diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/afl-as.h | 4 | ||||
| -rw-r--r-- | include/afl-fuzz.h | 16 | ||||
| -rw-r--r-- | include/common.h | 9 | ||||
| -rw-r--r-- | include/forkserver.h | 8 | ||||
| -rw-r--r-- | include/sharedmem.h | 2 |
5 files changed, 18 insertions, 21 deletions
diff --git a/include/afl-as.h b/include/afl-as.h index e90289d4..3c12c68f 100644 --- a/include/afl-as.h +++ b/include/afl-as.h @@ -192,7 +192,7 @@ static const u8 *main_payload_32 = #ifdef SKIP_COUNTS " orb $1, (%edx, %edi, 1)\n" #else - " incb (%edx, %edi, 1)\n" + " addb $1, (%edx, %edi, 1)\n" " adcb $0, (%edx, %edi, 1)\n" // never zero counter implementation. slightly better path discovery and little performance impact #endif /* ^SKIP_COUNTS */ "\n" @@ -447,7 +447,7 @@ static const u8 *main_payload_64 = #ifdef SKIP_COUNTS " orb $1, (%rdx, %rcx, 1)\n" #else - " incb (%rdx, %rcx, 1)\n" + " addb $1, (%rdx, %rcx, 1)\n" " adcb $0, (%rdx, %rcx, 1)\n" // never zero counter implementation. slightly better path discovery and little performance impact #endif /* ^SKIP_COUNTS */ "\n" diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index 32ae2a58..3b5cc0e2 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -408,8 +408,8 @@ typedef struct afl_state { debug, /* Debug mode */ custom_only, /* Custom mutator only mode */ python_only, /* Python-only mode */ - is_master, /* if this is a master */ - is_slave; /* if this is a slave */ + is_main_node, /* if this is the main node */ + is_secondary_node; /* if this is a secondary instance */ u32 stats_update_freq; /* Stats update frequency (execs) */ @@ -421,7 +421,7 @@ typedef struct afl_state { u8 skip_deterministic, /* Skip deterministic stages? */ use_splicing, /* Recombine input files? */ - dumb_mode, /* Run in non-instrumented mode? */ + non_instrumented_mode, /* Run in non-instrumented mode? */ score_changed, /* Scoring for favorites changed? */ resuming_fuzz, /* Resuming an older fuzzing job? */ timeout_given, /* Specific timeout given? */ @@ -444,7 +444,8 @@ typedef struct afl_state { deferred_mode, /* Deferred forkserver mode? */ fixed_seed, /* do not reseed */ fast_cal, /* Try to calibrate faster? */ - disable_trim; /* Never trim in fuzz_one */ + disable_trim, /* Never trim in fuzz_one */ + shmem_testcase_mode; /* If sharedmem testcases are used */ u8 *virgin_bits, /* Regions yet untouched by fuzzing */ *virgin_tmout, /* Bits we haven't seen in tmouts */ @@ -502,7 +503,7 @@ typedef struct afl_state { s32 stage_cur, stage_max; /* Stage progression */ s32 splicing_with; /* Splicing with which test case? */ - u32 master_id, master_max; /* Master instance job splitting */ + u32 main_node_id, main_node_max; /* Main instance job splitting */ u32 syncing_case; /* Syncing with case #... */ @@ -806,6 +807,9 @@ void afl_states_clear_screen(void); /* Sets the skip flag on all states */ void afl_states_request_skip(void); +/* Setup shmem for testcase delivery */ +void setup_testcase_shmem(afl_state_t *afl); + void read_afl_environment(afl_state_t *, char **); /**** Prototypes ****/ @@ -912,7 +916,7 @@ u32 find_start_position(afl_state_t *); void find_timeout(afl_state_t *); double get_runnable_processes(void); void nuke_resume_dir(afl_state_t *); -int check_master_exists(afl_state_t *); +int check_main_node_exists(afl_state_t *); void setup_dirs_fds(afl_state_t *); void setup_cmdline_file(afl_state_t *, char **); void setup_stdio_file(afl_state_t *); diff --git a/include/common.h b/include/common.h index 4aed9572..87a7425b 100644 --- a/include/common.h +++ b/include/common.h @@ -107,14 +107,7 @@ u8 *u_stringify_mem_size(u8 *buf, u64 val); u8 *u_stringify_time_diff(u8 *buf, u64 cur_ms, u64 event_ms); -/* Wrapper for select() and read(), reading exactly len bytes. - Returns the time passed to read. - stop_soon should point to a variable indicating ctrl+c was pressed. - If the wait times out, returns timeout_ms + 1; - Returns 0 if an error occurred (fd closed, signal, ...); */ -u32 read_timed(s32 fd, void *buf, size_t len, u32 timeout_ms, - volatile u8 *stop_soon_p); - +/* Reads the map size from ENV */ u32 get_map_size(void); #endif diff --git a/include/forkserver.h b/include/forkserver.h index 00555d7e..87a59eaa 100644 --- a/include/forkserver.h +++ b/include/forkserver.h @@ -73,17 +73,17 @@ typedef struct afl_forkserver { u8 last_kill_signal; /* Signal that killed the child */ - u8 use_shdmen_fuzz; /* use shared mem for test cases */ + u8 use_shmem_fuzz; /* use shared mem for test cases */ - u8 support_shdmen_fuzz; /* set by afl-fuzz */ + u8 support_shmem_fuzz; /* set by afl-fuzz */ u8 use_fauxsrv; /* Fauxsrv for non-forking targets? */ u8 qemu_mode; /* if running in qemu mode or not */ - u32 shdmem_fuzz_len; /* length of the fuzzing test case */ + u32 *shmem_fuzz_len; /* length of the fuzzing test case */ - u8 *shdmem_fuzz; /* allocated memory for fuzzing */ + u8 *shmem_fuzz; /* allocated memory for fuzzing */ char *cmplog_binary; /* the name of the cmplog binary */ diff --git a/include/sharedmem.h b/include/sharedmem.h index 066a9904..a77ab7c0 100644 --- a/include/sharedmem.h +++ b/include/sharedmem.h @@ -53,7 +53,7 @@ typedef struct sharedmem { } sharedmem_t; -u8 * afl_shm_init(sharedmem_t *, size_t, unsigned char dumb_mode); +u8 * afl_shm_init(sharedmem_t *, size_t, unsigned char non_instrumented_mode); void afl_shm_deinit(sharedmem_t *); #endif |