diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/afl-fuzz.h | 14 | ||||
| -rw-r--r-- | include/cmplog.h | 30 | ||||
| -rw-r--r-- | include/sharedmem.h | 1 | ||||
| -rw-r--r-- | include/types.h | 14 |
4 files changed, 53 insertions, 6 deletions
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index ce418931..cd53c703 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -452,6 +452,11 @@ extern u32 a_extras_cnt; /* Total number of tokens available */ u8* (*post_handler)(u8* buf, u32* len); +/* CmpLog */ + +extern u8* cmplog_binary; +extern s32 cmplog_forksrv_pid; + /* hooks for the custom mutator function */ /** * Perform custom mutations on a given input @@ -647,12 +652,13 @@ char** get_qemu_argv(u8*, char**, int); char** get_wine_argv(u8*, char**, int); void save_cmdline(u32, char**); -/* RedQueen */ - -extern u8* cmplog_binary; -extern s32 cmplog_forksrv_pid; +/* CmpLog */ void init_cmplog_forkserver(char** argv); +u8 common_fuzz_cmplog_stuff(char** argv, u8* out_buf, u32 len); + +/* RedQueen */ + u8 input_to_state_stage(char** argv, u8* orig_buf, u8* buf, u32 len, u32 exec_cksum); diff --git a/include/cmplog.h b/include/cmplog.h index d5947226..c02650ee 100644 --- a/include/cmplog.h +++ b/include/cmplog.h @@ -1,5 +1,31 @@ -#ifndef _AFL_REDQUEEN_H -#define _AFL_REDQUEEN_H +/* + american fuzzy lop++ - cmplog header + ------------------------------------ + + Originally written by Michal Zalewski + + Forkserver design by Jann Horn <jannhorn@googlemail.com> + + Now maintained by by Marc Heuse <mh@mh-sec.de>, + Heiko Eißfeldt <heiko.eissfeldt@hexco.de> and + Andrea Fioraldi <andreafioraldi@gmail.com> + + Copyright 2016, 2017 Google Inc. All rights reserved. + Copyright 2019-2020 AFLplusplus Project. All rights reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at: + + http://www.apache.org/licenses/LICENSE-2.0 + + Shared code to handle the shared memory. This is used by the fuzzer + as well the other components like afl-tmin, afl-showmap, etc... + + */ + +#ifndef _AFL_CMPLOG_H +#define _AFL_CMPLOG_H #include "config.h" diff --git a/include/sharedmem.h b/include/sharedmem.h index 25c7336d..3540386d 100644 --- a/include/sharedmem.h +++ b/include/sharedmem.h @@ -31,6 +31,7 @@ void setup_shm(unsigned char dumb_mode); void remove_shm(void); extern int cmplog_mode; +extern struct cmp_map* cmp_map; #endif diff --git a/include/types.h b/include/types.h index eba47be7..d5be5920 100644 --- a/include/types.h +++ b/include/types.h @@ -78,6 +78,20 @@ typedef int64_t s64; \ }) +#define SWAP64(_x) \ + ({ \ + \ + u64 _ret = (_x); \ + _ret = \ + (_ret & 0x00000000FFFFFFFF) << 32 | (_ret & 0xFFFFFFFF00000000) >> 32; \ + _ret = \ + (_ret & 0x0000FFFF0000FFFF) << 16 | (_ret & 0xFFFF0000FFFF0000) >> 16; \ + _ret = \ + (_ret & 0x00FF00FF00FF00FF) << 8 | (_ret & 0xFF00FF00FF00FF00) >> 8; \ + _ret; \ + \ + }) + #ifdef AFL_LLVM_PASS #if defined(__linux__) #define AFL_SR(s) (srandom(s)) |