From 8316425375031cedbf7e3ea6d6b116a376f01589 Mon Sep 17 00:00:00 2001
From: Sebastian Österlund <s.osterlund@vu.nl>
Date: Fri, 29 May 2020 11:51:11 +0200
Subject: Add AFL_LLVM_WHITELIST_FNMATCH env var

Only enable UNIX pattern matching on the whitelist when
AFL_LLVM_WHITELIST_FNMATCH is set. The reason being that we keep
backwards compatibility with old whitelists.
---
 llvm_mode/afl-llvm-common.cc | 35 ++++++++++++++++++++++-------------
 1 file changed, 22 insertions(+), 13 deletions(-)

(limited to 'llvm_mode/afl-llvm-common.cc')

diff --git a/llvm_mode/afl-llvm-common.cc b/llvm_mode/afl-llvm-common.cc
index e97423a0..42f2b774 100644
--- a/llvm_mode/afl-llvm-common.cc
+++ b/llvm_mode/afl-llvm-common.cc
@@ -147,20 +147,25 @@ bool isInWhitelist(llvm::Function *F) {
     /* Continue only if we know where we actually are */
     if (!instFilename.str().empty()) {
 
+      char *enable_fnmatch = getenv("AFL_LLVM_WHITELIST_FNMATCH");
+
       for (std::list<std::string>::iterator it = myWhitelist.begin();
            it != myWhitelist.end(); ++it) {
 
         /* We don't check for filename equality here because
          * filenames might actually be full paths. Instead we
          * check that the actual filename ends in the filename
-         * specified in the list. */
-        if (instFilename.str().length() >= it->length()) {
-
-          if (fnmatch((*it).c_str(),
-                      instFilename.str().c_str(), FNM_PATHNAME) == 0) {
+         * specified in the list. Enable UNIX-style pattern
+         * matching if AFL_LLVM_WHITELIST_FNMATCH is set */
 
+        if (instFilename.str().length() >= it->length()) {
+          if (enable_fnmatch  && fnmatch((*it).c_str(),
+                instFilename.str().c_str(), 0) == 0) {
+            return true;
+          } else if (!enable_fnmatch && instFilename.str().compare(
+                       instFilename.str().length() - it->length(),
+                       it->length(), *it) == 0) {
             return true;
-
           }
 
         }
@@ -183,21 +188,25 @@ bool isInWhitelist(llvm::Function *F) {
     /* Continue only if we know where we actually are */
     if (!instFilename.str().empty()) {
 
+      char *enable_fnmatch = getenv("AFL_LLVM_WHITELIST_FNMATCH");
+
       for (std::list<std::string>::iterator it = myWhitelist.begin();
            it != myWhitelist.end(); ++it) {
 
         /* We don't check for filename equality here because
          * filenames might actually be full paths. Instead we
          * check that the actual filename ends in the filename
-         * specified in the list. */
-        if (instFilename.str().length() >= it->length()) {
-
-          if (instFilename.str().compare(
-                  instFilename.str().length() - it->length(), it->length(),
-                  *it) == 0) {
+         * specified in the list. Enable UNIX-style pattern
+         * matching if AFL_LLVM_WHITELIST_FNMATCH is set */
 
+        if (instFilename.str().length() >= it->length()) {
+          if (enable_fnmatch  && fnmatch((*it).c_str(),
+                instFilename.str().c_str(), 0) == 0) {
+            return true;
+          } else if (!enable_fnmatch && instFilename.str().compare(
+                       instFilename.str().length() - it->length(),
+                       it->length(), *it) == 0) {
             return true;
-
           }
 
         }
-- 
cgit 1.4.1