From ba14c353c07d19ad37916947708a9c26537c6d62 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 15 Aug 2022 18:31:45 +0200 Subject: get map size from binaries within afl-cmin* --- afl-cmin | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'afl-cmin') diff --git a/afl-cmin b/afl-cmin index 51835648..44716af1 100755 --- a/afl-cmin +++ b/afl-cmin @@ -291,6 +291,15 @@ BEGIN { target_bin = tnew } + get_map_size = "AFL_DUMP_MAP_SIZE=1 " target_bin + get_map_size | getline mapsize + if (mapsize && mapsize > 65535) { + + AFL_MAP_SIZE = "AFL_MAP_SIZE="mapsize" " + print "[+] Setting "AFL_MAP_SIZE + + } + if (!ENVIRON["AFL_SKIP_BIN_CHECK"] && !qemu_mode && !frida_mode && !unicorn_mode) { if (0 != system( "grep -q __AFL_SHM_ID "target_bin )) { print "[-] Error: binary '"target_bin"' doesn't appear to be instrumented." > "/dev/stderr" @@ -399,10 +408,10 @@ BEGIN { print "[*] Testing the target binary..." if (!stdin_file) { - system( "AFL_CMIN_ALLOW_ANY=1 "AFL_CMIN_CRASHES_ONLY"\""showmap"\" -m "mem_limit" -t "timeout" -o \""trace_dir"/.run_test\" -Z "extra_par" -- \""target_bin"\" "prog_args_string" <\""in_dir"/"first_file"\"") + system(AFL_MAP_SIZE "AFL_CMIN_ALLOW_ANY=1 "AFL_CMIN_CRASHES_ONLY"\""showmap"\" -m "mem_limit" -t "timeout" -o \""trace_dir"/.run_test\" -Z "extra_par" -- \""target_bin"\" "prog_args_string" <\""in_dir"/"first_file"\"") } else { system("cp \""in_dir"/"first_file"\" "stdin_file) - system( "AFL_CMIN_ALLOW_ANY=1 "AFL_CMIN_CRASHES_ONLY"\""showmap"\" -m "mem_limit" -t "timeout" -o \""trace_dir"/.run_test\" -Z "extra_par" -H \""stdin_file"\" -- \""target_bin"\" "prog_args_string" Date: Mon, 15 Aug 2022 19:22:46 +0200 Subject: fix new map size extraction for afl-gcc --- afl-cmin | 15 ++++++++------- afl-cmin.bash | 11 +++++++---- 2 files changed, 15 insertions(+), 11 deletions(-) (limited to 'afl-cmin') diff --git a/afl-cmin b/afl-cmin index 44716af1..4e0d78df 100755 --- a/afl-cmin +++ b/afl-cmin @@ -291,13 +291,14 @@ BEGIN { target_bin = tnew } - get_map_size = "AFL_DUMP_MAP_SIZE=1 " target_bin - get_map_size | getline mapsize - if (mapsize && mapsize > 65535) { - - AFL_MAP_SIZE = "AFL_MAP_SIZE="mapsize" " - print "[+] Setting "AFL_MAP_SIZE - + if (0 == system ( "grep -aq AFL_DUMP_MAP_SIZE" target_bin )) { + echo "[!] Trying to obtain the map size of the target ..." + get_map_size = "AFL_DUMP_MAP_SIZE=1 " target_bin + get_map_size | getline mapsize + if (mapsize && mapsize > 65535 && mapsize < 100000000) { + AFL_MAP_SIZE = "AFL_MAP_SIZE="mapsize" " + print "[+] Setting "AFL_MAP_SIZE + } } if (!ENVIRON["AFL_SKIP_BIN_CHECK"] && !qemu_mode && !frida_mode && !unicorn_mode) { diff --git a/afl-cmin.bash b/afl-cmin.bash index db3e8ae5..d2218cd0 100755 --- a/afl-cmin.bash +++ b/afl-cmin.bash @@ -215,10 +215,13 @@ if [ ! -f "$TARGET_BIN" -o ! -x "$TARGET_BIN" ]; then fi -MAPSIZE=`AFL_DUMP_MAP_SIZE=1 "./$TARGET_BIN" 2>/dev/null` -test -n "$MAPSIZE" && { - export AFL_MAP_SIZE=$MAPSIZE - echo "[+] Setting AFL_MAP_SIZE=$MAPSIZE" +grep -aq AFL_DUMP_MAP_SIZE "./$TARGET_BIN" && { + echo "[!] Trying to obtain the map size of the target ..." + MAPSIZE=`AFL_DUMP_MAP_SIZE=1 "./$TARGET_BIN" 2>/dev/null` + test -n "$MAPSIZE" && { + export AFL_MAP_SIZE=$MAPSIZE + echo "[+] Setting AFL_MAP_SIZE=$MAPSIZE" + } } if [ "$AFL_SKIP_BIN_CHECK" = "" -a "$QEMU_MODE" = "" -a "$FRIDA_MODE" = "" -a "$UNICORN_MODE" = "" ]; then -- cgit 1.4.1 From d7abf6936c6b5797107779fc99339ac9fb78b22e Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 16 Aug 2022 09:46:11 +0200 Subject: fix afl-cmin --- afl-cmin | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'afl-cmin') diff --git a/afl-cmin b/afl-cmin index 4e0d78df..b170667a 100755 --- a/afl-cmin +++ b/afl-cmin @@ -291,7 +291,7 @@ BEGIN { target_bin = tnew } - if (0 == system ( "grep -aq AFL_DUMP_MAP_SIZE" target_bin )) { + if (0 == system ( "grep -aq AFL_DUMP_MAP_SIZE " target_bin )) { echo "[!] Trying to obtain the map size of the target ..." get_map_size = "AFL_DUMP_MAP_SIZE=1 " target_bin get_map_size | getline mapsize -- cgit 1.4.1