diff options
| author | van Hauser <vh@thc.org> | 2020-06-03 10:50:49 +0200 |
|---|---|---|
| committer | van Hauser <vh@thc.org> | 2020-06-03 10:50:49 +0200 |
| commit | fc164e4709f1f1c91f9343eb116627417e7f267f (patch) | |
| tree | 335c24fa435c28ca2026e69a0a719daa7e6badef /qemu_mode/patches | |
| parent | 1c95e2e8e0674b69bf38e3e097948c6db9f07493 (diff) | |
| download | afl++-fc164e4709f1f1c91f9343eb116627417e7f267f.tar.gz | |
code format
Diffstat (limited to 'qemu_mode/patches')
| -rw-r--r-- | qemu_mode/patches/afl-qemu-common.h | 7 | ||||
| -rw-r--r-- | qemu_mode/patches/afl-qemu-cpu-inl.h | 33 |
2 files changed, 20 insertions, 20 deletions
diff --git a/qemu_mode/patches/afl-qemu-common.h b/qemu_mode/patches/afl-qemu-common.h index 5812596a..f7ffa56a 100644 --- a/qemu_mode/patches/afl-qemu-common.h +++ b/qemu_mode/patches/afl-qemu-common.h @@ -63,9 +63,8 @@ #define INC_AFL_AREA(loc) afl_area_ptr[loc]++ #endif -typedef void (*afl_persistent_hook_fn)(uint64_t *regs, - uint64_t guest_base, - uint8_t* input_buf, +typedef void (*afl_persistent_hook_fn)(uint64_t *regs, uint64_t guest_base, + uint8_t *input_buf, uint32_t input_buf_len); /* Declared in afl-qemu-cpu-inl.h */ @@ -86,7 +85,7 @@ extern int persisent_retaddr_offset; extern u8 *shared_buf; extern u32 shared_buf_len; -extern u8 sharedmem_fuzzing; +extern u8 sharedmem_fuzzing; extern afl_persistent_hook_fn afl_persistent_hook_ptr; diff --git a/qemu_mode/patches/afl-qemu-cpu-inl.h b/qemu_mode/patches/afl-qemu-cpu-inl.h index dc18ea95..7836e2cf 100644 --- a/qemu_mode/patches/afl-qemu-cpu-inl.h +++ b/qemu_mode/patches/afl-qemu-cpu-inl.h @@ -85,7 +85,7 @@ int persisent_retaddr_offset; u8 *shared_buf; u32 shared_buf_len; -u8 sharedmem_fuzzing; +u8 sharedmem_fuzzing; afl_persistent_hook_fn afl_persistent_hook_ptr; @@ -163,7 +163,8 @@ static void afl_map_shm_fuzz(void) { } else { - fprintf(stderr, "[AFL] ERROR: variable for fuzzing shared memory is not set\n"); + fprintf(stderr, + "[AFL] ERROR: variable for fuzzing shared memory is not set\n"); exit(1); } @@ -282,9 +283,9 @@ void afl_setup(void) { exit(1); } - - int (*afl_persistent_hook_init_ptr)(void) = dlsym(plib, - "afl_persistent_hook_init"); + + int (*afl_persistent_hook_init_ptr)(void) = + dlsym(plib, "afl_persistent_hook_init"); if (afl_persistent_hook_init_ptr) sharedmem_fuzzing = afl_persistent_hook_init_ptr(); @@ -302,7 +303,7 @@ void afl_setup(void) { #endif } - + if (getenv("AFL_QEMU_PERSISTENT_RETADDR_OFFSET")) persisent_retaddr_offset = strtoll(getenv("AFL_QEMU_PERSISTENT_RETADDR_OFFSET"), NULL, 0); @@ -318,7 +319,7 @@ void afl_setup(void) { void afl_forkserver(CPUState *cpu) { - //u32 map_size = 0; + // u32 map_size = 0; unsigned char tmp[4] = {0}; if (forkserver_installed == 1) return; @@ -331,8 +332,8 @@ void afl_forkserver(CPUState *cpu) { pid_t child_pid; int t_fd[2]; u8 child_stopped = 0; - u32 was_killed; - int status; + u32 was_killed; + int status; // with the max ID value if (MAP_SIZE <= FS_OPT_MAX_MAPSIZE) @@ -349,7 +350,7 @@ void afl_forkserver(CPUState *cpu) { afl_forksrv_pid = getpid(); int first_run = 1; - + if (sharedmem_fuzzing) { if (read(FORKSRV_FD, &was_killed, 4) != 4) exit(2); @@ -358,11 +359,12 @@ void afl_forkserver(CPUState *cpu) { (FS_OPT_ENABLED | FS_OPT_SHDMEM_FUZZ)) afl_map_shm_fuzz(); else { - - fprintf(stderr, "[AFL] ERROR: afl-fuzz is old and does not support" - " shmem input"); + + fprintf(stderr, + "[AFL] ERROR: afl-fuzz is old and does not support" + " shmem input"); exit(1); - + } } @@ -374,7 +376,7 @@ void afl_forkserver(CPUState *cpu) { /* Whoops, parent dead? */ if (read(FORKSRV_FD, &was_killed, 4) != 4) exit(2); - + shared_buf_len = (was_killed >> 8); was_killed = (was_killed & 0xff); @@ -459,7 +461,6 @@ void afl_forkserver(CPUState *cpu) { } - /* A simplified persistent mode handler, used as explained in * llvm_mode/README.md. */ |