diff options
| -rw-r--r-- | include/forkserver.h | 2 | ||||
| -rw-r--r-- | llvm_mode/GNUmakefile | 4 | ||||
| -rw-r--r-- | llvm_mode/afl-llvm-rt.o.c | 4 | ||||
| -rw-r--r-- | src/afl-forkserver.c | 6 | ||||
| -rw-r--r-- | src/afl-fuzz-run.c | 2 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 3 |
6 files changed, 15 insertions, 6 deletions
diff --git a/include/forkserver.h b/include/forkserver.h index fa132837..87a59eaa 100644 --- a/include/forkserver.h +++ b/include/forkserver.h @@ -73,7 +73,7 @@ typedef struct afl_forkserver { u8 last_kill_signal; /* Signal that killed the child */ - u8 use_shdmen_fuzz; /* use shared mem for test cases */ + u8 use_shmem_fuzz; /* use shared mem for test cases */ u8 support_shmem_fuzz; /* set by afl-fuzz */ diff --git a/llvm_mode/GNUmakefile b/llvm_mode/GNUmakefile index 0e554a39..ca1e8e08 100644 --- a/llvm_mode/GNUmakefile +++ b/llvm_mode/GNUmakefile @@ -68,7 +68,7 @@ endif ifeq "$(LLVM_MAJOR)" "11" $(info [+] llvm_mode detected llvm 11, enabling afl-clang-lto LTO implementation) LLVM_LTO = 1 - TEST_MMAP = 1 + #TEST_MMAP = 1 endif ifeq "$(LLVM_LTO)" "0" @@ -236,7 +236,7 @@ ifeq "$(shell echo '$(HASH)include <sys/ipc.h>@$(HASH)include <sys/shm.h>@int ma SHMAT_OK=1 else SHMAT_OK=0 - CFLAGS+=-DUSEMMAP=1 + #CFLAGS+=-DUSEMMAP=1 LDFLAGS += -Wno-deprecated-declarations endif diff --git a/llvm_mode/afl-llvm-rt.o.c b/llvm_mode/afl-llvm-rt.o.c index 4bca3d37..e039d42e 100644 --- a/llvm_mode/afl-llvm-rt.o.c +++ b/llvm_mode/afl-llvm-rt.o.c @@ -311,6 +311,10 @@ static void __afl_map_shm(void) { id_str = getenv(CMPLOG_SHM_ENV_VAR); + if (getenv("AFL_DEBUG")) + fprintf(stderr, "DEBUG: cmplog id_str %s\n", + id_str == NULL ? "<null>" : id_str); + if (id_str) { #ifdef USEMMAP diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index c0b6b136..7f89f0dc 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -101,6 +101,7 @@ void afl_fsrv_init_dup(afl_forkserver_t *fsrv_to, afl_forkserver_t *from) { fsrv_to->exec_tmout = from->exec_tmout; fsrv_to->mem_limit = from->mem_limit; fsrv_to->map_size = from->map_size; + fsrv_to->support_shmem_fuzz = from->support_shmem_fuzz; #ifndef HAVE_ARC4RANDOM fsrv_to->dev_urandom_fd = from->dev_urandom_fd; @@ -435,6 +436,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, falling through. */ *(u32 *)fsrv->trace_bits = EXEC_FAIL_SIG; + fprintf(stderr, "Error: execv to target failed\n"); exit(0); } @@ -508,7 +510,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, if (fsrv->support_shmem_fuzz) { - fsrv->use_shdmen_fuzz = 1; + fsrv->use_shmem_fuzz = 1; if (!be_quiet) { ACTF("Using SHARED MEMORY FUZZING feature."); } if ((status & FS_OPT_AUTODICT) == 0) { @@ -567,7 +569,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, if (fsrv->function_ptr == NULL || fsrv->function_opt == NULL) { // this is not afl-fuzz - we deny and return - if (fsrv->use_shdmen_fuzz) + if (fsrv->use_shmem_fuzz) status = (FS_OPT_ENABLED | FS_OPT_AUTODICT | FS_OPT_SHDMEM_FUZZ); else status = (FS_OPT_ENABLED | FS_OPT_AUTODICT); diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c index 91a64fba..a85e00fe 100644 --- a/src/afl-fuzz-run.c +++ b/src/afl-fuzz-run.c @@ -232,7 +232,7 @@ u8 calibrate_case(afl_state_t *afl, struct queue_entry *q, u8 *use_mem, afl_fsrv_start(&afl->fsrv, afl->argv, &afl->stop_soon, afl->afl_env.afl_debug_child_output); - if (afl->fsrv.support_shmem_fuzz && !afl->fsrv.use_shdmen_fuzz) { + if (afl->fsrv.support_shmem_fuzz && !afl->fsrv.use_shmem_fuzz) { afl_shm_deinit(afl->shm_fuzz); ck_free(afl->shm_fuzz); diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 44b91877..d5fed9f2 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -792,6 +792,8 @@ int main(int argc, char **argv_orig, char **envp) { } + if (!mem_limit_given && afl->shm.cmplog_mode) afl->fsrv.mem_limit += 260; + OKF("afl++ is maintained by Marc \"van Hauser\" Heuse, Heiko \"hexcoder\" " "Eißfeldt, Andrea Fioraldi and Dominik Maier"); OKF("afl++ is open source, get it at " @@ -1228,6 +1230,7 @@ int main(int argc, char **argv_orig, char **envp) { afl->cmplog_fsrv.init_child_func = cmplog_exec_child; afl_fsrv_start(&afl->cmplog_fsrv, afl->argv, &afl->stop_soon, afl->afl_env.afl_debug_child_output); + OKF("Cmplog forkserver successfully started"); } |