diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/afl-fuzz.h | 24 | ||||
| -rw-r--r-- | include/cmplog.h | 13 | ||||
| -rw-r--r-- | include/config.h | 2 | ||||
| -rw-r--r-- | include/debug.h | 12 | ||||
| -rw-r--r-- | include/envs.h | 27 | ||||
| -rw-r--r-- | include/forkserver.h | 9 | ||||
| -rw-r--r-- | include/t1ha_bits.h | 23 | ||||
| -rw-r--r-- | include/types.h | 2 | ||||
| -rw-r--r-- | include/xxhash.h | 14 |
9 files changed, 74 insertions, 52 deletions
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index e3e4e246..0f0e45d3 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -116,6 +116,10 @@ #include <TargetConditionals.h> #endif +#ifndef __has_builtin + #define __has_builtin(x) 0 +#endif + #undef LIST_FOREACH /* clashes with FreeBSD */ #include "list.h" #ifndef SIMPLE_FILES @@ -236,7 +240,6 @@ struct queue_entry { custom, /* Marker for custom mutators */ stats_mutated; /* stats: # of mutations performed */ - u8 *trace_mini; /* Trace bytes, if kept */ u32 tc_ref; /* Trace bytes ref count */ #ifdef INTROSPECTION @@ -246,13 +249,11 @@ struct queue_entry { double perf_score, /* performance score */ weight; - u8 *testcase_buf; /* The testcase buffer, if loaded. */ - - u8 *cmplog_colorinput; /* the result buf of colorization */ - struct tainted *taint; /* Taint information from CmpLog */ - - struct queue_entry *mother; /* queue entry this based on */ - + struct queue_entry *mother; /* queue entry this based on */ + u8 *trace_mini; /* Trace bytes, if kept */ + u8 *testcase_buf; /* The testcase buffer, if loaded. */ + u8 *cmplog_colorinput; /* the result buf of colorization */ + struct tainted *taint; /* Taint information from CmpLog */ struct skipdet_entry *skipdet_e; }; @@ -448,8 +449,9 @@ extern char *power_names[POWER_SCHEDULES_NUM]; typedef struct afl_env_vars { u8 afl_skip_cpufreq, afl_exit_when_done, afl_no_affinity, afl_skip_bin_check, - afl_dumb_forksrv, afl_import_first, afl_custom_mutator_only, afl_no_ui, - afl_force_ui, afl_i_dont_care_about_missing_crashes, afl_bench_just_one, + afl_dumb_forksrv, afl_import_first, afl_custom_mutator_only, + afl_custom_mutator_late_send, afl_no_ui, afl_force_ui, + afl_i_dont_care_about_missing_crashes, afl_bench_just_one, afl_bench_until_crash, afl_debug_child, afl_autoresume, afl_cal_fast, afl_cycle_schedules, afl_expand_havoc, afl_statsd, afl_cmplog_only_new, afl_exit_on_seed_issues, afl_try_affinity, afl_ignore_problems, @@ -457,7 +459,7 @@ typedef struct afl_env_vars { afl_no_startup_calibration, afl_no_warn_instability, afl_post_process_keep_original, afl_crashing_seeds_as_new_crash, afl_final_sync, afl_ignore_seed_problems, afl_disable_redundant, - afl_sha1_filenames, afl_no_sync; + afl_sha1_filenames, afl_no_sync, afl_no_fastresume; u8 *afl_tmpdir, *afl_custom_mutator_library, *afl_python_module, *afl_path, *afl_hang_tmout, *afl_forksrv_init_tmout, *afl_preload, diff --git a/include/cmplog.h b/include/cmplog.h index a4449a60..9f995da6 100644 --- a/include/cmplog.h +++ b/include/cmplog.h @@ -53,21 +53,24 @@ struct cmp_header { // 16 bit = 2 bytes struct cmp_operands { u64 v0; - u64 v1; u64 v0_128; + u64 v0_256_0; // u256 is unsupported by any compiler for now, so future use + u64 v0_256_1; + u64 v1; u64 v1_128; - u64 unused; - u8 unused1; - u8 unused2; + u64 v1_256_0; + u64 v1_256_1; + u8 unused[8]; } __attribute__((packed)); struct cmpfn_operands { u8 v0[32]; - u8 v0_len; u8 v1[32]; + u8 v0_len; u8 v1_len; + u8 unused[6]; } __attribute__((packed)); diff --git a/include/config.h b/include/config.h index c4acf8db..d8177a75 100644 --- a/include/config.h +++ b/include/config.h @@ -26,7 +26,7 @@ /* Version string: */ // c = release, a = volatile github dev, e = experimental branch -#define VERSION "++4.21c" +#define VERSION "++4.22a" /****************************************************** * * diff --git a/include/debug.h b/include/debug.h index 5496135c..e7cbdb5c 100644 --- a/include/debug.h +++ b/include/debug.h @@ -314,8 +314,8 @@ static inline const char *colorfilter(const char *x) { #define FATAL(x...) \ do { \ \ - SAYF(bSTOP RESET_G1 CURSOR_SHOW cRST cLRD \ - "\n[-] PROGRAM ABORT : " cRST x); \ + SAYF(bSTOP RESET_G1 CURSOR_SHOW cRST cLRD \ + "\n[-] PROGRAM ABORT : " cRST x); \ SAYF(cLRD "\n Location : " cRST "%s(), %s:%u\n\n", __func__, \ __FILE__, (u32)__LINE__); \ exit(1); \ @@ -327,8 +327,8 @@ static inline const char *colorfilter(const char *x) { #define ABORT(x...) \ do { \ \ - SAYF(bSTOP RESET_G1 CURSOR_SHOW cRST cLRD \ - "\n[-] PROGRAM ABORT : " cRST x); \ + SAYF(bSTOP RESET_G1 CURSOR_SHOW cRST cLRD \ + "\n[-] PROGRAM ABORT : " cRST x); \ SAYF(cLRD "\n Stop location : " cRST "%s(), %s:%u\n\n", __func__, \ __FILE__, (u32)__LINE__); \ abort(); \ @@ -341,8 +341,8 @@ static inline const char *colorfilter(const char *x) { do { \ \ fflush(stdout); \ - SAYF(bSTOP RESET_G1 CURSOR_SHOW cRST cLRD \ - "\n[-] SYSTEM ERROR : " cRST x); \ + SAYF(bSTOP RESET_G1 CURSOR_SHOW cRST cLRD \ + "\n[-] SYSTEM ERROR : " cRST x); \ SAYF(cLRD "\n Stop location : " cRST "%s(), %s:%u\n", __func__, \ __FILE__, (u32)__LINE__); \ SAYF(cLRD " OS message : " cRST "%s\n", strerror(errno)); \ diff --git a/include/envs.h b/include/envs.h index 45b080cb..3accbda0 100644 --- a/include/envs.h +++ b/include/envs.h @@ -24,23 +24,23 @@ static char *afl_environment_variables[] = { "AFL_DUMP_CYCLOMATIC_COMPLEXITY", "AFL_CMPLOG_MAX_LEN", "AFL_COMPCOV_LEVEL", "AFL_CRASH_EXITCODE", "AFL_CRASHING_SEEDS_AS_NEW_CRASH", "AFL_CUSTOM_MUTATOR_LIBRARY", "AFL_CUSTOM_MUTATOR_ONLY", - "AFL_CUSTOM_INFO_PROGRAM", "AFL_CUSTOM_INFO_PROGRAM_ARGV", - "AFL_CUSTOM_INFO_PROGRAM_INPUT", "AFL_CUSTOM_INFO_OUT", "AFL_CXX", - "AFL_CYCLE_SCHEDULES", "AFL_DEBUG", "AFL_DEBUG_CHILD", "AFL_DEBUG_GDB", - "AFL_DEBUG_UNICORN", "AFL_DISABLE_REDUNDANT", "AFL_NO_REDUNDANT", - "AFL_DISABLE_TRIM", "AFL_NO_TRIM", "AFL_DISABLE_LLVM_INSTRUMENTATION", - "AFL_DONT_OPTIMIZE", "AFL_DRIVER_STDERR_DUPLICATE_FILENAME", - "AFL_DUMB_FORKSRV", "AFL_EARLY_FORKSERVER", "AFL_ENTRYPOINT", - "AFL_EXIT_WHEN_DONE", "AFL_EXIT_ON_TIME", "AFL_EXIT_ON_SEED_ISSUES", - "AFL_FAST_CAL", "AFL_FINAL_SYNC", "AFL_FORCE_UI", "AFL_FRIDA_DEBUG_MAPS", + "AFL_CUSTOM_MUTATOR_LATE_SEND", "AFL_CUSTOM_INFO_PROGRAM", + "AFL_CUSTOM_INFO_PROGRAM_ARGV", "AFL_CUSTOM_INFO_PROGRAM_INPUT", + "AFL_CUSTOM_INFO_OUT", "AFL_CXX", "AFL_CYCLE_SCHEDULES", "AFL_DEBUG", + "AFL_DEBUG_CHILD", "AFL_DEBUG_GDB", "AFL_DEBUG_UNICORN", + "AFL_DISABLE_REDUNDANT", "AFL_NO_REDUNDANT", "AFL_DISABLE_TRIM", + "AFL_NO_TRIM", "AFL_DISABLE_LLVM_INSTRUMENTATION", "AFL_DONT_OPTIMIZE", + "AFL_DRIVER_STDERR_DUPLICATE_FILENAME", "AFL_DUMB_FORKSRV", + "AFL_EARLY_FORKSERVER", "AFL_ENTRYPOINT", "AFL_EXIT_WHEN_DONE", + "AFL_EXIT_ON_TIME", "AFL_EXIT_ON_SEED_ISSUES", "AFL_FAST_CAL", + "AFL_FINAL_SYNC", "AFL_FORCE_UI", "AFL_FRIDA_DEBUG_MAPS", "AFL_FRIDA_DRIVER_NO_HOOK", "AFL_FRIDA_EXCLUDE_RANGES", "AFL_FRIDA_INST_CACHE_SIZE", "AFL_FRIDA_INST_COVERAGE_ABSOLUTE", "AFL_FRIDA_INST_COVERAGE_FILE", "AFL_FRIDA_INST_DEBUG_FILE", "AFL_FRIDA_INST_INSN", "AFL_FRIDA_INST_JIT", "AFL_FRIDA_INST_NO_CACHE", "AFL_FRIDA_INST_NO_DYNAMIC_LOAD", "AFL_FRIDA_INST_NO_OPTIMIZE", "AFL_FRIDA_INST_NO_PREFETCH", "AFL_FRIDA_INST_NO_PREFETCH_BACKPATCH", - "AFL_FRIDA_INST_NO_SUPPRESS" - "AFL_FRIDA_INST_RANGES", + "AFL_FRIDA_INST_NO_SUPPRESS", "AFL_FRIDA_INST_RANGES", "AFL_FRIDA_INST_REGS_FILE", "AFL_FRIDA_INST_SEED", "AFL_FRIDA_INST_TRACE", "AFL_FRIDA_INST_TRACE_UNIQUE", "AFL_FRIDA_INST_UNSTABLE_COVERAGE_FILE", "AFL_FRIDA_JS_SCRIPT", "AFL_FRIDA_OUTPUT_STDOUT", "AFL_FRIDA_OUTPUT_STDERR", @@ -49,7 +49,7 @@ static char *afl_environment_variables[] = { "AFL_FRIDA_PERSISTENT_RET", "AFL_FRIDA_STALKER_ADJACENT_BLOCKS", "AFL_FRIDA_STALKER_IC_ENTRIES", "AFL_FRIDA_STALKER_NO_BACKPATCH", "AFL_FRIDA_STATS_FILE", "AFL_FRIDA_STATS_INTERVAL", "AFL_FRIDA_TRACEABLE", - "AFL_FRIDA_VERBOSE", + "AFL_FRIDA_VERBOSE", "AFL_OLD_FORKSERVER", "AFL_FUZZER_ARGS", // oss-fuzz "AFL_FUZZER_STATS_UPDATE_INTERVAL", "AFL_GDB", "AFL_GCC_ALLOWLIST", "AFL_GCC_DENYLIST", "AFL_GCC_BLOCKLIST", "AFL_GCC_INSTRUMENT_FILE", @@ -115,7 +115,8 @@ static char *afl_environment_variables[] = { "AFL_TRACE_PC", "AFL_USE_ASAN", "AFL_USE_MSAN", "AFL_USE_TRACE_PC", "AFL_USE_UBSAN", "AFL_USE_TSAN", "AFL_USE_CFISAN", "AFL_USE_LSAN", "AFL_WINE_PATH", "AFL_NO_SNAPSHOT", "AFL_EXPAND_HAVOC_NOW", "AFL_USE_FASAN", - "AFL_USE_QASAN", "AFL_PRINT_FILENAMES", "AFL_PIZZA_MODE", NULL + "AFL_USE_QASAN", "AFL_PRINT_FILENAMES", "AFL_PIZZA_MODE", + "AFL_NO_FASTRESUME", NULL }; diff --git a/include/forkserver.h b/include/forkserver.h index 593e34a2..6c649528 100644 --- a/include/forkserver.h +++ b/include/forkserver.h @@ -206,6 +206,15 @@ typedef struct afl_forkserver { s32 nyx_log_fd; #endif +#ifdef __AFL_CODE_COVERAGE + u8 *persistent_trace_bits; /* Persistent copy of bitmap */ +#endif + + void *custom_data_ptr; + u8 *custom_input; + u32 custom_input_len; + void (*late_send)(void *, const u8 *, size_t); + } afl_forkserver_t; typedef enum fsrv_run_result { diff --git a/include/t1ha_bits.h b/include/t1ha_bits.h index 0b9bbda5..9ddc8589 100644 --- a/include/t1ha_bits.h +++ b/include/t1ha_bits.h @@ -455,9 +455,10 @@ typedef struct { } __attribute__((__packed__)) t1ha_unaligned_proxy; - #define read_unaligned(ptr, bits) \ - (((const t1ha_unaligned_proxy *)((const uint8_t *)(ptr)-offsetof( \ - t1ha_unaligned_proxy, unaligned_##bits))) \ + #define read_unaligned(ptr, bits) \ + (((const t1ha_unaligned_proxy *)((const uint8_t *)(ptr) - \ + offsetof(t1ha_unaligned_proxy, \ + unaligned_##bits))) \ ->unaligned_##bits) #elif defined(_MSC_VER) #pragma warning( \ @@ -477,9 +478,10 @@ typedef struct { } t1ha_unaligned_proxy; #pragma pack(pop) - #define read_unaligned(ptr, bits) \ - (((const t1ha_unaligned_proxy *)((const uint8_t *)(ptr)-offsetof( \ - t1ha_unaligned_proxy, unaligned_##bits))) \ + #define read_unaligned(ptr, bits) \ + (((const t1ha_unaligned_proxy *)((const uint8_t *)(ptr) - \ + offsetof(t1ha_unaligned_proxy, \ + unaligned_##bits))) \ ->unaligned_##bits) #endif #endif /* read_unaligned */ @@ -496,21 +498,24 @@ typedef struct { #elif __has_attribute(__assume_aligned__) static __always_inline const uint16_t *__attribute__(( - __assume_aligned__(ALIGNMENT_16))) cast_aligned_16(const void *ptr) { + __assume_aligned__(ALIGNMENT_16))) +cast_aligned_16(const void *ptr) { return (const uint16_t *)ptr; } static __always_inline const uint32_t *__attribute__(( - __assume_aligned__(ALIGNMENT_32))) cast_aligned_32(const void *ptr) { + __assume_aligned__(ALIGNMENT_32))) +cast_aligned_32(const void *ptr) { return (const uint32_t *)ptr; } static __always_inline const uint64_t *__attribute__(( - __assume_aligned__(ALIGNMENT_64))) cast_aligned_64(const void *ptr) { + __assume_aligned__(ALIGNMENT_64))) +cast_aligned_64(const void *ptr) { return (const uint64_t *)ptr; diff --git a/include/types.h b/include/types.h index cfb2f3d5..d370bcfb 100644 --- a/include/types.h +++ b/include/types.h @@ -155,7 +155,7 @@ typedef int128_t s128; ({ \ \ char *d = (char *)(_x), *s = (char *)(_y); \ - u32 i, l = (_l)-1; \ + u32 i, l = (_l) - 1; \ for (i = 0; i <= l; i++) \ d[l - i] = s[i]; \ \ diff --git a/include/xxhash.h b/include/xxhash.h index 991a8f1e..72044177 100644 --- a/include/xxhash.h +++ b/include/xxhash.h @@ -6616,12 +6616,14 @@ static XXH64_hash_t XXH3_mergeAccs(const xxh_u64 *XXH_RESTRICT acc, } - #define XXH3_INIT_ACC \ - { \ - \ - XXH_PRIME32_3, XXH_PRIME64_1, XXH_PRIME64_2, XXH_PRIME64_3, \ - XXH_PRIME64_4, XXH_PRIME32_2, XXH_PRIME64_5, XXH_PRIME32_1 \ - \ + #define XXH3_INIT_ACC \ + { \ + \ + \ + XXH_PRIME32_3, XXH_PRIME64_1, XXH_PRIME64_2, \ + XXH_PRIME64_3, XXH_PRIME64_4, XXH_PRIME32_2, \ + XXH_PRIME64_5, XXH_PRIME32_1 \ + \ } XXH_FORCE_INLINE XXH64_hash_t XXH3_hashLong_64b_internal( |