diff options
Diffstat (limited to 'instrumentation/afl-compiler-rt.o.c')
| -rw-r--r-- | instrumentation/afl-compiler-rt.o.c | 49 |
1 files changed, 23 insertions, 26 deletions
diff --git a/instrumentation/afl-compiler-rt.o.c b/instrumentation/afl-compiler-rt.o.c index 20069824..9dded1dd 100644 --- a/instrumentation/afl-compiler-rt.o.c +++ b/instrumentation/afl-compiler-rt.o.c @@ -105,6 +105,9 @@ u32 __afl_dictionary_len; u64 __afl_map_addr; u32 __afl_first_final_loc; +/* 1 if we are running in afl, and the forkserver was stared, else 0 */ +u32 __afl_connected = 0; + // for the __AFL_COVERAGE_ON/__AFL_COVERAGE_OFF features to work: int __afl_selective_coverage __attribute__((weak)); int __afl_selective_coverage_start_off __attribute__((weak)); @@ -1048,7 +1051,11 @@ static void __afl_start_forkserver(void) { /* Phone home and tell the parent that we're OK. If parent isn't there, assume we're not running in forkserver mode and just execute program. */ - if (write(FORKSRV_FD + 1, tmp, 4) != 4) { return; } + if (write(FORKSRV_FD + 1, tmp, 4) != 4) { + return; + } + + __afl_connected = 1; if (__afl_sharedmem_fuzzing || (__afl_dictionary_len && __afl_dictionary)) { @@ -1260,13 +1267,9 @@ int __afl_persistent_loop(unsigned int max_cnt) { iteration, it's our job to erase any trace of whatever happened before the loop. */ - if (is_persistent) { - - memset(__afl_area_ptr, 0, __afl_map_size); - __afl_area_ptr[0] = 1; - memset(__afl_prev_loc, 0, NGRAM_SIZE_MAX * sizeof(PREV_LOC_T)); - - } + memset(__afl_area_ptr, 0, __afl_map_size); + __afl_area_ptr[0] = 1; + memset(__afl_prev_loc, 0, NGRAM_SIZE_MAX * sizeof(PREV_LOC_T)); cycle_cnt = max_cnt; first_pass = 0; @@ -1274,34 +1277,28 @@ int __afl_persistent_loop(unsigned int max_cnt) { return 1; - } - - if (is_persistent) { + } else if (--cycle_cnt) { - if (--cycle_cnt) { + raise(SIGSTOP); - raise(SIGSTOP); - - __afl_area_ptr[0] = 1; - memset(__afl_prev_loc, 0, NGRAM_SIZE_MAX * sizeof(PREV_LOC_T)); - __afl_selective_coverage_temp = 1; + __afl_area_ptr[0] = 1; + memset(__afl_prev_loc, 0, NGRAM_SIZE_MAX * sizeof(PREV_LOC_T)); + __afl_selective_coverage_temp = 1; - return 1; + return 1; - } else { + } else { - /* When exiting __AFL_LOOP(), make sure that the subsequent code that - follows the loop is not traced. We do that by pivoting back to the - dummy output region. */ + /* When exiting __AFL_LOOP(), make sure that the subsequent code that + follows the loop is not traced. We do that by pivoting back to the + dummy output region. */ - __afl_area_ptr = __afl_area_ptr_dummy; + __afl_area_ptr = __afl_area_ptr_dummy; - } + return 0; } - return 0; - } /* This one can be called from user code when deferred forkserver mode |