User defined kill signal value (#678)

* Adding AFL_KILL_SIGNAL environment variable

Controlling the kill signal used to end forked processes.

* Checking validity of AFL_KILL_SIGNAL env variable

This commit also sets a valid value in the environment to avoid
duplicating code in at_exit(). Changing data type of
fsrv->kill_signal to u8 to match last_kill_signal.

* Adding afl_kill_signal to AFL (environment) state

This commit simply introduces a struct member for future use. The
env variable is not used from the afl struct but from fsrv, where
its validity is checked, resulting in a FATAL in case of errors.

1 files changed, 9 insertions, 2 deletions

diff --git a/src/afl-fuzz-state.c b/src/afl-fuzz-state.c
index 34456c0d..60c9684c 100644
--- a/src/afl-fuzz-state.c
+++ b/src/afl-fuzz-state.c
@@ -418,6 +418,13 @@ void read_afl_environment(afl_state_t *afl, char **envp) {
                 (u8 *)get_afl_env(afl_environment_variables[i]);
 #endif
 
+          } else if (!strncmp(env, "AFL_KILL_SIGNAL",
+
+                              afl_environment_variable_len)) {
+
+            afl->afl_env.afl_kill_signal =
+                (u8 *)get_afl_env(afl_environment_variables[i]);
+
           }
 
         } else {
@@ -524,8 +531,8 @@ void afl_states_stop(void) {
 
   LIST_FOREACH(&afl_states, afl_state_t, {
 
-    if (el->fsrv.child_pid > 0) kill(el->fsrv.child_pid, SIGKILL);
-    if (el->fsrv.fsrv_pid > 0) kill(el->fsrv.fsrv_pid, SIGKILL);
+    if (el->fsrv.child_pid > 0) kill(el->fsrv.child_pid, el->fsrv.kill_signal);
+    if (el->fsrv.fsrv_pid > 0) kill(el->fsrv.fsrv_pid, el->fsrv.kill_signal);
 
   });