From e1d5009229fb5cea5845cd08e0abdc8fe440ee86 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Fri, 9 Jul 2021 10:32:14 +0200 Subject: fixes --- src/afl-fuzz-python.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'src/afl-fuzz-python.c') diff --git a/src/afl-fuzz-python.c b/src/afl-fuzz-python.c index 3aa97635..bb4eabcc 100644 --- a/src/afl-fuzz-python.c +++ b/src/afl-fuzz-python.c @@ -813,8 +813,8 @@ u8 queue_get_py(void *py_mutator, const u8 *filename) { } -void queue_new_entry_py(void *py_mutator, const u8 *filename_new_queue, - const u8 *filename_orig_queue) { +u8 queue_new_entry_py(void *py_mutator, const u8 *filename_new_queue, + const u8 *filename_orig_queue) { PyObject *py_args, *py_value; @@ -861,7 +861,21 @@ void queue_new_entry_py(void *py_mutator, const u8 *filename_new_queue, py_args); Py_DECREF(py_args); - if (py_value == NULL) { + if (py_value != NULL) { + + int ret = PyObject_IsTrue(py_value); + Py_DECREF(py_value); + + if (ret == -1) { + + PyErr_Print(); + FATAL("Failed to convert return value"); + + } + + return (u8)ret & 0xFF; + + } else { PyErr_Print(); FATAL("Call failed"); -- cgit 1.4.1 From 50fc76faa86c7e2cc6523af141f3596bc2af2364 Mon Sep 17 00:00:00 2001 From: wxyxsx Date: Tue, 10 Aug 2021 11:14:55 +0800 Subject: Update afl-fuzz-python.c Fix havoc_mutations not working in python version --- src/afl-fuzz-python.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src/afl-fuzz-python.c') diff --git a/src/afl-fuzz-python.c b/src/afl-fuzz-python.c index 3aa97635..bc481b49 100644 --- a/src/afl-fuzz-python.c +++ b/src/afl-fuzz-python.c @@ -445,6 +445,10 @@ struct custom_mutator *load_custom_mutator_py(afl_state_t *afl, /* Initialize the custom mutator */ init_py(afl, py_mutator, rand_below(afl, 0xFFFFFFFF)); + + mutator->stacked_custom = (mutator && mutator->afl_custom_havoc_mutation); + mutator->stacked_custom_prob = + 6; // like one of the default mutations in havoc return mutator; -- cgit 1.4.1 From 5700b3c7500204d386d2f9e0f696b4604f0416a8 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 10 Aug 2021 10:02:50 +0200 Subject: remove outdated references --- src/afl-forkserver.c | 7 ++----- src/afl-fuzz-init.c | 4 ++-- src/afl-fuzz-python.c | 2 +- src/afl-fuzz.c | 1 - src/afl-sharedmem.c | 7 ++++++- 5 files changed, 11 insertions(+), 10 deletions(-) (limited to 'src/afl-fuzz-python.c') diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index 26a9aaed..c8c94c08 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -845,9 +845,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, " from the fuzzer! Since it seems to be built with ASAN and you " "have a\n" " restrictive memory limit configured, this is expected; please " - "read\n" - " %s/notes_for_asan.md for help and run with '-m 0'.\n", - doc_path); + "run with '-m 0'.\n"); } else if (!fsrv->mem_limit) { @@ -946,8 +944,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, "with ASAN and\n" " you have a restrictive memory limit configured, this is " "expected; please\n" - " read %s/notes_for_asan.md for help and run with '-m 0'.\n", - doc_path); + " run with '-m 0'.\n"); } else if (!fsrv->mem_limit) { diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c index faa45a4e..9bb25785 100644 --- a/src/afl-fuzz-init.c +++ b/src/afl-fuzz-init.c @@ -978,7 +978,7 @@ void perform_dry_run(afl_state_t *afl) { "quickly\n" " estimate the required amount of virtual memory for the " "binary. Also,\n" - " if you are using ASAN, see %s/notes_for_asan.md.\n\n" + " if you are using ASAN, set '-m 0'.\n\n" " - In QEMU persistent mode the selected address(es) for the " "loop are not\n" @@ -994,7 +994,7 @@ void perform_dry_run(afl_state_t *afl) { "troubleshooting tips.\n", stringify_mem_size(val_buf, sizeof(val_buf), afl->fsrv.mem_limit << 20), - afl->fsrv.mem_limit - 1, doc_path); + afl->fsrv.mem_limit - 1); } else { diff --git a/src/afl-fuzz-python.c b/src/afl-fuzz-python.c index e1c879f4..065977c0 100644 --- a/src/afl-fuzz-python.c +++ b/src/afl-fuzz-python.c @@ -445,7 +445,7 @@ struct custom_mutator *load_custom_mutator_py(afl_state_t *afl, /* Initialize the custom mutator */ init_py(afl, py_mutator, rand_below(afl, 0xFFFFFFFF)); - + mutator->stacked_custom = (mutator && mutator->afl_custom_havoc_mutation); mutator->stacked_custom_prob = 6; // like one of the default mutations in havoc diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index c97427e1..9b9e01a4 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -1501,7 +1501,6 @@ int main(int argc, char **argv_orig, char **envp) { } - get_core_count(afl); atexit(at_exit); diff --git a/src/afl-sharedmem.c b/src/afl-sharedmem.c index b2cdac9b..22fe5a62 100644 --- a/src/afl-sharedmem.c +++ b/src/afl-sharedmem.c @@ -244,7 +244,11 @@ u8 *afl_shm_init(sharedmem_t *shm, size_t map_size, shm->shm_id = shmget(IPC_PRIVATE, map_size, IPC_CREAT | IPC_EXCL | DEFAULT_PERMISSION); - if (shm->shm_id < 0) { PFATAL("shmget() failed, try running afl-system-config"); } + if (shm->shm_id < 0) { + + PFATAL("shmget() failed, try running afl-system-config"); + + } if (shm->cmplog_mode) { @@ -325,3 +329,4 @@ u8 *afl_shm_init(sharedmem_t *shm, size_t map_size, return shm->map; } + -- cgit 1.4.1