From 9627458ecc61783aa1f8bf76835abe00c4107739 Mon Sep 17 00:00:00 2001 From: rish9101 Date: Wed, 13 May 2020 18:59:12 +0530 Subject: Add post library API as custom mutator and rename pre_save --- examples/custom_mutators/example.c | 24 ++++++++++++------------ examples/custom_mutators/example.py | 2 +- examples/post_library/post_library.so.c | 2 +- examples/post_library/post_library_png.so.c | 2 +- 4 files changed, 15 insertions(+), 15 deletions(-) (limited to 'examples') diff --git a/examples/custom_mutators/example.c b/examples/custom_mutators/example.c index c8200b26..c9be3e0c 100644 --- a/examples/custom_mutators/example.c +++ b/examples/custom_mutators/example.c @@ -38,7 +38,7 @@ typedef struct my_mutator { BUF_VAR(u8, data); BUF_VAR(u8, havoc); BUF_VAR(u8, trim); - BUF_VAR(u8, pre_save); + BUF_VAR(u8, post_process); } my_mutator_t; @@ -139,11 +139,11 @@ size_t afl_custom_fuzz(my_mutator_t *data, uint8_t *buf, size_t buf_size, * @return Size of the output buffer after processing or the needed amount. * A return of 0 indicates an error. */ -size_t afl_custom_pre_save(my_mutator_t *data, uint8_t *buf, size_t buf_size, +size_t afl_custom_post_process(my_mutator_t *data, uint8_t *buf, size_t buf_size, uint8_t **out_buf) { - uint8_t *pre_save_buf = maybe_grow(BUF_PARAMS(data, pre_save), buf_size + 5); - if (!pre_save_buf) { + uint8_t *post_process_buf = maybe_grow(BUF_PARAMS(data, post_process), buf_size + 5); + if (!post_process_buf) { perror("custom mutator realloc failed."); *out_buf = NULL; @@ -151,14 +151,14 @@ size_t afl_custom_pre_save(my_mutator_t *data, uint8_t *buf, size_t buf_size, } - memcpy(pre_save_buf + 5, buf, buf_size); - pre_save_buf[0] = 'A'; - pre_save_buf[1] = 'F'; - pre_save_buf[2] = 'L'; - pre_save_buf[3] = '+'; - pre_save_buf[4] = '+'; + memcpy(post_process_buf + 5, buf, buf_size); + post_process_buf[0] = 'A'; + post_process_buf[1] = 'F'; + post_process_buf[2] = 'L'; + post_process_buf[3] = '+'; + post_process_buf[4] = '+'; - *out_buf = pre_save_buf; + *out_buf = post_process_buf; return buf_size + 5; @@ -364,7 +364,7 @@ void afl_custom_queue_new_entry(my_mutator_t * data, */ void afl_custom_deinit(my_mutator_t *data) { - free(data->pre_save_buf); + free(data->post_process_buf); free(data->havoc_buf); free(data->data_buf); free(data->fuzz_buf); diff --git a/examples/custom_mutators/example.py b/examples/custom_mutators/example.py index 3c3fa8c1..cf659e5a 100644 --- a/examples/custom_mutators/example.py +++ b/examples/custom_mutators/example.py @@ -120,7 +120,7 @@ def fuzz(buf, add_buf, max_size): # # return next_index # -# def pre_save(buf): +# def post_process(buf): # ''' # Called just before the execution to write the test case in the format # expected by the target diff --git a/examples/post_library/post_library.so.c b/examples/post_library/post_library.so.c index 0aa780cb..69fb221e 100644 --- a/examples/post_library/post_library.so.c +++ b/examples/post_library/post_library.so.c @@ -83,7 +83,7 @@ typedef struct post_state { } post_state_t; -void *afl_postprocess_init(void *afl) { +void *afl_postprocess_init(void *afl, unsigned int seed{ post_state_t *state = malloc(sizeof(post_state_t)); if (!state) { diff --git a/examples/post_library/post_library_png.so.c b/examples/post_library/post_library_png.so.c index 41ba4f5e..b29afd62 100644 --- a/examples/post_library/post_library_png.so.c +++ b/examples/post_library/post_library_png.so.c @@ -43,7 +43,7 @@ typedef struct post_state { } post_state_t; -void *afl_postprocess_init(void *afl) { +void *afl_postprocess_init(void *afl, unsigned int seed) { post_state_t *state = malloc(sizeof(post_state_t)); if (!state) { -- cgit 1.4.1 From 45bddcd8082eedeeb09500d764c540bc02ec0d74 Mon Sep 17 00:00:00 2001 From: rish9101 Date: Wed, 13 May 2020 19:25:23 +0530 Subject: Fix bugs, remove intial post library test --- examples/post_library/post_library.so.c | 2 +- include/afl-fuzz.h | 2 +- src/afl-fuzz-init.c | 7 ------- 3 files changed, 2 insertions(+), 9 deletions(-) (limited to 'examples') diff --git a/examples/post_library/post_library.so.c b/examples/post_library/post_library.so.c index 69fb221e..d9504b23 100644 --- a/examples/post_library/post_library.so.c +++ b/examples/post_library/post_library.so.c @@ -83,7 +83,7 @@ typedef struct post_state { } post_state_t; -void *afl_postprocess_init(void *afl, unsigned int seed{ +void *afl_postprocess_init(void *afl, unsigned int seed) { post_state_t *state = malloc(sizeof(post_state_t)); if (!state) { diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index 057f78c2..cf8ef735 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -260,7 +260,7 @@ enum { /* 00 */ PY_FUNC_INIT, /* 01 */ PY_FUNC_FUZZ, - /* 02 */ PY_FUNC_post_process, + /* 02 */ PY_FUNC_POST_PROCESS, /* 03 */ PY_FUNC_INIT_TRIM, /* 04 */ PY_FUNC_POST_TRIM, /* 05 */ PY_FUNC_TRIM, diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c index 2686d014..33c00c7a 100644 --- a/src/afl-fuzz-init.c +++ b/src/afl-fuzz-init.c @@ -318,13 +318,6 @@ void setup_post(afl_state_t *afl) { mutator->data = mutator->afl_custom_init(afl, rand_below(afl, 0xFFFFFFFF)); if (!mutator->data) { FATAL("Could not initialize post handler."); } - size_t post_len = mutator->afl_custom_post_process(mutator->data, tbuf, tlen, &post_buf); - if (!post_len || !post_buf) { - - SAYF("Empty return in test post handler for buf=\"hello\\0\"."); - - } - afl->post_library_mutator = mutator; OKF("Postprocessor installed successfully."); -- cgit 1.4.1