diff options
| author | van Hauser <vh@thc.org> | 2019-12-03 01:40:41 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-12-03 01:40:41 +0100 |
| commit | 4231c498392484fd2187b9ed1dedb1ba7bc0958b (patch) | |
| tree | 366586c4ceef17998670a8c2d978869bdac64d56 /libdislocator | |
| parent | b0d590fef4acb4b002429e4aec195e5740122494 (diff) | |
| parent | ef2dc98773c55eb09e4c1a588fb74df58570f868 (diff) | |
| download | afl++-4231c498392484fd2187b9ed1dedb1ba7bc0958b.tar.gz | |
Merge branch 'master' into llvm_mode_build_fix
Diffstat (limited to 'libdislocator')
| -rw-r--r-- | libdislocator/libdislocator.so.c | 113 |
1 files changed, 71 insertions, 42 deletions
diff --git a/libdislocator/libdislocator.so.c b/libdislocator/libdislocator.so.c index 31884545..72282834 100644 --- a/libdislocator/libdislocator.so.c +++ b/libdislocator/libdislocator.so.c @@ -34,10 +34,27 @@ #include <unistd.h> #include <sys/syscall.h> #ifdef __NR_getrandom -#define arc4random_buf(p, l) do { ssize_t rd = syscall(__NR_getrandom, p, l, 0); if (rd != l) DEBUGF("getrandom failed"); } while(0) +#define arc4random_buf(p, l) \ + do { \ + \ + ssize_t rd = syscall(__NR_getrandom, p, l, 0); \ + if (rd != l) DEBUGF("getrandom failed"); \ + \ + } while (0) + #else #include <time.h> -#define arc4random_buf(p, l) do { srand(time(NULL)); u32 i; u8 *ptr = (u8 *)p; for(i = 0; i < l; i++) ptr[i] = rand() % INT_MAX; } while(0) +#define arc4random_buf(p, l) \ + do { \ + \ + srand(time(NULL)); \ + u32 i; \ + u8* ptr = (u8*)p; \ + for (i = 0; i < l; i++) \ + ptr[i] = rand() % INT_MAX; \ + \ + } while (0) + #endif #endif @@ -52,7 +69,7 @@ #define MAP_ANONYMOUS MAP_ANON #endif /* !MAP_ANONYMOUS */ -#define SUPER_PAGE_SIZE 1<<21 +#define SUPER_PAGE_SIZE 1 << 21 /* Error / message handling: */ @@ -106,7 +123,7 @@ static u8 alloc_verbose, /* Additional debug messages */ hard_fail, /* abort() when max_mem exceeded? */ no_calloc_over; /* abort() on calloc() overflows? */ -#if defined __OpenBSD__ || defined __APPLE__ +#if defined __OpenBSD__ || defined __APPLE__ #define __thread #warning no thread support available #endif @@ -122,9 +139,9 @@ static __thread u32 alloc_canary; static void* __dislocator_alloc(size_t len) { - void* ret; + void* ret; size_t tlen; - int flags, fd, sp; + int flags, fd, sp; if (total_mem + len > max_mem || total_mem + len < total_mem) { @@ -156,21 +173,22 @@ static void* __dislocator_alloc(size_t len) { /* We will also store buffer length and a canary below the actual buffer, so let's add 8 bytes for that. */ - ret = mmap(NULL, tlen, PROT_READ | PROT_WRITE, - flags, fd, 0); + ret = mmap(NULL, tlen, PROT_READ | PROT_WRITE, flags, fd, 0); #if defined(USEHUGEPAGE) /* We try one more time with regular call */ if (ret == MAP_FAILED) { + #if defined(__APPLE__) - fd = -1; + fd = -1; #elif defined(__linux__) - flags &= -MAP_HUGETLB; + flags &= -MAP_HUGETLB; #elif defined(__FreeBSD__) - flags &= -MAP_ALIGNED_SUPER; + flags &= -MAP_ALIGNED_SUPER; #endif - ret = mmap(NULL, tlen, PROT_READ | PROT_WRITE, - flags, fd, 0); + ret = mmap(NULL, tlen, PROT_READ | PROT_WRITE, flags, fd, 0); + } + #endif if (ret == MAP_FAILED) { @@ -321,64 +339,75 @@ void* realloc(void* ptr, size_t len) { a normal request */ int posix_memalign(void** ptr, size_t align, size_t len) { - if (*ptr == NULL) - return EINVAL; - if ((align % 2) || (align % sizeof(void *))) - return EINVAL; - if (len == 0) { - *ptr = NULL; - return 0; - } - if (align >= 4 * sizeof(size_t)) len += align -1; - *ptr = malloc(len); + if (*ptr == NULL) return EINVAL; + if ((align % 2) || (align % sizeof(void*))) return EINVAL; + if (len == 0) { + + *ptr = NULL; + return 0; + + } + + if (align >= 4 * sizeof(size_t)) len += align - 1; + + *ptr = malloc(len); - DEBUGF("posix_memalign(%p %zu, %zu)", ptr, align, len); + DEBUGF("posix_memalign(%p %zu, %zu)", ptr, align, len); + + return 0; - return 0; } /* just the non-posix fashion */ -void *memalign(size_t align, size_t len) { - void* ret = NULL; +void* memalign(size_t align, size_t len) { + + void* ret = NULL; + + if (posix_memalign(&ret, align, len)) { + + DEBUGF("memalign(%zu, %zu) failed", align, len); - if (posix_memalign(&ret, align, len)) { - DEBUGF("memalign(%zu, %zu) failed", align, len); - } + } + + return ret; - return ret; } /* sort of C11 alias of memalign only more severe, alignment-wise */ -void *aligned_alloc(size_t align, size_t len) { - void *ret = NULL; +void* aligned_alloc(size_t align, size_t len) { - if ((len % align)) return NULL; + void* ret = NULL; - if (posix_memalign(&ret, align, len)) { - DEBUGF("aligned_alloc(%zu, %zu) failed", align, len); - } + if ((len % align)) return NULL; + + if (posix_memalign(&ret, align, len)) { + + DEBUGF("aligned_alloc(%zu, %zu) failed", align, len); + + } + + return ret; - return ret; } __attribute__((constructor)) void __dislocator_init(void) { - u8* tmp = (u8 *)getenv("AFL_LD_LIMIT_MB"); + u8* tmp = (u8*)getenv("AFL_LD_LIMIT_MB"); if (tmp) { - u8 *tok; - s32 mmem = (s32)strtol((char *)tmp, (char **)&tok, 10); + u8* tok; + s32 mmem = (s32)strtol((char*)tmp, (char**)&tok, 10); if (*tok != '\0' || errno == ERANGE) FATAL("Bad value for AFL_LD_LIMIT_MB"); max_mem = mmem * 1024 * 1024; } alloc_canary = ALLOC_CANARY; - tmp = (u8 *)getenv("AFL_RANDOM_ALLOC_CANARY"); + tmp = (u8*)getenv("AFL_RANDOM_ALLOC_CANARY"); if (tmp) arc4random_buf(&alloc_canary, sizeof(alloc_canary)); |