about summary refs log tree commit diff
path: root/src/afl-analyze.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/afl-analyze.c')
-rw-r--r--src/afl-analyze.c88
1 files changed, 22 insertions, 66 deletions
diff --git a/src/afl-analyze.c b/src/afl-analyze.c
index 4b157973..3e15ca35 100644
--- a/src/afl-analyze.c
+++ b/src/afl-analyze.c
@@ -61,7 +61,6 @@ u8* trace_bits;                        /* SHM with instrumentation bitmap   */
 
 static u8 *in_file,                    /* Analyzer input test case          */
     *prog_in,                          /* Targeted program input file       */
-    *target_path,                      /* Path to target binary             */
     *doc_path;                         /* Path to docs                      */
 
 static u8* in_data;                    /* Input data for analysis           */
@@ -760,7 +759,8 @@ static void usage(u8* argv0) {
       "  -t msec       - timeout for each run (%d ms)\n"
       "  -m megs       - memory limit for child process (%d MB)\n"
       "  -Q            - use binary-only instrumentation (QEMU mode)\n"
-      "  -U            - use unicorn-based instrumentation (Unicorn mode)\n\n"
+      "  -U            - use unicorn-based instrumentation (Unicorn mode)\n"
+      "  -W            - use qemu-based instrumentation with Wine (Wine mode)\n\n"
 
       "Analysis settings:\n\n"
 
@@ -829,78 +829,19 @@ static void find_binary(u8* fname) {
 
 }
 
-/* Fix up argv for QEMU. */
-
-static char** get_qemu_argv(u8* own_loc, char** argv, int argc) {
-
-  char** new_argv = ck_alloc(sizeof(char*) * (argc + 4));
-  u8 *   tmp, *cp, *rsl, *own_copy;
-
-  memcpy(new_argv + 3, argv + 1, sizeof(char*) * argc);
-
-  /* Now we need to actually find qemu for argv[0]. */
-
-  new_argv[2] = target_path;
-  new_argv[1] = "--";
-
-  tmp = getenv("AFL_PATH");
-
-  if (tmp) {
-
-    cp = alloc_printf("%s/afl-qemu-trace", tmp);
-
-    if (access(cp, X_OK)) FATAL("Unable to find '%s'", tmp);
-
-    target_path = new_argv[0] = cp;
-    return new_argv;
-
-  }
-
-  own_copy = ck_strdup(own_loc);
-  rsl = strrchr(own_copy, '/');
-
-  if (rsl) {
-
-    *rsl = 0;
-
-    cp = alloc_printf("%s/afl-qemu-trace", own_copy);
-    ck_free(own_copy);
-
-    if (!access(cp, X_OK)) {
-
-      target_path = new_argv[0] = cp;
-      return new_argv;
-
-    }
-
-  } else
-
-    ck_free(own_copy);
-
-  if (!access(BIN_PATH "/afl-qemu-trace", X_OK)) {
-
-    target_path = new_argv[0] = BIN_PATH "/afl-qemu-trace";
-    return new_argv;
-
-  }
-
-  FATAL("Unable to find 'afl-qemu-trace'.");
-
-}
-
 /* Main entry point */
 
 int main(int argc, char** argv) {
 
   s32 opt;
-  u8  mem_limit_given = 0, timeout_given = 0, qemu_mode = 0, unicorn_mode = 0;
+  u8  mem_limit_given = 0, timeout_given = 0, qemu_mode = 0, unicorn_mode = 0, use_wine = 0;
   char** use_argv;
 
   doc_path = access(DOC_PATH, F_OK) ? "docs" : DOC_PATH;
 
   SAYF(cCYA "afl-analyze" VERSION cRST " by <lcamtuf@google.com>\n");
 
-  while ((opt = getopt(argc, argv, "+i:f:m:t:eQUh")) > 0)
+  while ((opt = getopt(argc, argv, "+i:f:m:t:eQUWh")) > 0)
 
     switch (opt) {
 
@@ -989,6 +930,16 @@ int main(int argc, char** argv) {
         unicorn_mode = 1;
         break;
 
+      case 'W':                                             /* Wine+QEMU mode */
+
+        if (use_wine) FATAL("Multiple -W options not supported");
+        qemu_mode = 1;
+        use_wine = 1;
+
+        if (!mem_limit_given) mem_limit = 0;
+
+        break;
+
       case 'h':
         usage(argv[0]);
         return -1;
@@ -1011,9 +962,14 @@ int main(int argc, char** argv) {
   find_binary(argv[optind]);
   detect_file_args(argv + optind, prog_in);
 
-  if (qemu_mode)
-    use_argv = get_qemu_argv(argv[0], argv + optind, argc - optind);
-  else
+  if (qemu_mode) {
+  
+    if (use_wine)
+      use_argv = get_wine_argv(argv[0], argv + optind, argc - optind);
+    else
+      use_argv = get_qemu_argv(argv[0], argv + optind, argc - optind);
+  
+  } else
     use_argv = argv + optind;
 
   SAYF("\n");
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-17 21:51:41 +0000