diff options
| author | Andrea Fioraldi <andreafioraldi@gmail.com> | 2019-10-31 16:19:26 +0100 |
|---|---|---|
| committer | Andrea Fioraldi <andreafioraldi@gmail.com> | 2019-10-31 16:19:26 +0100 |
| commit | 58fe2f2c767b4dfe973b75feaf7df78c798b62d5 (patch) | |
| tree | 9c00033f34783b1f184641a2ae47734c2b542913 /libtokencap/libtokencap.so.c | |
| parent | 664f603a31ff7b118d14fa6409dd662ee604b36c (diff) | |
| parent | b17afc10a23cf87b3a0b8290491de4edd80c9c71 (diff) | |
| download | afl++-58fe2f2c767b4dfe973b75feaf7df78c798b62d5.tar.gz | |
Merge branch 'master' of github.com:vanhauser-thc/AFLplusplus
Diffstat (limited to 'libtokencap/libtokencap.so.c')
| -rw-r--r-- | libtokencap/libtokencap.so.c | 61 |
1 files changed, 46 insertions, 15 deletions
diff --git a/libtokencap/libtokencap.so.c b/libtokencap/libtokencap.so.c index 7ed231fe..2fe9ae63 100644 --- a/libtokencap/libtokencap.so.c +++ b/libtokencap/libtokencap.so.c @@ -23,6 +23,7 @@ #include <string.h> #include <ctype.h> #include <unistd.h> +#include <fcntl.h> #include "../types.h" #include "../config.h" @@ -49,7 +50,7 @@ static struct mapping { void *st, *en; } __tokencap_ro[MAX_MAPPINGS]; static u32 __tokencap_ro_cnt; static u8 __tokencap_ro_loaded; -static FILE* __tokencap_out_file; +static int __tokencap_out_file = -1; /* Identify read-only regions in memory. Only parameters that fall into these ranges are worth dumping when passed to strcmp() and so on. Read-write @@ -114,7 +115,7 @@ static void __tokencap_load_mappings(void) { #elif defined __FreeBSD__ || defined __OpenBSD__ || defined __NetBSD__ #if defined __FreeBSD__ - int mib[] = {CTL_KERN, KERN_PROC, KERN_PROC_VMMAP, getpid()}; + int mib[] = {CTL_KERN, KERN_PROC, KERN_PROC_VMMAP, -1}; #elif defined __OpenBSD__ int mib[] = {CTL_KERN, KERN_PROC_VMMAP, getpid()}; #elif defined __NetBSD__ @@ -133,9 +134,7 @@ static void __tokencap_load_mappings(void) { #endif buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANON, -1, 0); - if (!buf) { - return; - } + if (buf == MAP_FAILED) return; if (sysctl(mib, miblen, buf, &len, NULL, 0) == -1) { @@ -211,7 +210,7 @@ static void __tokencap_dump(const u8* ptr, size_t len, u8 is_text) { u32 i; u32 pos = 0; - if (len < MIN_AUTO_EXTRA || len > MAX_AUTO_EXTRA || !__tokencap_out_file) + if (len < MIN_AUTO_EXTRA || len > MAX_AUTO_EXTRA || __tokencap_out_file == -1) return; for (i = 0; i < len; i++) { @@ -237,7 +236,9 @@ static void __tokencap_dump(const u8* ptr, size_t len, u8 is_text) { buf[pos] = 0; - fprintf(__tokencap_out_file, "\"%s\"\n", buf); + int wrt_ok = ( 1 == write(__tokencap_out_file, "\"", 1)); + wrt_ok &= (pos == write(__tokencap_out_file, buf, pos)); + wrt_ok &= (2 == write(__tokencap_out_file, "\"\n", 2)); } @@ -253,7 +254,7 @@ int strcmp(const char* str1, const char* str2) { while (1) { - unsigned char c1 = *str1, c2 = *str2; + const unsigned char c1 = *str1, c2 = *str2; if (c1 != c2) return (c1 > c2) ? 1 : -1; if (!c1) return 0; @@ -295,7 +296,7 @@ int strcasecmp(const char* str1, const char* str2) { while (1) { - unsigned char c1 = tolower(*str1), c2 = tolower(*str2); + const unsigned char c1 = tolower(*str1), c2 = tolower(*str2); if (c1 != c2) return (c1 > c2) ? 1 : -1; if (!c1) return 0; @@ -315,7 +316,7 @@ int strncasecmp(const char* str1, const char* str2, size_t len) { while (len--) { - unsigned char c1 = tolower(*str1), c2 = tolower(*str2); + const unsigned char c1 = tolower(*str1), c2 = tolower(*str2); if (!c1) return 0; if (c1 != c2) return (c1 > c2) ? 1 : -1; @@ -335,12 +336,15 @@ int memcmp(const void* mem1, const void* mem2, size_t len) { if (__tokencap_is_ro(mem1)) __tokencap_dump(mem1, len, 0); if (__tokencap_is_ro(mem2)) __tokencap_dump(mem2, len, 0); + const char *strmem1 = (const char *)mem1; + const char *strmem2 = (const char *)mem2; + while (len--) { - unsigned char c1 = *(const char*)mem1, c2 = *(const char*)mem2; + const unsigned char c1 = *strmem1, c2 = *strmem2; if (c1 != c2) return (c1 > c2) ? 1 : -1; - mem1++; - mem2++; + strmem1++; + strmem2++; } @@ -348,6 +352,28 @@ int memcmp(const void* mem1, const void* mem2, size_t len) { } +#undef bcmp + +int bcmp(const void* mem1, const void* mem2, size_t len) { + + if (__tokencap_is_ro(mem1)) __tokencap_dump(mem1, len, 0); + if (__tokencap_is_ro(mem2)) __tokencap_dump(mem2, len, 0); + + const char *strmem1 = (const char *)mem1; + const char *strmem2 = (const char *)mem2; + + while (len--) { + + int diff = *strmem1 ^ *strmem2; + if (diff != 0) return 1; + strmem1++; + strmem2++; + + } + + return 0; +} + #undef strstr char* strstr(const char* haystack, const char* needle) { @@ -403,8 +429,13 @@ char* strcasestr(const char* haystack, const char* needle) { __attribute__((constructor)) void __tokencap_init(void) { u8* fn = getenv("AFL_TOKEN_FILE"); - if (fn) __tokencap_out_file = fopen(fn, "a"); - if (!__tokencap_out_file) __tokencap_out_file = stderr; + if (fn) __tokencap_out_file = open(fn, O_RDWR | O_CREAT | O_APPEND, 0655); + if (__tokencap_out_file == -1) __tokencap_out_file = STDERR_FILENO; + +} +/* closing as best as we can the tokens file */ +__attribute__((destructor)) void __tokencap_shutdown(void) { + if (__tokencap_out_file != STDERR_FILENO) close(__tokencap_out_file); } |