From 8bc7b3cf26c2e94ee99fa854c9f7007092bc9949 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 23 Jan 2023 12:45:21 +0100 Subject: add CFI variant for gcc --- src/afl-cc.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) (limited to 'src/afl-cc.c') diff --git a/src/afl-cc.c b/src/afl-cc.c index 803e784e..cbf57047 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -1050,17 +1050,25 @@ static void edit_params(u32 argc, char **argv, char **envp) { if (getenv("AFL_USE_CFISAN")) { - if (!lto_mode) { + if (compiler_mode == GCC_PLUGIN || compiler_mode == GCC) { - uint32_t i = 0, found = 0; - while (envp[i] != NULL && !found) - if (strncmp("-flto", envp[i++], 5) == 0) found = 1; - if (!found) cc_params[cc_par_cnt++] = "-flto"; + cc_params[cc_par_cnt++] = "-fcf-protection"; - } + } else { + + if (!lto_mode) { + + uint32_t i = 0, found = 0; + while (envp[i] != NULL && !found) + if (strncmp("-flto", envp[i++], 5) == 0) found = 1; + if (!found) cc_params[cc_par_cnt++] = "-flto"; - cc_params[cc_par_cnt++] = "-fsanitize=cfi"; - cc_params[cc_par_cnt++] = "-fvisibility=hidden"; + } + + cc_params[cc_par_cnt++] = "-fsanitize=cfi"; + cc_params[cc_par_cnt++] = "-fvisibility=hidden"; + + } } -- cgit 1.4.1 From 4063a3eb4c4099e37aef4f1d96e8b80d58d65fe2 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 23 Jan 2023 12:50:57 +0100 Subject: nit --- docs/Changelog.md | 4 ++++ src/afl-cc.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'src/afl-cc.c') diff --git a/docs/Changelog.md b/docs/Changelog.md index 7a9b74c5..fb573c73 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -3,6 +3,10 @@ This is the list of all noteworthy changes made in every public release of the tool. See README.md for the general instruction manual. +### Version ++4.06a (dev) + - afl-cc: + - add CFI sanitizer variant to gcc targets + ### Version ++4.05c (release) - MacOS: libdislocator, libtokencap etc. do not work with modern MacOS anymore, but could be patched to work, see this issue if you diff --git a/src/afl-cc.c b/src/afl-cc.c index cbf57047..7c3682fb 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -1052,7 +1052,7 @@ static void edit_params(u32 argc, char **argv, char **envp) { if (compiler_mode == GCC_PLUGIN || compiler_mode == GCC) { - cc_params[cc_par_cnt++] = "-fcf-protection"; + cc_params[cc_par_cnt++] = "-fcf-protection=full"; } else { -- cgit 1.4.1