From 903b5607bc0eea01aa9872a2a53221a953c7a559 Mon Sep 17 00:00:00 2001 From: Eli Kobrin Date: Wed, 16 Nov 2022 18:19:50 +0300 Subject: Fix argv-fuzz. --- utils/argv_fuzzing/argv-fuzz-inl.h | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'utils/argv_fuzzing/argv-fuzz-inl.h') diff --git a/utils/argv_fuzzing/argv-fuzz-inl.h b/utils/argv_fuzzing/argv-fuzz-inl.h index c15c0271..68a0c93d 100644 --- a/utils/argv_fuzzing/argv-fuzz-inl.h +++ b/utils/argv_fuzzing/argv-fuzz-inl.h @@ -34,6 +34,7 @@ #ifndef _HAVE_ARGV_FUZZ_INL #define _HAVE_ARGV_FUZZ_INL +#include #include #define AFL_INIT_ARGV() \ @@ -63,22 +64,22 @@ static char **afl_init_argv(int *argc) { char *ptr = in_buf; int rc = 0; - if (read(0, in_buf, MAX_CMDLINE_LEN - 2) < 0) {} - - while (*ptr && rc < MAX_CMDLINE_PAR) { + ssize_t num = 0; + if ((num = read(0, in_buf, MAX_CMDLINE_LEN - 2)) < 0) {} + if (in_buf[num - 1] == '\n') { + in_buf[num - 1] = 0; + } - ret[rc] = ptr; + char delim = ' '; + char *curarg = strtok(ptr, &delim); + while (curarg && rc < MAX_CMDLINE_PAR) { + ret[rc] = curarg; if (ret[rc][0] == 0x02 && !ret[rc][1]) ret[rc]++; rc++; - - while (*ptr) - ptr++; - ptr++; - + curarg = strtok(NULL, &delim); } *argc = rc; - return ret; } @@ -87,4 +88,3 @@ static char **afl_init_argv(int *argc) { #undef MAX_CMDLINE_PAR #endif /* !_HAVE_ARGV_FUZZ_INL */ - -- cgit 1.4.1 From 3d07f0ab791565feb904f5897b22ef924fc06a48 Mon Sep 17 00:00:00 2001 From: Eli Kobrin Date: Thu, 17 Nov 2022 14:14:11 +0300 Subject: Handle empty input. --- utils/argv_fuzzing/argv-fuzz-inl.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'utils/argv_fuzzing/argv-fuzz-inl.h') diff --git a/utils/argv_fuzzing/argv-fuzz-inl.h b/utils/argv_fuzzing/argv-fuzz-inl.h index 68a0c93d..2ec433e1 100644 --- a/utils/argv_fuzzing/argv-fuzz-inl.h +++ b/utils/argv_fuzzing/argv-fuzz-inl.h @@ -65,7 +65,10 @@ static char **afl_init_argv(int *argc) { int rc = 0; ssize_t num = 0; - if ((num = read(0, in_buf, MAX_CMDLINE_LEN - 2)) < 0) {} + if ((num = read(0, in_buf, MAX_CMDLINE_LEN - 2)) <= 0) { + *argc = 0; + return ret; + } if (in_buf[num - 1] == '\n') { in_buf[num - 1] = 0; } -- cgit 1.4.1 From 8f9726d4a901880808d46706cdb9024c5d08bb7e Mon Sep 17 00:00:00 2001 From: Eli Kobrin Date: Thu, 17 Nov 2022 17:27:13 +0300 Subject: Fix delim. --- utils/argv_fuzzing/argv-fuzz-inl.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'utils/argv_fuzzing/argv-fuzz-inl.h') diff --git a/utils/argv_fuzzing/argv-fuzz-inl.h b/utils/argv_fuzzing/argv-fuzz-inl.h index 2ec433e1..94d4c123 100644 --- a/utils/argv_fuzzing/argv-fuzz-inl.h +++ b/utils/argv_fuzzing/argv-fuzz-inl.h @@ -73,13 +73,12 @@ static char **afl_init_argv(int *argc) { in_buf[num - 1] = 0; } - char delim = ' '; - char *curarg = strtok(ptr, &delim); + char *curarg = strtok(ptr, " "); while (curarg && rc < MAX_CMDLINE_PAR) { ret[rc] = curarg; if (ret[rc][0] == 0x02 && !ret[rc][1]) ret[rc]++; rc++; - curarg = strtok(NULL, &delim); + curarg = strtok(NULL, " "); } *argc = rc; -- cgit 1.4.1 From ba788591dc50ba01088a9e0ed76ae29878eedbdd Mon Sep 17 00:00:00 2001 From: Eli Kobrin Date: Thu, 17 Nov 2022 17:38:45 +0300 Subject: Handle read() error. --- utils/argv_fuzzing/argv-fuzz-inl.h | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) (limited to 'utils/argv_fuzzing/argv-fuzz-inl.h') diff --git a/utils/argv_fuzzing/argv-fuzz-inl.h b/utils/argv_fuzzing/argv-fuzz-inl.h index 94d4c123..917c6222 100644 --- a/utils/argv_fuzzing/argv-fuzz-inl.h +++ b/utils/argv_fuzzing/argv-fuzz-inl.h @@ -34,7 +34,7 @@ #ifndef _HAVE_ARGV_FUZZ_INL #define _HAVE_ARGV_FUZZ_INL -#include +#include #include #define AFL_INIT_ARGV() \ @@ -64,24 +64,27 @@ static char **afl_init_argv(int *argc) { char *ptr = in_buf; int rc = 0; - ssize_t num = 0; - if ((num = read(0, in_buf, MAX_CMDLINE_LEN - 2)) <= 0) { - *argc = 0; - return ret; - } - if (in_buf[num - 1] == '\n') { - in_buf[num - 1] = 0; + ssize_t num = read(0, in_buf, MAX_CMDLINE_LEN - 2); + if (num < 0) { + abort(); } + in_buf[num] = '\0'; + in_buf[num + 1] = '\0'; + + while (*ptr && rc < MAX_CMDLINE_PAR) { - char *curarg = strtok(ptr, " "); - while (curarg && rc < MAX_CMDLINE_PAR) { - ret[rc] = curarg; + ret[rc] = ptr; if (ret[rc][0] == 0x02 && !ret[rc][1]) ret[rc]++; rc++; - curarg = strtok(NULL, " "); + + while (*ptr) + ptr++; + ptr++; + } *argc = rc; + return ret; } @@ -90,3 +93,4 @@ static char **afl_init_argv(int *argc) { #undef MAX_CMDLINE_PAR #endif /* !_HAVE_ARGV_FUZZ_INL */ + -- cgit 1.4.1 From d7e788a3c0138637147621cc4d6ab8087e0af956 Mon Sep 17 00:00:00 2001 From: kobrineli Date: Fri, 18 Nov 2022 13:35:51 +0300 Subject: Exit on read error. --- utils/argv_fuzzing/argv-fuzz-inl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'utils/argv_fuzzing/argv-fuzz-inl.h') diff --git a/utils/argv_fuzzing/argv-fuzz-inl.h b/utils/argv_fuzzing/argv-fuzz-inl.h index 917c6222..e350dd4e 100644 --- a/utils/argv_fuzzing/argv-fuzz-inl.h +++ b/utils/argv_fuzzing/argv-fuzz-inl.h @@ -66,7 +66,7 @@ static char **afl_init_argv(int *argc) { ssize_t num = read(0, in_buf, MAX_CMDLINE_LEN - 2); if (num < 0) { - abort(); + exit(1); } in_buf[num] = '\0'; in_buf[num + 1] = '\0'; -- cgit 1.4.1 From e26c173041b185d7ea37aa923cca3ec4aed51b1b Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 13 Dec 2022 09:13:52 +0100 Subject: code format --- frida_mode/src/instrument/instrument_arm32.c | 4 ++++ utils/argv_fuzzing/argv-fuzz-inl.h | 4 +--- 2 files changed, 5 insertions(+), 3 deletions(-) (limited to 'utils/argv_fuzzing/argv-fuzz-inl.h') diff --git a/frida_mode/src/instrument/instrument_arm32.c b/frida_mode/src/instrument/instrument_arm32.c index 84dbb3be..51f78a35 100644 --- a/frida_mode/src/instrument/instrument_arm32.c +++ b/frida_mode/src/instrument/instrument_arm32.c @@ -276,9 +276,13 @@ gpointer instrument_cur(GumStalkerOutput *output) { gpointer curr = NULL; if (output->encoding == GUM_INSTRUCTION_SPECIAL) { + curr = gum_thumb_writer_cur(output->writer.thumb); + } else { + curr = gum_arm_writer_cur(output->writer.arm); + } return curr; diff --git a/utils/argv_fuzzing/argv-fuzz-inl.h b/utils/argv_fuzzing/argv-fuzz-inl.h index e350dd4e..ec22c53b 100644 --- a/utils/argv_fuzzing/argv-fuzz-inl.h +++ b/utils/argv_fuzzing/argv-fuzz-inl.h @@ -65,9 +65,7 @@ static char **afl_init_argv(int *argc) { int rc = 0; ssize_t num = read(0, in_buf, MAX_CMDLINE_LEN - 2); - if (num < 0) { - exit(1); - } + if (num < 1) { _exit(1); } in_buf[num] = '\0'; in_buf[num + 1] = '\0'; -- cgit 1.4.1