From 38e5c32a55086d36c8b9ee38e4b20c15517fc4b2 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Sat, 30 May 2020 11:02:34 +0200 Subject: corrected read_timed for values > 4 --- include/common.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include/common.h') diff --git a/include/common.h b/include/common.h index 4aed9572..7b7bf02d 100644 --- a/include/common.h +++ b/include/common.h @@ -107,6 +107,9 @@ u8 *u_stringify_mem_size(u8 *buf, u64 val); u8 *u_stringify_time_diff(u8 *buf, u64 cur_ms, u64 event_ms); +/* Sets a filedescriptor to non-blocking mode (for read_timed) */ +void set_nonblocking(int fd); + /* Wrapper for select() and read(), reading exactly len bytes. Returns the time passed to read. stop_soon should point to a variable indicating ctrl+c was pressed. -- cgit 1.4.1 From 95b46b427887db655b3f2b9a04dae1924e665d27 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Sat, 30 May 2020 13:53:00 +0200 Subject: reverted extendended read_timed --- include/common.h | 3 -- src/afl-common.c | 82 ++++++++++++++++------------------------------------ src/afl-forkserver.c | 3 +- 3 files changed, 26 insertions(+), 62 deletions(-) (limited to 'include/common.h') diff --git a/include/common.h b/include/common.h index 7b7bf02d..4aed9572 100644 --- a/include/common.h +++ b/include/common.h @@ -107,9 +107,6 @@ u8 *u_stringify_mem_size(u8 *buf, u64 val); u8 *u_stringify_time_diff(u8 *buf, u64 cur_ms, u64 event_ms); -/* Sets a filedescriptor to non-blocking mode (for read_timed) */ -void set_nonblocking(int fd); - /* Wrapper for select() and read(), reading exactly len bytes. Returns the time passed to read. stop_soon should point to a variable indicating ctrl+c was pressed. diff --git a/src/afl-common.c b/src/afl-common.c index 793041b2..d428c9c5 100644 --- a/src/afl-common.c +++ b/src/afl-common.c @@ -39,7 +39,6 @@ #include #include #include -#include #include #include @@ -870,82 +869,51 @@ u8 *u_stringify_time_diff(u8 *buf, u64 cur_ms, u64 event_ms) { } -/* sets a FD to non-blocking mode (used for read_timed) */ -void set_nonblocking(int fd) { - - int ret = 0; - int opt = 1; - ret = ioctl(fd, FIONBIO, &opt); - if (ret == -1) { PFATAL("Could not enable non-blocking mode on fd %d", fd); } - -} - - -/* Wrapper for select() and read(), reading exactly len bytes. - Should be called on non-blocking fds. +/* Wrapper for select() and read(), reading len bytes. + Assumes that all bytes are available on read! Returns the time passed to read. If the wait times out, returns timeout_ms + 1; - Returns 0 if an error occurred (fd closed, signal, ...); - */ + Returns 0 if an error occurred (fd closed, signal, ...); */ u32 read_timed(s32 fd, void *buf, size_t len, u32 timeout_ms, volatile u8 *stop_soon_p) { - struct timeval timeout; fd_set readfds; FD_ZERO(&readfds); FD_SET(fd, &readfds); + struct timeval timeout; - size_t read_total = 0; - ssize_t len_read = 0; - - #if defined(__linux__) - timeout.tv_sec = (timeout_ms / 1000); - timeout.tv_usec = (timeout_ms % 1000) * 1000; - #else - u64 time_start = get_cur_time_us(); - #endif - - while (read_total < len) { - - #if !defined(__linux__) - u64 time_current = get_cur_time_us(); - u64 timeout_current = timeout_ms - (time_current - time_start); - timeout.tv_sec = (timeout_current / 1000); - timeout.tv_usec = (timeout_current % 1000) * 1000; - #endif - - /* set exceptfds as well to return when a child exited/closed the pipe. */ - int sret = select(fd + 1, &readfds, NULL, NULL, &timeout); - - if (!sret) { + timeout.tv_sec = (timeout_ms / 1000); + timeout.tv_usec = (timeout_ms % 1000) * 1000; +#if !defined(__linux__) + u64 read_start = get_cur_time_us(); +#endif - // printf("Timeout in sret."); - return timeout_ms + 1; + /* set exceptfds as well to return when a child exited/closed the pipe. */ + int sret = select(fd + 1, &readfds, NULL, NULL, &timeout); - } else if (sret < 0) { + if (!sret) { - /* Retry select for all signals other than than ctrl+c */ - if (errno == EINTR && !*stop_soon_p) { continue; } - return 0; + return timeout_ms + 1; - } + } else if (sret < 0) { - len_read = read(fd, ((u8 *)buf) + read_total, len - read_total); - if (len_read <= 0) { return 0; } - read_total += len_read; + return 0; } - #if defined(__linux__) - s32 exec_ms = + ssize_t len_read = read(fd, ((u8 *)buf), len); + if (len_read < len) { return 0; } + +#if defined(__linux__) + u32 exec_ms = MIN(timeout_ms, ((u64)timeout_ms - (timeout.tv_sec * 1000 + timeout.tv_usec / 1000))); - #else - u32 exec_ms = get_cur_time_us() - time_start; - #endif +#else + u32 exec_ms = get_cur_time_us() - read_start; +#endif - return exec_ms > 0 ? exec_ms - : 1; // at least 1 milli must have passed (0 is an error) + // ensure to report 1 ms has passed (0 is an error) + return exec_ms > 0 ? exec_ms : 1; } diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index 1884ff98..137a4f99 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -401,8 +401,6 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, fsrv->fsrv_ctl_fd = ctl_pipe[1]; fsrv->fsrv_st_fd = st_pipe[0]; - set_nonblocking(fsrv->fsrv_st_fd); - /* Wait for the fork server to come up, but don't wait too long. */ rlen = 0; @@ -857,6 +855,7 @@ fsrv_run_result_t afl_fsrv_run_target(afl_forkserver_t *fsrv, u32 timeout, if ((res = read(fsrv->fsrv_st_fd, &fsrv->child_pid, 4)) != 4) { + if (*stop_soon_p) { return 0; } RPFATAL(res, "Unable to request new process from fork server (OOM?)"); } -- cgit 1.4.1 From c0ed118ba553846fb80cfed5c02d66e5435b94c5 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Sat, 30 May 2020 20:38:01 +0200 Subject: comment --- include/common.h | 9 +-------- src/afl-forkserver.c | 5 +++-- 2 files changed, 4 insertions(+), 10 deletions(-) (limited to 'include/common.h') diff --git a/include/common.h b/include/common.h index 4aed9572..87a7425b 100644 --- a/include/common.h +++ b/include/common.h @@ -107,14 +107,7 @@ u8 *u_stringify_mem_size(u8 *buf, u64 val); u8 *u_stringify_time_diff(u8 *buf, u64 cur_ms, u64 event_ms); -/* Wrapper for select() and read(), reading exactly len bytes. - Returns the time passed to read. - stop_soon should point to a variable indicating ctrl+c was pressed. - If the wait times out, returns timeout_ms + 1; - Returns 0 if an error occurred (fd closed, signal, ...); */ -u32 read_timed(s32 fd, void *buf, size_t len, u32 timeout_ms, - volatile u8 *stop_soon_p); - +/* Reads the map size from ENV */ u32 get_map_size(void); #endif diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index a0e08589..76674389 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -454,8 +454,9 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, rlen = 0; if (fsrv->exec_tmout) { - u32 time_ms = read_s32_timed(fsrv->fsrv_st_fd, &status, - fsrv->exec_tmout * FORK_WAIT_MULT, stop_soon_p); + u32 time_ms = + read_s32_timed(fsrv->fsrv_st_fd, &status, + fsrv->exec_tmout * FORK_WAIT_MULT, stop_soon_p); if (!time_ms) { -- cgit 1.4.1