diff options
| author | Robert Swiecki <robert@swiecki.net> | 2018-01-10 14:58:44 +0100 |
|---|---|---|
| committer | Robert Swiecki <robert@swiecki.net> | 2018-01-10 14:58:44 +0100 |
| commit | 2aeff25712894aa337f6fe30842392762b3b60c7 (patch) | |
| tree | d7ae3ba5c8e0164cdf9015ffe5c4051aa21e170c | |
| parent | 9a7539606fdd7165af6196fce2b5a9cb7f0ec117 (diff) | |
| download | honggfuzz-2aeff25712894aa337f6fe30842392762b3b60c7.tar.gz | |
arch: simplify arch handling a bit
| -rw-r--r-- | cmdline.c | 4 | ||||
| -rw-r--r-- | honggfuzz.h | 2 | ||||
| -rw-r--r-- | linux/arch.c | 44 | ||||
| -rw-r--r-- | mac/arch.c | 19 | ||||
| -rw-r--r-- | posix/arch.c | 19 | ||||
| -rw-r--r-- | subproc.c | 6 |
6 files changed, 50 insertions, 44 deletions
@@ -205,6 +205,7 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) { }, .exe = { + .argc = 0, .cmdline = NULL, .nullifyStdio = true, .fuzzStdin = false, @@ -614,8 +615,9 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) { if (!logInitLogFile(logfile, ll)) { return false; } + hfuzz->exe.argc = argc - optind; hfuzz->exe.cmdline = (const char* const*)&argv[optind]; - if (hfuzz->exe.cmdline[0] == NULL) { + if (hfuzz->exe.argc <= 0) { LOG_E("No fuzz command provided"); cmdlineUsage(argv[0], custom_opts); return false; diff --git a/honggfuzz.h b/honggfuzz.h index d19a8d62..b262d876 100644 --- a/honggfuzz.h +++ b/honggfuzz.h @@ -192,6 +192,7 @@ typedef struct { bool saveUnique; } io; struct { + int argc; const char* const* cmdline; bool nullifyStdio; bool fuzzStdin; @@ -285,6 +286,7 @@ typedef struct { uintptr_t cloneFlags; bool kernelOnly; bool useClone; + sigset_t waitSigSet; } linux; } honggfuzz_t; diff --git a/linux/arch.c b/linux/arch.c index 7c915d63..e83a0fd1 100644 --- a/linux/arch.c +++ b/linux/arch.c @@ -146,32 +146,32 @@ bool arch_launchChild(run_t* run) { syscall(__NR_personality, ADDR_NO_RANDOMIZE) == -1) { PLOG_D("personality(ADDR_NO_RANDOMIZE) failed"); } + #define ARGS_MAX 512 const char* args[ARGS_MAX + 2]; - char argData[PATH_MAX] = {0}; + char argData[PATH_MAX]; int x = 0; - for (x = 0; x < ARGS_MAX && run->global->exe.cmdline[x]; x++) { - if (!run->global->exe.fuzzStdin && !run->global->persistent && - strcmp(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER) == 0) { + for (x = 0; x < ARGS_MAX && x < run->global->exe.argc; x++) { + if (run->global->persistent || run->global->exe.fuzzStdin) { + args[x] = run->global->exe.cmdline[x]; + } else if (!strcmp(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER)) { args[x] = (char*)run->fileName; - } else if (!run->global->exe.fuzzStdin && !run->global->persistent && - strstr(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER)) { + } else if (strstr(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER)) { const char* off = strstr(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER); - snprintf(argData, PATH_MAX, "%.*s%s", (int)(off - run->global->exe.cmdline[x]), + snprintf(argData, sizeof(argData), "%.*s%s", (int)(off - run->global->exe.cmdline[x]), run->global->exe.cmdline[x], run->fileName); args[x] = argData; } else { args[x] = run->global->exe.cmdline[x]; } } - args[x++] = NULL; LOG_D("Launching '%s' on file '%s'", args[0], run->global->persistent ? "PERSISTENT_MODE" : run->fileName); - /* alarm persists across forks, so disable it here */ + /* alarms persist across execve(), so disable it here */ alarm(0); /* Wait for the ptrace to attach, if this is not a persistent fuzzing session */ @@ -321,14 +321,13 @@ static bool arch_checkWait(run_t* run) { } } -__thread sigset_t sset_io_chld; void arch_reapChild(run_t* run) { - static const struct timespec ts = { - .tv_sec = 0L, - .tv_nsec = 250000000L, - }; for (;;) { - int sig = sigtimedwait(&sset_io_chld, NULL, &ts); + static const struct timespec ts = { + .tv_sec = 0L, + .tv_nsec = 250000000L, + }; + int sig = sigtimedwait(&run->global->linux.waitSigSet, NULL, &ts); if (sig == -1 && (errno != EAGAIN && errno != EINTR)) { PLOG_F("sigtimedwait(SIGIO|SIGCHLD, 0.25s)"); } @@ -382,8 +381,17 @@ bool arch_archInit(honggfuzz_t* hfuzz) { return false; } - __attribute__((weak)) const char* gnu_get_libc_version(void); + /* + * Set the bitmask (once) of interesting signals, that this thread will be waiting for + * (with sigsuspend). Do it once here, to save precious CPU cycles, as this cannot be + * a statically initialized const variable + */ + sigemptyset(&hfuzz->linux.waitSigSet); + sigaddset(&hfuzz->linux.waitSigSet, SIGIO); + sigaddset(&hfuzz->linux.waitSigSet, SIGCHLD); + for (;;) { + __attribute__((weak)) const char* gnu_get_libc_version(void); if (!gnu_get_libc_version) { LOG_W("Unknown libc implementation. Using clone() instead of fork()"); break; @@ -525,9 +533,5 @@ bool arch_archThreadInit(run_t* run) { run->linux.cpuBranchFd = -1; run->linux.cpuIptBtsFd = -1; - sigemptyset(&sset_io_chld); - sigaddset(&sset_io_chld, SIGIO); - sigaddset(&sset_io_chld, SIGCHLD); - return true; } @@ -298,24 +298,23 @@ pid_t arch_fork(run_t* run HF_ATTR_UNUSED) { return fork(); } bool arch_launchChild(run_t* run) { #define ARGS_MAX 512 const char* args[ARGS_MAX + 2]; - char argData[PATH_MAX] = {0}; - int x; + char argData[PATH_MAX]; - for (x = 0; x < ARGS_MAX && run->global->exe.cmdline[x]; x++) { - if (!run->global->exe.fuzzStdin && - strcmp(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER) == 0) { - args[x] = run->fileName; - } else if (!run->global->exe.fuzzStdin && - strstr(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER)) { + int x; + for (x = 0; x < ARGS_MAX && x < run->global->exe.argc; x++) { + if (run->global->persistent || run->global->exe.fuzzStdin) { + args[x] = run->global->exe.cmdline[x]; + } else if (!strcmp(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER)) { + args[x] = (char*)run->fileName; + } else if (strstr(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER)) { const char* off = strstr(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER); - snprintf(argData, PATH_MAX, "%.*s%s", (int)(off - run->global->exe.cmdline[x]), + snprintf(argData, sizeof(argData), "%.*s%s", (int)(off - run->global->exe.cmdline[x]), run->global->exe.cmdline[x], run->fileName); args[x] = argData; } else { args[x] = run->global->exe.cmdline[x]; } } - args[x++] = NULL; LOG_D("Launching '%s' on file '%s'", args[0], run->fileName); diff --git a/posix/arch.c b/posix/arch.c index 1de289b8..57868180 100644 --- a/posix/arch.c +++ b/posix/arch.c @@ -150,24 +150,23 @@ pid_t arch_fork(run_t* fuzzer HF_ATTR_UNUSED) { return fork(); } bool arch_launchChild(run_t* run) { #define ARGS_MAX 512 const char* args[ARGS_MAX + 2]; - char argData[PATH_MAX] = {0}; - int x; + char argData[PATH_MAX]; - for (x = 0; x < ARGS_MAX && run->global->exe.cmdline[x]; x++) { - if (!run->global->exe.fuzzStdin && - strcmp(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER) == 0) { - args[x] = run->fileName; - } else if (!run->global->exe.fuzzStdin && - strstr(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER)) { + int x; + for (x = 0; x < ARGS_MAX && x < run->global->exe.argc; x++) { + if (run->global->persistent || run->global->exe.fuzzStdin) { + args[x] = run->global->exe.cmdline[x]; + } else if (!strcmp(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER)) { + args[x] = (char*)run->fileName; + } else if (strstr(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER)) { const char* off = strstr(run->global->exe.cmdline[x], _HF_FILE_PLACEHOLDER); - snprintf(argData, PATH_MAX, "%.*s%s", (int)(off - run->global->exe.cmdline[x]), + snprintf(argData, sizeof(argData), "%.*s%s", (int)(off - run->global->exe.cmdline[x]), run->global->exe.cmdline[x], run->fileName); args[x] = argData; } else { args[x] = run->global->exe.cmdline[x]; } } - args[x++] = NULL; LOG_D("Launching '%s' on file '%s'", args[0], run->fileName); @@ -215,13 +215,13 @@ static bool subproc_PrepareExecv(run_t* run) { if (run->global->bbFd != -1) { if (dup2(run->global->bbFd, _HF_BITMAP_FD) == -1) { - PLOG_F("dup2('%d', %d)", run->global->bbFd, _HF_BITMAP_FD); + PLOG_E("dup2('%d', %d)", run->global->bbFd, _HF_BITMAP_FD); + return false; } - close(run->global->bbFd); } if (dup2(run->dynamicFileFd, _HF_INPUT_FD) == -1) { - PLOG_F("dup2('%d', %d)", run->dynamicFileFd, _HF_INPUT_FD); + PLOG_E("dup2('%d', %d)", run->dynamicFileFd, _HF_INPUT_FD); } sigset_t sset; |