summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Swiecki <robert@swiecki.net>2019-04-17 21:56:22 +0200
committerRobert Swiecki <robert@swiecki.net>2019-04-17 21:56:22 +0200
commit251ee7cf631b31ef92b2426f84e6a44da1748fc8 (patch)
treebce4e7e13f5ffcae07e5df1374d892e8f8bdf27e
parentbd88b835f537d342e1ade19075fed98dcae7b1f9 (diff)
downloadhonggfuzz-251ee7cf631b31ef92b2426f84e6a44da1748fc8.tar.gz
socketfuzzer: use files* funcs
Diffstat
-rw-r--r--cmdline.c2
-rw-r--r--fuzz.c8
-rw-r--r--input.c6
-rw-r--r--socketfuzzer.c38
4 files changed, 19 insertions, 35 deletions
diff --git a/cmdline.c b/cmdline.c
index 9d203fa0..df54e535 100644
--- a/cmdline.c
+++ b/cmdline.c
@@ -598,7 +598,7 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) {
break;
case 0x110:
hfuzz->exe.feedbackMutateCommand = optarg;
- break;
+ break;
case 0x105:
if ((strcasecmp(optarg, "0") == 0) || (strcasecmp(optarg, "false") == 0)) {
hfuzz->cfg.monitorSIGABRT = false;
diff --git a/fuzz.c b/fuzz.c
index 29e7a99b..950c556f 100644
--- a/fuzz.c
+++ b/fuzz.c
@@ -328,8 +328,8 @@ static bool fuzz_fetchInput(run_t* run) {
LOG_E("input_prepareFileExternally() failed");
return false;
}
- } else if (run->global->exe.feedbackMutateCommand){
- if (!input_prepareDynamicInput(run, false)){
+ } else if (run->global->exe.feedbackMutateCommand) {
+ if (!input_prepareDynamicInput(run, false)) {
LOG_E("input_prepareFileDynamically() failed");
return false;
}
@@ -345,8 +345,8 @@ static bool fuzz_fetchInput(run_t* run) {
LOG_E("input_prepareFileExternally() failed");
return false;
}
- } else if (run->global->exe.feedbackMutateCommand){
- if (!input_prepareStaticFile(run, true, false)){
+ } else if (run->global->exe.feedbackMutateCommand) {
+ if (!input_prepareStaticFile(run, true, false)) {
LOG_E("input_prepareFileDynamically() failed");
return false;
}
diff --git a/input.c b/input.c
index 3a9db7d5..77e3db5f 100644
--- a/input.c
+++ b/input.c
@@ -332,8 +332,7 @@ bool input_prepareDynamicInput(run_t* run, bool need_mangele) {
input_setSize(run, run->dynfileqCurrent->size);
memcpy(run->dynamicFile, run->dynfileqCurrent->data, run->dynfileqCurrent->size);
- if (need_mangele)
- mangle_mangleContent(run);
+ if (need_mangele) mangle_mangleContent(run);
return true;
}
@@ -353,8 +352,7 @@ bool input_prepareStaticFile(run_t* run, bool rewind, bool need_mangele) {
}
input_setSize(run, fileSz);
- if (need_mangele)
- mangle_mangleContent(run);
+ if (need_mangele) mangle_mangleContent(run);
return true;
}
diff --git a/socketfuzzer.c b/socketfuzzer.c
index 14a5f246..d941e340 100644
--- a/socketfuzzer.c
+++ b/socketfuzzer.c
@@ -37,7 +37,6 @@ bool fuzz_waitForExternalInput(run_t* run) {
/* tell the external fuzzer to do his thing */
if (!fuzz_prepareSocketFuzzer(run)) {
LOG_F("fuzz_prepareSocketFuzzer() failed");
- return false;
}
/* the external fuzzer may inform us of a crash */
@@ -50,17 +49,10 @@ bool fuzz_waitForExternalInput(run_t* run) {
}
bool fuzz_prepareSocketFuzzer(run_t* run) {
- ssize_t ret;
-
// Notify fuzzer that he should send teh things
LOG_D("fuzz_prepareSocketFuzzer: SEND Fuzz");
- ret = send(run->global->socketFuzzer.clientSocket, "Fuzz", 4, 0);
- if (ret < 0) {
- LOG_F("fuzz_prepareSocketFuzzer: received: %zu", ret);
- return false;
- }
-
- return true;
+ return files_sendToSocket(
+ run->global->socketFuzzer.clientSocket, (uint8_t*)"Fuzz", strlen("Fuzz"));
}
/* Return values:
@@ -70,17 +62,16 @@ bool fuzz_prepareSocketFuzzer(run_t* run) {
*/
int fuzz_waitforSocketFuzzer(run_t* run) {
ssize_t ret;
- char buf[16];
+ uint8_t buf[16];
// Wait until the external fuzzer did his thing
bzero(buf, 16);
- ret = recv(run->global->socketFuzzer.clientSocket, buf, 4, 0);
+ ret = files_readFromFd(run->global->socketFuzzer.clientSocket, buf, 4);
LOG_D("fuzz_waitforSocketFuzzer: RECV: %s", buf);
// We dont care what we receive, its just to block here
if (ret < 0) {
LOG_F("fuzz_waitforSocketFuzzer: received: %zu", ret);
- return 0;
}
if (memcmp(buf, "okay", 4) == 0) {
@@ -93,27 +84,21 @@ int fuzz_waitforSocketFuzzer(run_t* run) {
}
bool fuzz_notifySocketFuzzerNewCov(honggfuzz_t* hfuzz) {
- ssize_t ret;
-
// Tell the fuzzer that the thing he sent reached new BB's
- ret = send(hfuzz->socketFuzzer.clientSocket, "New!", 4, 0);
+ bool ret = files_sendToSocket(hfuzz->socketFuzzer.clientSocket, (uint8_t*)"New!", 4);
LOG_D("fuzz_notifySocketFuzzer: SEND: New!");
- if (ret < 0) {
- LOG_F("fuzz_notifySocketFuzzer: sent: %zu", ret);
- return false;
+ if (!ret) {
+ LOG_F("fuzz_notifySocketFuzzer");
}
return true;
}
bool fuzz_notifySocketFuzzerCrash(run_t* run) {
- ssize_t ret;
-
- ret = send(run->global->socketFuzzer.clientSocket, "Cras", 4, 0);
+ bool ret = files_sendToSocket(run->global->socketFuzzer.clientSocket, (uint8_t*)"Cras", 4);
LOG_D("fuzz_notifySocketFuzzer: SEND: Crash");
- if (ret < 0) {
- LOG_F("fuzz_notifySocketFuzzer: sent: %zu", ret);
- return false;
+ if (!ret) {
+ LOG_F("fuzz_notifySocketFuzzer");
}
return true;
@@ -147,7 +132,8 @@ bool setupSocketFuzzer(honggfuzz_t* run) {
printf("Waiting for SocketFuzzer connection on socket: %s\n", socketPath);
t = sizeof(remote);
- if ((run->socketFuzzer.clientSocket = accept(s, (struct sockaddr*)&remote, &t)) == -1) {
+ if ((run->socketFuzzer.clientSocket =
+ TEMP_FAILURE_RETRY(accept(s, (struct sockaddr*)&remote, &t))) == -1) {
perror("accept");
return false;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-23 23:36:34 +0000