diff options
| -rw-r--r-- | docs/env_variables.md | 4 | ||||
| -rw-r--r-- | include/common.h | 6 | ||||
| -rw-r--r-- | src/afl-analyze.c | 5 | ||||
| -rw-r--r-- | src/afl-common.c | 23 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 8 | ||||
| -rw-r--r-- | src/afl-showmap.c | 5 | ||||
| -rw-r--r-- | src/afl-tmin.c | 5 |
7 files changed, 40 insertions, 16 deletions
diff --git a/docs/env_variables.md b/docs/env_variables.md index 6fd08910..d1c13e15 100644 --- a/docs/env_variables.md +++ b/docs/env_variables.md @@ -418,6 +418,10 @@ checks or alter some of the more exotic semantics of the tool: fork server when AFL++ is terminated. Unless you implement your fork server, you likely do not have to set it. By default, `SIGTERM` (`AFL_FORK_SERVER_KILL_SIGNAL=15`) will be delivered to the fork server. + If only `AFL_KILL_SIGNAL` is provided, `AFL_FORK_SERVER_KILL_SIGNAL` will + be set to same value as `AFL_KILL_SIGNAL` to provide backward compatibility. + If `AFL_FORK_SERVER_KILL_SIGNAL` is also set, it takes precedence. + NOTE: Uncatchable signals, such as `SIGKILL`, cause child processes of the fork server to be orphaned and leaves them in a zombie state. diff --git a/include/common.h b/include/common.h index 34732197..c1ba0f20 100644 --- a/include/common.h +++ b/include/common.h @@ -32,6 +32,7 @@ #include <unistd.h> #include <sys/time.h> #include <stdbool.h> +#include "forkserver.h" #include "types.h" /* STRINGIFY_VAL_SIZE_MAX will fit all stringify_ strings. */ @@ -73,6 +74,11 @@ u8 *find_afl_binary(u8 *own_loc, u8 *fname); FATALs if `numeric_signal_as_str` is not a valid integer .*/ int parse_afl_kill_signal(u8 *numeric_signal_as_str, int default_signal); +/* Configure the signals that are used to kill the forkserver + and the forked childs. If `afl_kill_signal_env` or `afl_fsrv_kill_signal_env` + is NULL, the appropiate values are read from the environment. */ +void configure_afl_kill_signals(afl_forkserver_t *fsrv, char* afl_kill_signal_env, char* afl_fsrv_kill_signal_env); + /* Read a bitmap from file fname to memory This is for the -B option again. */ diff --git a/src/afl-analyze.c b/src/afl-analyze.c index cbcd2ede..d356874d 100644 --- a/src/afl-analyze.c +++ b/src/afl-analyze.c @@ -1115,10 +1115,7 @@ int main(int argc, char **argv_orig, char **envp) { } - fsrv.child_kill_signal = - parse_afl_kill_signal(getenv("AFL_KILL_SIGNAL"), SIGKILL); - fsrv.fsrv_kill_signal = - parse_afl_kill_signal(getenv("AFL_FORK_SERVER_KILL_SIGNAL"), SIGTERM); + configure_afl_kill_signals(&fsrv, NULL, NULL); read_initial_file(); diff --git a/src/afl-common.c b/src/afl-common.c index 75b463ed..f2934817 100644 --- a/src/afl-common.c +++ b/src/afl-common.c @@ -25,6 +25,7 @@ #include <stdlib.h> #include <stdio.h> +#include "forkserver.h" #ifndef _GNU_SOURCE #define _GNU_SOURCE #endif @@ -47,6 +48,7 @@ #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> +#include <signal.h> u8 be_quiet = 0; u8 *doc_path = ""; @@ -476,6 +478,27 @@ int parse_afl_kill_signal(u8 *numeric_signal_as_str, int default_signal) { return default_signal; } +void configure_afl_kill_signals(afl_forkserver_t *fsrv, char* afl_kill_signal_env, char* afl_fsrv_kill_signal_env) { + afl_kill_signal_env = afl_kill_signal_env ? + afl_kill_signal_env : getenv("AFL_KILL_SIGNAL"); + afl_fsrv_kill_signal_env = afl_fsrv_kill_signal_env ? + afl_fsrv_kill_signal_env : getenv("AFL_FORK_SERVER_KILL_SIGNAL"); + + fsrv->child_kill_signal = + parse_afl_kill_signal(afl_kill_signal_env, SIGKILL); + + if (afl_kill_signal_env && !afl_fsrv_kill_signal_env) { + /* + Set AFL_FORK_SERVER_KILL_SIGNAL to the value of AFL_KILL_SIGNAL for backwards + compatibility. However, if AFL_FORK_SERVER_KILL_SIGNAL is set, is takes precedence. + */ + afl_fsrv_kill_signal_env = afl_kill_signal_env; + } + fsrv->fsrv_kill_signal = + parse_afl_kill_signal(afl_fsrv_kill_signal_env, SIGTERM); + +} + static inline unsigned int helper_min3(unsigned int a, unsigned int b, unsigned int c) { diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 573a6b42..7e4e20a0 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -25,6 +25,7 @@ #include "afl-fuzz.h" #include "cmplog.h" +#include "common.h" #include <limits.h> #include <stdlib.h> #ifndef USEMMAP @@ -1358,10 +1359,9 @@ int main(int argc, char **argv_orig, char **envp) { #endif - afl->fsrv.child_kill_signal = - parse_afl_kill_signal(afl->afl_env.afl_child_kill_signal, SIGKILL); - afl->fsrv.fsrv_kill_signal = - parse_afl_kill_signal(afl->afl_env.afl_fsrv_kill_signal, SIGTERM); + configure_afl_kill_signals(&afl->fsrv, + afl->afl_env.afl_child_kill_signal, + afl->afl_env.afl_fsrv_kill_signal); setup_signal_handlers(); check_asan_opts(afl); diff --git a/src/afl-showmap.c b/src/afl-showmap.c index 80a9e766..19288c04 100644 --- a/src/afl-showmap.c +++ b/src/afl-showmap.c @@ -1260,10 +1260,7 @@ int main(int argc, char **argv_orig, char **envp) { : 0); be_quiet = save_be_quiet; - fsrv->child_kill_signal = - parse_afl_kill_signal(getenv("AFL_KILL_SIGNAL"), SIGKILL); - fsrv->fsrv_kill_signal = - parse_afl_kill_signal(getenv("AFL_FORK_SERVER_KILL_SIGNAL"), SIGTERM); + configure_afl_kill_signals(fsrv, NULL, NULL); if (new_map_size) { diff --git a/src/afl-tmin.c b/src/afl-tmin.c index d4660eb1..43636b6f 100644 --- a/src/afl-tmin.c +++ b/src/afl-tmin.c @@ -1197,10 +1197,7 @@ int main(int argc, char **argv_orig, char **envp) { } - fsrv->child_kill_signal = - parse_afl_kill_signal(getenv("AFL_KILL_SIGNAL"), SIGKILL); - fsrv->fsrv_kill_signal = - parse_afl_kill_signal(getenv("AFL_FORK_SERVER_KILL_SIGNAL"), SIGTERM); + configure_afl_kill_signals(fsrv, NULL, NULL); if (getenv("AFL_CRASH_EXITCODE")) { |