From 31a8beb44967207a8eecc17440783304493f145a Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Sun, 19 May 2024 13:47:53 +0200 Subject: support new llvm 19 changes --- docs/Changelog.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/Changelog.md b/docs/Changelog.md index 6736e42b..4c77b2b8 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -23,6 +23,7 @@ - disable xml/curl/g_ string transform functions because we do not check for null pointers ... TODO - ensure shared memory variables are visible in weird build setups + - compatability to new LLVM 19 changes * afl-cmin - work with input files that have a space * afl-showmap @@ -68,7 +69,6 @@ - Prevent temporary files being left behind on aborted afl-whatsup - More CPU benchmarks added to benchmark/ - ### Version ++4.10c (release) - afl-fuzz: - default power schedule is now EXPLORE, due a fix in fast schedules -- cgit 1.4.1 From e1521fa8ebdd2c95ed4f8db6f0835eb3738b3d4c Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 21 May 2024 11:04:25 +0200 Subject: fix symcc custom mutator --- custom_mutators/symcc/symcc.c | 5 ++--- docs/Changelog.md | 4 +++- 2 files changed, 5 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/custom_mutators/symcc/symcc.c b/custom_mutators/symcc/symcc.c index 86f23343..154a82bb 100644 --- a/custom_mutators/symcc/symcc.c +++ b/custom_mutators/symcc/symcc.c @@ -287,7 +287,7 @@ size_t afl_custom_fuzz(my_mutator_t *data, uint8_t *buf, size_t buf_size, struct stat st; u8 * fn = alloc_printf("%s/%s", data->out_dir, nl[i]->d_name); - if (done == 0) { + if (!done) { if (stat(fn, &st) == 0 && S_ISREG(st.st_mode) && st.st_size) { @@ -299,14 +299,13 @@ size_t afl_custom_fuzz(my_mutator_t *data, uint8_t *buf, size_t buf_size, *out_buf = data->mutator_buf; close(fd); + unlink(fn); done = 1; } } - unlink(fn); - } ck_free(fn); diff --git a/docs/Changelog.md b/docs/Changelog.md index 4c77b2b8..d6478ca0 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -64,7 +64,9 @@ - afl-whatsup: - now also displays current average speed - small bugfixes - - Fixes for aflpp custom mutator and standalone tool + - custom mutators: + - fixes for aflpp custom mutator and standalone tool + - important fix to the symcc custom mutator - Minor edits to afl-persistent-config - Prevent temporary files being left behind on aborted afl-whatsup - More CPU benchmarks added to benchmark/ -- cgit 1.4.1 From a3125c38f496979be314c93f10adfad9dd4d363e Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Wed, 29 May 2024 12:55:28 +0200 Subject: fix afl-showmap shmmemleak --- docs/Changelog.md | 1 + src/afl-showmap.c | 32 +++++++++++++++++++++++++------- 2 files changed, 26 insertions(+), 7 deletions(-) (limited to 'docs') diff --git a/docs/Changelog.md b/docs/Changelog.md index d6478ca0..058e42af 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -27,6 +27,7 @@ * afl-cmin - work with input files that have a space * afl-showmap + - fix memory leak on shmem testcase usage (thanks to @ndrewh) - minor fix to collect coverage -C (thanks to @bet4it) * enhanced the ASAN configuration diff --git a/src/afl-showmap.c b/src/afl-showmap.c index 7e875040..68e5e0e0 100644 --- a/src/afl-showmap.c +++ b/src/afl-showmap.c @@ -225,8 +225,13 @@ static void at_exit_handler(void) { if (remove_shm) { + remove_shm = false; if (shm.map) afl_shm_deinit(&shm); - if (fsrv->use_shmem_fuzz) deinit_shmem(fsrv, shm_fuzz); + if ((shm_fuzz && shm_fuzz->shmemfuzz_mode) || fsrv->use_shmem_fuzz) { + + deinit_shmem(fsrv, shm_fuzz); + + } } @@ -1527,6 +1532,8 @@ int main(int argc, char **argv_orig, char **envp) { /* initialize cmplog_mode */ shm_fuzz->cmplog_mode = 0; + atexit(at_exit_handler); + u8 *map = afl_shm_init(shm_fuzz, MAX_FILE + sizeof(u32), 1); shm_fuzz->shmemfuzz_mode = true; if (!map) { FATAL("BUG: Zero return from afl_shm_init."); } @@ -1676,8 +1683,6 @@ int main(int argc, char **argv_orig, char **envp) { } - atexit(at_exit_handler); - if (get_afl_env("AFL_DEBUG")) { int j = optind; @@ -1694,8 +1699,12 @@ int main(int argc, char **argv_orig, char **envp) { map_size = fsrv->map_size; - if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) + if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) { + shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + shm_fuzz->shmemfuzz_mode = 0; + + } if (in_dir) { @@ -1728,8 +1737,12 @@ int main(int argc, char **argv_orig, char **envp) { } else { - if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) + if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) { + shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + shm_fuzz->shmemfuzz_mode = 0; + + } #ifdef __linux__ if (!fsrv->nyx_mode) { @@ -1777,9 +1790,14 @@ int main(int argc, char **argv_orig, char **envp) { } - remove_shm = 0; + remove_shm = false; afl_shm_deinit(&shm); - if (fsrv->use_shmem_fuzz) shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + if (fsrv->use_shmem_fuzz) { + + shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + shm_fuzz->shmemfuzz_mode = 0; + + } u32 ret; -- cgit 1.4.1 From e639521b01e2abf33a7713f21787cc3e7f9f8df0 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Sat, 1 Jun 2024 16:34:23 +0200 Subject: changelog --- docs/Changelog.md | 3 +++ 1 file changed, 3 insertions(+) (limited to 'docs') diff --git a/docs/Changelog.md b/docs/Changelog.md index 058e42af..ba7eb6a3 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -5,6 +5,9 @@ ### Version ++4.21a (dev) * afl-fuzz + - fixed a regression in afl-fuzz that resulted in a 5-10% performace loss + do a switch from gettimeofday() to clock_gettime() which should be rather + three times faster. The reason for this is unknown. - added AFL_DISABLE_REDUNDANT for huge queues - fix AFL_PERSISTENT_RECORD - run custom_post_process after standard trimming -- cgit 1.4.1