Merge pull request #617 from AFLplusplus/dev

push to stable
author: van Hauser <vh@thc.org> 2020-12-11 11:38:22 +0100
committer: GitHub <noreply@github.com> 2020-12-11 11:38:22 +0100
commit: 12d62d539353517abee8069df6e591f4fc474e93 (patch)
tree: c7ec08c39d3153ab3de1602fbda0739dd32dd37e /utils/qbdi_mode/demo-so.c
parent: 3997d06cbd09e12cd0367170b3e2698ee71dd8cf (diff)
parent: d5ded820e5b610f330cf23f53c21c169032a725a (diff)
download: afl++-12d62d539353517abee8069df6e591f4fc474e93.tar.gz
1 files changed, 41 insertions, 0 deletions
diff --git a/utils/qbdi_mode/demo-so.c b/utils/qbdi_mode/demo-so.c
new file mode 100755
index 00000000..dd367036
--- /dev/null
+++ b/utils/qbdi_mode/demo-so.c
@@ -0,0 +1,41 @@
+#include <stdio.h>
+
+// gcc -shared -o libdemo.so demo-so.c -w
+int target_func(char *buf, int size) {
+
+  printf("buffer:%p, size:%p\n", buf, size);
+  switch (buf[0]) {
+
+    case 1:
+      puts("222");
+      if (buf[1] == '\x44') {
+
+        puts("null ptr deference");
+        *(char *)(0) = 1;
+
+      }
+
+      break;
+    case 0xff:
+      if (buf[2] == '\xff') {
+
+        if (buf[1] == '\x44') {
+
+          puts("crash....");
+          *(char *)(0xdeadbeef) = 1;
+
+        }
+
+      }
+
+      break;
+    default:
+      puts("default action");
+      break;
+
+  }
+
+  return 1;
+
+}
+
author	van Hauser <vh@thc.org>	2020-12-11 11:38:22 +0100
committer	GitHub <noreply@github.com>	2020-12-11 11:38:22 +0100
commit	12d62d539353517abee8069df6e591f4fc474e93 (patch)
tree	c7ec08c39d3153ab3de1602fbda0739dd32dd37e /utils/qbdi_mode/demo-so.c
parent	3997d06cbd09e12cd0367170b3e2698ee71dd8cf (diff)
parent	d5ded820e5b610f330cf23f53c21c169032a725a (diff)
download	afl++-12d62d539353517abee8069df6e591f4fc474e93.tar.gz