ -420,15 +420,29 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp,
 
     }
 
+    if (TmpConstStr.length() < 2 ||
+        (TmpConstStr.length() == 2 && !TmpConstStr[1])) {
+
+      continue;
+
+    }
+
     // add null termination character implicit in c strings
-    TmpConstStr.append("\0", 1);
+    if (!isMemcmp && TmpConstStr[TmpConstStr.length() - 1]) {
+
+      TmpConstStr.append("\0", 1);
+
+    }
 
     // in the unusual case the const str has embedded null
     // characters, the string comparison functions should terminate
     // at the first null
-    if (!isMemcmp)
+    if (!isMemcmp) {
+
       TmpConstStr.assign(TmpConstStr, 0, TmpConstStr.find('\0') + 1);
 
+    }
+
     constStrLen = TmpConstStr.length();
     // prefer use of StringRef (in comparison to std::string a StringRef has
     // built-in runtime bounds checking, which makes debugging easier)
author	van Hauser <vh@thc.org>	2021-03-15 23:15:37 +0100
committer	GitHub <noreply@github.com>	2021-03-15 23:15:37 +0100
commit	37829765282421d9e3cb9448bceedcb58256e76a (patch)
tree	79c15c7a4f879c90f683a61a8ad878bd19e2a69e /instrumentation/compare-transform-pass.so.cc
parent	41788950ccb99e8d2bdc274916ce815bf3d5035c (diff)
parent	23f7bee81c46ad4f0f65fa56d08064ab5f1e2e6f (diff)
download	afl++-37829765282421d9e3cb9448bceedcb58256e76a.tar.gz