AFL_PRELOAD -> QEMU_SET_ENV for afl-fuzz,afl-showmap,afl-analyze,afl-tmin

1 files changed, 30 insertions, 3 deletions

diff --git a/src/afl-showmap.c b/src/afl-showmap.c
index b54ac2b0..0e3e5351 100644
--- a/src/afl-showmap.c
+++ b/src/afl-showmap.c
@@ -83,6 +83,8 @@ static volatile u8 stop_soon,          /* Ctrl-C pressed?                   */
     child_timed_out,                   /* Child timed out?                  */
     child_crashed;                     /* Child crashed?                    */
 
+static u8 qemu_mode;
+
 /* Classify tuple counts. Instead of mapping to individual bits, as in
    afl-fuzz.c, we map to more user-friendly numbers between 1 and 8. */
 
@@ -358,8 +360,33 @@ static void set_up_environment(void) {
 
   if (getenv("AFL_PRELOAD")) {
 
-    setenv("LD_PRELOAD", getenv("AFL_PRELOAD"), 1);
-    setenv("DYLD_INSERT_LIBRARIES", getenv("AFL_PRELOAD"), 1);
+    if (qemu_mode) {
+
+      u8* qemu_preload = getenv("QEMU_SET_ENV");
+      u8* afl_preload = getenv("AFL_PRELOAD");
+      u8* buf;
+      
+      s32 i, afl_preload_size = strlen(afl_preload);
+      for (i = 0; i < afl_preload_size; ++i) {
+        if (afl_preload[i] == ',')
+          PFATAL("Comma (',') is not allowed in AFL_PRELOAD when -Q is specified!");
+      }
+
+      if (qemu_preload)
+        buf = alloc_printf("%s,LD_PRELOAD=%s", qemu_preload, afl_preload);
+      else
+        buf = alloc_printf("LD_PRELOAD=%s", afl_preload);
+
+      setenv("QEMU_SET_ENV", buf, 1);
+      
+      ck_free(buf);
+
+    } else {
+
+      setenv("LD_PRELOAD", getenv("AFL_PRELOAD"), 1);
+      setenv("DYLD_INSERT_LIBRARIES", getenv("AFL_PRELOAD"), 1);
+
+    }
 
   }
 
@@ -498,7 +525,7 @@ static void find_binary(u8* fname) {
 int main(int argc, char** argv) {
 
   s32 opt;
-  u8  mem_limit_given = 0, timeout_given = 0, qemu_mode = 0, unicorn_mode = 0,
+  u8  mem_limit_given = 0, timeout_given = 0, unicorn_mode = 0,
      use_wine = 0;
   u32    tcnt = 0;
   char** use_argv;