MSVC fixes

2021-04-28 08:47:07 +02:00 · 2021-04-28 08:47:07 +02:00 · 4747a35936
commit 4747a35936
parent 8e544c59c6
4 changed files with 23 additions and 6 deletions
--- a/fuzzers/libfuzzer_libmozjpeg/hook_allocs.c
+++ b/fuzzers/libfuzzer_libmozjpeg/hook_allocs.c
@ -6,8 +6,12 @@

 #ifdef _WIN32
 #define posix_memalign(p, a, s) (((*(p)) = _aligned_malloc((s), (a))), *(p) ?0 :errno)
+#define RETADDR (uintptr_t)_ReturnAddress()
+#else
+#define RETADDR (uintptr_t)__builtin_return_address(0)
 #endif

+#ifdef __GNUC__
 #define MAX(a, b)           \
  ({                        \
                            \
@ -16,12 +20,15 @@
    _a > _b ? _a : _b;      \
                            \
  })
+#else
+#define MAX(a, b) (((a) > (b)) ? (a) : (b)) 
+#endif

 size_t libafl_alloc_map[MAP_SIZE];

 void *malloc(size_t size) {

-  uintptr_t k = (uintptr_t)__builtin_return_address(0);
+  uintptr_t k = RETADDR;
  k = (k >> 4) ^ (k << 8);
  k &= MAP_SIZE - 1;
  libafl_alloc_map[k] = MAX(libafl_alloc_map[k], size);
@ -39,7 +46,7 @@ void *calloc(size_t nmemb, size_t size) {

  size *= nmemb;

-  uintptr_t k = (uintptr_t)__builtin_return_address(0);
+  uintptr_t k = RETADDR;
  k = (k >> 4) ^ (k << 8);
  k &= MAP_SIZE - 1;
  libafl_alloc_map[k] = MAX(libafl_alloc_map[k], size);
--- a/fuzzers/libfuzzer_libmozjpeg/src/lib.rs
+++ b/fuzzers/libfuzzer_libmozjpeg/src/lib.rs
@ -100,8 +100,9 @@ fn fuzz(corpus_dirs: Vec<PathBuf>, objective_dir: PathBuf, broker_port: u16) ->
    let mutator = StdScheduledMutator::new(havoc_mutations());
    let stage = StdMutationalStage::new(mutator);

+    // A random policy to get testcasess from the corpus
    let scheduler = RandCorpusScheduler::new();
-    // A fuzzer with just one stage and a random policy to get testcasess from the corpus
+    // A fuzzer with just one stage
    let mut fuzzer = StdFuzzer::new(tuple_list!(stage));

    // The wrapped harness function, calling out to the LLVM-style harness
@ -110,7 +111,7 @@ fn fuzz(corpus_dirs: Vec<PathBuf>, objective_dir: PathBuf, broker_port: u16) ->
        ExitKind::Ok
    };

-    // Create the executor for an in-process function with just one observer for edge coverage
+    // Create the executor for an in-process function with observers for edge coverage, value-profile and allocations sizes
    let mut executor = InProcessExecutor::new(
        "in-process(edges,cmp,alloc)",
        &mut harness,
--- a/fuzzers/libfuzzer_libpng/src/lib.rs
+++ b/fuzzers/libfuzzer_libpng/src/lib.rs
@ -106,7 +106,7 @@ fn fuzz(corpus_dirs: Vec<PathBuf>, objective_dir: PathBuf, broker_port: u16) ->
    let mutator = StdScheduledMutator::new(havoc_mutations());
    let stage = StdMutationalStage::new(mutator);

-    // A fuzzer with just one stage and a minimization+queue policy to get testcasess from the corpus
+    // A fuzzer with just one stage
    let mut fuzzer = StdFuzzer::new(tuple_list!(stage));

    // A minimization+queue policy to get testcasess from the corpus
@ -118,7 +118,7 @@ fn fuzz(corpus_dirs: Vec<PathBuf>, objective_dir: PathBuf, broker_port: u16) ->
        ExitKind::Ok
    };

-    // Create the executor for an in-process function with just one observer for edge coverage
+    // Create the executor for an in-process function with one observer for edge coverage and one for the execution time
    let mut executor = TimeoutExecutor::new(
        InProcessExecutor::new(
            "in-process(edges,time)",
--- a/libafl_targets/src/value_profile.c
+++ b/libafl_targets/src/value_profile.c
@ -7,6 +7,7 @@

 extern uint8_t libafl_cmp_map[MAP_SIZE];

+#ifdef __GNUC__
 #define MAX(a, b)           \
  ({                        \
                            \
@ -15,12 +16,20 @@ extern uint8_t libafl_cmp_map[MAP_SIZE];
    _a > _b ? _a : _b;      \
                            \
  })
+#else
+#define MAX(a, b) (((a) > (b)) ? (a) : (b)) 
+#endif

 #if defined(__APPLE__)
  #pragma weak __sanitizer_cov_trace_const_cmp1 = __sanitizer_cov_trace_cmp1
  #pragma weak __sanitizer_cov_trace_const_cmp2 = __sanitizer_cov_trace_cmp2
  #pragma weak __sanitizer_cov_trace_const_cmp4 = __sanitizer_cov_trace_cmp4
  #pragma weak __sanitizer_cov_trace_const_cmp8 = __sanitizer_cov_trace_cmp8
+#elif defined(_MSC_VER)
+  #pragma comment(linker, "/alternatename:__sanitizer_cov_trace_const_cmp1=__sanitizer_cov_trace_cmp1")
+  #pragma comment(linker, "/alternatename:__sanitizer_cov_trace_const_cmp2=__sanitizer_cov_trace_cmp2")
+  #pragma comment(linker, "/alternatename:__sanitizer_cov_trace_const_cmp4=__sanitizer_cov_trace_cmp4")
+  #pragma comment(linker, "/alternatename:__sanitizer_cov_trace_const_cmp8=__sanitizer_cov_trace_cmp8")
 #else
 void __sanitizer_cov_trace_const_cmp1(uint8_t arg1, uint8_t arg2) __attribute__((alias("__sanitizer_cov_trace_cmp1")));
 void __sanitizer_cov_trace_const_cmp2(uint16_t arg1, uint16_t arg2)