SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'dev' into main

Browse Source
This commit is contained in:
Dominik Maier 2021-03-10 19:41:01 +01:00
commit d1524d9657
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
fuzzers/libfuzzer_libpng/test.sh
View File

@ -1,17 +1,18 @@
#!/bin/sh #!/bin/sh
mkdir -p ./crashes mkdir -p ./crashes
rm -rf ./.libfuzzer_test.elf
cargo build --example libfuzzer_libpng --release || exit 1 cargo build --example libfuzzer_libpng --release || exit 1
cp ../../target/release/examples/libfuzzer_libpng ./.libfuzzer_test.elf cp ../../target/release/examples/libfuzzer_libpng ./.libfuzzer_test.elf
# The broker # The broker
RUST_BACKTRACE=full taskset 0 ./.libfuzzer_test.elf & RUST_BACKTRACE=full taskset -c 0 ./.libfuzzer_test.elf &
# Give the broker time to spawn # Give the broker time to spawn
sleep 2 sleep 2
echo "Spawning client" echo "Spawning client"
# The 1st fuzzer client, pin to cpu 0x1 # The 1st fuzzer client, pin to cpu 0x1
RUST_BACKTRACE=full taskset 1 ./.libfuzzer_test.elf 2>/dev/null RUST_BACKTRACE=full taskset -c 1 ./.libfuzzer_test.elf 2>/dev/null
killall .libfuzzer_test.elf killall .libfuzzer_test.elf
rm -rf ./.libfuzzer_test.elf rm -rf ./.libfuzzer_test.elf

7
fuzzers/libfuzzer_runtime/rt.c
View File

@ -138,7 +138,12 @@ void *malloc(size_t size) {
k &= MAP_SIZE - 1; k &= MAP_SIZE - 1;
__lafl_alloc_map[k] = MAX(__lafl_alloc_map[k], size); __lafl_alloc_map[k] = MAX(__lafl_alloc_map[k], size);
return realloc(NULL, size); // We cannot malloc in malloc.
// Hence, even realloc(NULL, size) would loop in an optimized build.
// We fall back to a stricter allocation function. Fingers crossed.
void *ret = NULL;
posix_memalign(&ret, 1<<6, size);
return ret;
} }