diff options
| -rw-r--r-- | examples/afl_untracer/afl-untracer.c | 40 | ||||
| -rw-r--r-- | llvm_mode/afl-clang-fast.c | 6 | ||||
| -rw-r--r-- | llvm_mode/afl-llvm-lto-instrim.so.cc | 24 | ||||
| -rw-r--r-- | llvm_mode/afl-llvm-lto-instrumentation.so.cc | 24 |
4 files changed, 58 insertions, 36 deletions
diff --git a/examples/afl_untracer/afl-untracer.c b/examples/afl_untracer/afl-untracer.c index 99f06f36..5dbc71bf 100644 --- a/examples/afl_untracer/afl-untracer.c +++ b/examples/afl_untracer/afl-untracer.c @@ -279,12 +279,13 @@ library_list_t *find_library(char *name) { /* for having an easy breakpoint after load the shared library */ // this seems to work for clang too. nice :) requires gcc 4.4+ #pragma GCC push_options -#pragma GCC optimize ("O0") -void breakpoint() { +#pragma GCC optimize("O0") +void breakpoint() { if (debug) fprintf(stderr, "Breakpoint function \"breakpoint\" reached.\n"); } + #pragma GCC pop_options /* Error reporting to forkserver controller */ @@ -470,7 +471,7 @@ void setup_trap_instrumentation() { FILE *patches = fopen(filename, "r"); if (!patches) FATAL("Couldn't open AFL_UNTRACER_FILE file %s", filename); - // Index into the coverage bitmap for the current trap instruction. + // Index into the coverage bitmap for the current trap instruction. #ifdef __aarch64__ uint64_t bitmap_index = 0; #else @@ -507,11 +508,13 @@ void setup_trap_instrumentation() { PROT_READ | PROT_WRITE | PROT_EXEC) != 0) FATAL("Failed to mprotect library %s writable", line); - // Create shadow memory. + // Create shadow memory. #ifdef __aarch64__ for (int i = 0; i < 8; i++) { + #else for (int i = 0; i < 4; i++) { + #endif void *shadow_addr = SHADOW(lib_addr + i); @@ -540,16 +543,17 @@ void setup_trap_instrumentation() { FATAL("Too many basic blocks to instrument"); #ifdef __arch64__ - uint64_t + uint64_t #else - uint32_t + uint32_t #endif - *shadow = SHADOW(lib_addr + offset); + *shadow = SHADOW(lib_addr + offset); if (*shadow != 0) continue; // skip duplicates // Make lookup entry in shadow memory. -#if ((defined(__APPLE__) && defined(__LP64__)) || defined(__x86_64__) || defined(__i386__)) +#if ((defined(__APPLE__) && defined(__LP64__)) || defined(__x86_64__) || \ + defined(__i386__)) // this is for Intel x64 @@ -566,10 +570,10 @@ void setup_trap_instrumentation() { // this is for aarch64 - uint32_t *patch_bytes = (uint32_t*)(lib_addr + offset); - uint32_t orig_bytes = *patch_bytes; + uint32_t *patch_bytes = (uint32_t *)(lib_addr + offset); + uint32_t orig_bytes = *patch_bytes; *shadow = (bitmap_index << 32) | orig_bytes; - *patch_bytes = 0xd4200000; // replace instruction with debug trap + *patch_bytes = 0xd4200000; // replace instruction with debug trap if (debug) fprintf(stderr, "Patch entry: %p[%x] = %p = %02x -> SHADOW(%p) #%d -> %016x\n", @@ -577,14 +581,14 @@ void setup_trap_instrumentation() { bitmap_index, *shadow); #else - // this will be ARM and AARCH64 - // for ARM we will need to identify if the code is in thumb or ARM + // this will be ARM and AARCH64 + // for ARM we will need to identify if the code is in thumb or ARM #error "non x86_64/aarch64 not supported yet" - //__arm__: - // linux thumb: 0xde01 - // linux arm: 0xe7f001f0 - //__aarch64__: - // linux aarch64: 0xd4200000 + //__arm__: + // linux thumb: 0xde01 + // linux arm: 0xe7f001f0 + //__aarch64__: + // linux aarch64: 0xd4200000 #endif bitmap_index++; diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index 1f3463eb..42b02bdd 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -716,9 +716,11 @@ int main(int argc, char **argv, char **envp) { } } - + if (instrument_opt_mode && lto_mode) - FATAL("CTX and NGRAM can not be used in LTO mode (and would make LTO useless)"); + FATAL( + "CTX and NGRAM can not be used in LTO mode (and would make LTO " + "useless)"); if (!instrument_opt_mode) { diff --git a/llvm_mode/afl-llvm-lto-instrim.so.cc b/llvm_mode/afl-llvm-lto-instrim.so.cc index 9fd3e3ec..f862e091 100644 --- a/llvm_mode/afl-llvm-lto-instrim.so.cc +++ b/llvm_mode/afl-llvm-lto-instrim.so.cc @@ -346,11 +346,15 @@ struct InsTrimLTO : public ModulePass { if (auto *Var = dyn_cast<GlobalVariable>(Ptr->getOperand(0))) { - if (auto *Array = dyn_cast<ConstantDataArray>( - Var->getInitializer())) { + if (Var->hasInitializer()) { - HasStr2 = true; - Str2 = Array->getAsString().str(); + if (auto *Array = dyn_cast<ConstantDataArray>( + Var->getInitializer())) { + + HasStr2 = true; + Str2 = Array->getAsString().str(); + + } } @@ -419,11 +423,15 @@ struct InsTrimLTO : public ModulePass { if (auto *Var = dyn_cast<GlobalVariable>(Ptr->getOperand(0))) { - if (auto *Array = dyn_cast<ConstantDataArray>( - Var->getInitializer())) { + if (Var->hasInitializer()) { + + if (auto *Array = dyn_cast<ConstantDataArray>( + Var->getInitializer())) { + + HasStr1 = true; + Str1 = Array->getAsString().str(); - HasStr1 = true; - Str1 = Array->getAsString().str(); + } } diff --git a/llvm_mode/afl-llvm-lto-instrumentation.so.cc b/llvm_mode/afl-llvm-lto-instrumentation.so.cc index 79081d37..0e353fdf 100644 --- a/llvm_mode/afl-llvm-lto-instrumentation.so.cc +++ b/llvm_mode/afl-llvm-lto-instrumentation.so.cc @@ -326,11 +326,15 @@ bool AFLLTOPass::runOnModule(Module &M) { if (auto *Var = dyn_cast<GlobalVariable>(Ptr->getOperand(0))) { - if (auto *Array = - dyn_cast<ConstantDataArray>(Var->getInitializer())) { + if (Var->hasInitializer()) { - HasStr2 = true; - Str2 = Array->getAsString().str(); + if (auto *Array = dyn_cast<ConstantDataArray>( + Var->getInitializer())) { + + HasStr2 = true; + Str2 = Array->getAsString().str(); + + } } @@ -398,11 +402,15 @@ bool AFLLTOPass::runOnModule(Module &M) { if (auto *Var = dyn_cast<GlobalVariable>(Ptr->getOperand(0))) { - if (auto *Array = - dyn_cast<ConstantDataArray>(Var->getInitializer())) { + if (Var->hasInitializer()) { + + if (auto *Array = dyn_cast<ConstantDataArray>( + Var->getInitializer())) { + + HasStr1 = true; + Str1 = Array->getAsString().str(); - HasStr1 = true; - Str1 = Array->getAsString().str(); + } } |