diff options
| author | Dominik Maier <domenukk@gmail.com> | 2020-06-09 03:03:21 +0200 |
|---|---|---|
| committer | Dominik Maier <domenukk@gmail.com> | 2020-06-09 03:03:21 +0200 |
| commit | 92b8c5bb6037cb6626682653eacaa124504c592b (patch) | |
| tree | 23976001fee17bd4da81ee965173a24e85bb947b /llvm_mode/afl-llvm-rt.o.c | |
| parent | 646237e234f74f7f70780f1d880e666fcf75c65e (diff) | |
| download | afl++-92b8c5bb6037cb6626682653eacaa124504c592b.tar.gz | |
fixed shmap fuzzing
Diffstat (limited to 'llvm_mode/afl-llvm-rt.o.c')
| -rw-r--r-- | llvm_mode/afl-llvm-rt.o.c | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/llvm_mode/afl-llvm-rt.o.c b/llvm_mode/afl-llvm-rt.o.c index e039d42e..cc1c7c20 100644 --- a/llvm_mode/afl-llvm-rt.o.c +++ b/llvm_mode/afl-llvm-rt.o.c @@ -122,6 +122,8 @@ static void __afl_map_shm_fuzz() { if (id_str) { + u8 *map = NULL; + #ifdef USEMMAP const char * shm_file_path = id_str; int shm_fd = -1; @@ -137,26 +139,29 @@ static void __afl_map_shm_fuzz() { } - __afl_fuzz_len = (u32 *)mmap(0, MAX_FILE, PROT_READ, MAP_SHARED, shm_fd, 0); + map = (u8 *)mmap(0, MAX_FILE, PROT_READ, MAP_SHARED, shm_fd, 0); #else u32 shm_id = atoi(id_str); - - __afl_fuzz_len = (u32 *)shmat(shm_id, NULL, 0); + map = (u8 *)shmat(shm_id, NULL, 0); #endif /* Whooooops. */ - if (__afl_fuzz_len == (void *)-1) { + if (!map || map == (void *)-1) { - fprintf(stderr, "Error: could not access fuzzing shared memory\n"); + perror("Could not access fuzzign shared memory"); exit(1); } - if (getenv("AFL_DEBUG")) + __afl_fuzz_len = (u32 *)map; + __afl_fuzz_ptr = (u8 *)(map + sizeof(u32)); + + if (getenv("AFL_DEBUG")) { fprintf(stderr, "DEBUG: successfully got fuzzing shared memory\n"); + } } else { @@ -165,8 +170,6 @@ static void __afl_map_shm_fuzz() { } - __afl_fuzz_ptr = (u8 *)(__afl_fuzz_len + sizeof(int)); - } /* SHM setup. */ |