From 76e15a06957d03df7ffc8102a043c7694ba251d6 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Fri, 17 Apr 2020 11:56:08 +0200 Subject: [PATCH] refactoring getting the map size --- TODO.md | 5 +++-- include/common.h | 2 ++ src/afl-analyze.c | 11 ++--------- src/afl-common.c | 18 ++++++++++++++++++ src/afl-fuzz.c | 15 ++------------- src/afl-showmap.c | 14 +++----------- src/afl-tmin.c | 14 +++----------- 7 files changed, 33 insertions(+), 46 deletions(-) diff --git a/TODO.md b/TODO.md index 703ba4ed7a..d31178c808 100644 --- a/TODO.md +++ b/TODO.md @@ -1,11 +1,12 @@ # TODO list for AFL++ -## Roadmap 2.64 +## Roadmap 2.65 + - AFL_MAP_SIZE for afl-llvm-pass, qemu_mode and unicorn_mode + - fix stability calculation bug - random crc32 HASH_CONST per run? because with 65536 paths we have collisions - namespace for targets? e.g. network - libradamsa as a custom module? - - fix stability calculation bug ## Further down the road diff --git a/include/common.h b/include/common.h index f5ace8781c..70ff074496 100644 --- a/include/common.h +++ b/include/common.h @@ -115,5 +115,7 @@ u8 *u_stringify_time_diff(u8 *buf, u64 cur_ms, u64 event_ms); u32 read_timed(s32 fd, void *buf, size_t len, u32 timeout_ms, volatile u8 *stop_soon_p); +u32 get_map_size(); + #endif diff --git a/src/afl-analyze.c b/src/afl-analyze.c index 8a84b7810d..b2c0f84161 100644 --- a/src/afl-analyze.c +++ b/src/afl-analyze.c @@ -814,7 +814,7 @@ int main(int argc, char **argv, char **envp) { s32 opt; u8 mem_limit_given = 0, timeout_given = 0, unicorn_mode = 0, use_wine = 0; - char **use_argv, *ptr; + char **use_argv; doc_path = access(DOC_PATH, F_OK) ? "docs" : DOC_PATH; @@ -934,14 +934,7 @@ int main(int argc, char **argv, char **envp) { if (optind == argc || !in_file) usage(argv[0]); - if ((ptr = getenv("AFL_MAP_SIZE")) || (ptr = getenv("AFL_MAPSIZE"))) { - - map_size = atoi(ptr); - if (map_size < 8 || map_size > (1 << 29)) - FATAL("illegal AFL_MAP_SIZE %u, must be between 2^3 and 2^30", map_size); - if (map_size % 8) map_size = (((map_size >> 3) + 1) << 3); - - } + map_size = get_map_size(); use_hex_offsets = !!get_afl_env("AFL_ANALYZE_HEX"); diff --git a/src/afl-common.c b/src/afl-common.c index 38c19234a9..2cbf10590a 100644 --- a/src/afl-common.c +++ b/src/afl-common.c @@ -898,3 +898,21 @@ u32 read_timed(s32 fd, void *buf, size_t len, u32 timeout_ms, } +u32 get_map_size() { + + uint32_t map_size = MAP_SIZE; + char * ptr; + + if ((ptr = getenv("AFL_MAP_SIZE")) || (ptr = getenv("AFL_MAPSIZE"))) { + + map_size = atoi(ptr); + if (map_size < 8 || map_size > (1 << 29)) + FATAL("illegal AFL_MAP_SIZE %u, must be between 2^3 and 2^30", map_size); + if (map_size % 8) map_size = (((map_size >> 3) + 1) << 3); + + } + + return map_size; + +} + diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 03726eb0d0..83e25994f7 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -234,7 +234,7 @@ int main(int argc, char **argv_orig, char **envp) { s32 opt; u64 prev_queued = 0; u32 sync_interval_cnt = 0, seek_to, show_help = 0, map_size = MAP_SIZE; - u8 * extras_dir = 0, *ptr; + u8 * extras_dir = 0; u8 mem_limit_given = 0, exit_1 = 0; char **use_argv; @@ -247,19 +247,8 @@ int main(int argc, char **argv_orig, char **envp) { if (!afl) { FATAL("Could not create afl state"); } if (get_afl_env("AFL_DEBUG")) afl->debug = 1; - if ((ptr = get_afl_env("AFL_MAP_SIZE")) || - (ptr = get_afl_env("AFL_MAPSIZE"))) { - - map_size = atoi(ptr); - if (map_size < 8 || map_size > (1 << 29)) - FATAL( - "the specified AFL_MAP_SIZE size is illegal and must be between 2^3 " - "and 2^30: %u\n", - map_size); - if (map_size % 8) map_size = (((map_size >> 3) + 1) << 3); - - } + map_size = get_map_size(); afl_state_init(afl, map_size); afl_fsrv_init(&afl->fsrv); diff --git a/src/afl-showmap.c b/src/afl-showmap.c index f44b545356..a6adb695f2 100644 --- a/src/afl-showmap.c +++ b/src/afl-showmap.c @@ -536,23 +536,15 @@ int main(int argc, char **argv_orig, char **envp) { s32 opt, i; u8 mem_limit_given = 0, timeout_given = 0, unicorn_mode = 0, use_wine = 0; u32 tcnt = 0; - char **use_argv, *ptr; + char **use_argv; char **argv = argv_cpy_dup(argc, argv_orig); afl_forkserver_t fsrv_var = {0}; afl_forkserver_t *fsrv = &fsrv_var; afl_fsrv_init(fsrv); - - if ((ptr = getenv("AFL_MAP_SIZE")) || (ptr = getenv("AFL_MAPSIZE"))) { - - map_size = atoi(ptr); - if (map_size < 8 || map_size > (1 << 29)) - FATAL("illegal AFL_MAP_SIZE %u, must be between 2^3 and 2^30", map_size); - if (map_size % 8) map_size = (((map_size >> 3) + 1) << 3); - fsrv->map_size = map_size; - - } + map_size = get_map_size(); + fsrv->map_size = map_size; doc_path = access(DOC_PATH, F_OK) ? "docs" : DOC_PATH; diff --git a/src/afl-tmin.c b/src/afl-tmin.c index ad7d70c73d..dab2a41797 100644 --- a/src/afl-tmin.c +++ b/src/afl-tmin.c @@ -758,23 +758,15 @@ int main(int argc, char **argv_orig, char **envp) { s32 opt; u8 mem_limit_given = 0, timeout_given = 0, unicorn_mode = 0, use_wine = 0; - char **use_argv, *ptr; + char **use_argv; char **argv = argv_cpy_dup(argc, argv_orig); afl_forkserver_t fsrv_var = {0}; afl_forkserver_t *fsrv = &fsrv_var; afl_fsrv_init(fsrv); - - if ((ptr = getenv("AFL_MAP_SIZE")) || (ptr = getenv("AFL_MAPSIZE"))) { - - map_size = atoi(ptr); - if (map_size < 8 || map_size > (1 << 29)) - FATAL("illegal AFL_MAP_SIZE %u, must be between 2^3 and 2^30", map_size); - if (map_size % 8) map_size = (((map_size >> 3) + 1) << 3); - fsrv->map_size = map_size; - - } + map_size = get_map_size(); + fsrv->map_size = map_size; doc_path = access(DOC_PATH, F_OK) ? "docs" : DOC_PATH;