From f465a75b6592e4c30b0465f63beda166a8e09045 Mon Sep 17 00:00:00 2001
From: Dominik Maier <domenukk@gmail.com>
Date: Thu, 16 Jul 2020 02:17:05 +0200
Subject: added initial defork example

---
 examples/defork/defork.c | 52 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 examples/defork/defork.c

(limited to 'examples/defork/defork.c')

diff --git a/examples/defork/defork.c b/examples/defork/defork.c
new file mode 100644
index 00000000..46810326
--- /dev/null
+++ b/examples/defork/defork.c
@@ -0,0 +1,52 @@
+#define __GNU_SOURCE
+#include <dlfcn.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <stdbool.h>
+
+#include "../../include/config.h"
+
+/* we want to fork once (for the afl++ forkserver),
+   then immediately return as child on subsequent forks. */
+static bool forked = 0;
+
+pid_t (*original_fork)(void);
+
+/* In case we are not running in afl, we use a dummy original_fork */
+static pid_t nop(void) {
+
+  return 0;
+
+}
+
+__attribute__((constructor)) void preeny_fork_orig() {
+
+  if (getenv(SHM_ENV_VAR)) {
+
+    printf("defork: running in AFL++. Allowing forkserver.\n");
+    original_fork = dlsym(RTLD_NEXT, "socket");
+
+  } else {
+
+    printf("defork: no AFL++ detected. Disabling fork from the start.\n");
+    original_fork = &nop;
+
+  }
+
+}
+
+pid_t fork(void) {
+
+  printf("called fork. forked state is %d\n", (int) forked);
+  fflush(stdout);
+  /* If we forked before, or if we're in the child (pid==0),
+    we don't want to fork anymore, else, we are still in the forkserver.
+    The forkserver parent needs to fork infinite times, each child should never
+    fork again. This can be written without branches and I hate myself for it.
+  */
+  pid_t ret = !forked && original_fork();
+  forked = !ret;
+  return ret;
+
+}
+
-- 
cgit 1.4.1


From 0b0366d9b4bc7ddea154174a81934dcc9911af12 Mon Sep 17 00:00:00 2001
From: Dominik Maier <domenukk@gmail.com>
Date: Thu, 16 Jul 2020 02:27:07 +0200
Subject: removed debug print and code format

---
 examples/defork/defork.c         | 2 --
 examples/defork/forking_target.c | 4 +++-
 2 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'examples/defork/defork.c')

diff --git a/examples/defork/defork.c b/examples/defork/defork.c
index 46810326..f71d1124 100644
--- a/examples/defork/defork.c
+++ b/examples/defork/defork.c
@@ -37,8 +37,6 @@ __attribute__((constructor)) void preeny_fork_orig() {
 
 pid_t fork(void) {
 
-  printf("called fork. forked state is %d\n", (int) forked);
-  fflush(stdout);
   /* If we forked before, or if we're in the child (pid==0),
     we don't want to fork anymore, else, we are still in the forkserver.
     The forkserver parent needs to fork infinite times, each child should never
diff --git a/examples/defork/forking_target.c b/examples/defork/forking_target.c
index ff1d6e37..98f6365a 100644
--- a/examples/defork/forking_target.c
+++ b/examples/defork/forking_target.c
@@ -37,10 +37,12 @@ int main(int argc, char **argv) {
 
   } else {
 
-    printf("We are in the parent - defork didn't work! :( (pid=%d)\n", (int) pid);
+    printf("We are in the parent - defork didn't work! :( (pid=%d)\n",
+           (int)pid);
 
   }
 
   return 0;
 
 }
+
-- 
cgit 1.4.1