Lines Matching +full:dlclose +full:- +full:skip
2 american fuzzy lop++ - custom mutators related routines
3 -------------------------------------------------------
7 Now maintained by Marc Heuse <mh@mh-sec.de>,
13 Copyright 2019-2024 AFLplusplus Project. All rights reserved.
19 https://www.apache.org/licenses/LICENSE-2.0
27 #include "afl-fuzz.h"
37 if (afl->custom_mutators_count) { in run_afl_custom_queue_new_entry()
41 LIST_FOREACH(&afl->custom_mutator_list, struct custom_mutator, { in run_afl_custom_queue_new_entry()
43 if (el->afl_custom_queue_new_entry) { in run_afl_custom_queue_new_entry()
45 if (el->afl_custom_queue_new_entry(el->data, fname, mother_fname)) { in run_afl_custom_queue_new_entry()
65 q->len = st.st_size; in run_afl_custom_queue_new_entry()
77 u8 *fn = afl->afl_env.afl_custom_mutator_library; in setup_custom_mutators()
82 if (afl->limit_time_sig && afl->limit_time_sig != -1) in setup_custom_mutators()
93 list_append(&afl->custom_mutator_list, mutator); in setup_custom_mutators()
94 afl->custom_mutators_count++; in setup_custom_mutators()
102 if (afl->not_on_tty && afl->debug) in setup_custom_mutators()
104 prev_mutator_count = afl->custom_mutators_count; in setup_custom_mutators()
106 list_append(&afl->custom_mutator_list, mutator); in setup_custom_mutators()
107 afl->custom_mutators_count++; in setup_custom_mutators()
108 if (prev_mutator_count > afl->custom_mutators_count) in setup_custom_mutators()
122 u8 *module_name = afl->afl_env.afl_python_module; in setup_custom_mutators()
126 if (afl->limit_time_sig) { in setup_custom_mutators()
136 afl->custom_mutators_count++; in setup_custom_mutators()
137 list_append(&afl->custom_mutator_list, m); in setup_custom_mutators()
142 if (afl->afl_env.afl_python_module) { in setup_custom_mutators()
154 if (afl->custom_mutators_count) { in destroy_custom_mutators()
156 LIST_FOREACH_CLEAR(&afl->custom_mutator_list, struct custom_mutator, { in destroy_custom_mutators()
158 if (!el->data) { FATAL("Deintializing NULL mutator"); } in destroy_custom_mutators()
159 if (el->afl_custom_deinit) el->afl_custom_deinit(el->data); in destroy_custom_mutators()
160 if (el->dh) dlclose(el->dh); in destroy_custom_mutators()
162 if (el->post_process_buf) { in destroy_custom_mutators()
164 afl_free(el->post_process_buf); in destroy_custom_mutators()
165 el->post_process_buf = NULL; in destroy_custom_mutators()
184 mutator->name_short = strdup(strrchr(fn, '/') + 1); in load_custom_mutator()
188 mutator->name_short = strdup(fn); in load_custom_mutator()
192 if (strlen(mutator->name_short) > 22) { mutator->name_short[21] = 0; } in load_custom_mutator()
194 mutator->name = fn; in load_custom_mutator()
199 mutator->dh = dh; in load_custom_mutator()
203 mutator->afl_custom_init = dlsym(dh, "afl_custom_init"); in load_custom_mutator()
204 if (!mutator->afl_custom_init) { in load_custom_mutator()
211 mutator->afl_custom_fuzz = dlsym(dh, "afl_custom_fuzz"); in load_custom_mutator()
212 if (!mutator->afl_custom_fuzz) { in load_custom_mutator()
217 mutator->afl_custom_fuzz = dlsym(dh, "afl_custom_mutator"); in load_custom_mutator()
218 if (!mutator->afl_custom_fuzz) { in load_custom_mutator()
236 mutator->afl_custom_introspection = dlsym(dh, "afl_custom_introspection"); in load_custom_mutator()
237 if (!mutator->afl_custom_introspection) { in load_custom_mutator()
250 mutator->afl_custom_fuzz_count = dlsym(dh, "afl_custom_fuzz_count"); in load_custom_mutator()
251 if (!mutator->afl_custom_fuzz_count) { in load_custom_mutator()
262 mutator->afl_custom_deinit = dlsym(dh, "afl_custom_deinit"); in load_custom_mutator()
263 if (!mutator->afl_custom_deinit) { in load_custom_mutator()
270 mutator->afl_custom_post_process = dlsym(dh, "afl_custom_post_process"); in load_custom_mutator()
271 if (!mutator->afl_custom_post_process) { in load_custom_mutator()
283 mutator->afl_custom_init_trim = dlsym(dh, "afl_custom_init_trim"); in load_custom_mutator()
284 if (!mutator->afl_custom_init_trim) { in load_custom_mutator()
296 mutator->afl_custom_trim = dlsym(dh, "afl_custom_trim"); in load_custom_mutator()
297 if (!mutator->afl_custom_trim) { in load_custom_mutator()
309 mutator->afl_custom_post_trim = dlsym(dh, "afl_custom_post_trim"); in load_custom_mutator()
310 if (!mutator->afl_custom_post_trim) { in load_custom_mutator()
323 if (mutator->afl_custom_init_trim || mutator->afl_custom_trim || in load_custom_mutator()
324 mutator->afl_custom_post_trim) { in load_custom_mutator()
332 mutator->afl_custom_init_trim = NULL; in load_custom_mutator()
333 mutator->afl_custom_trim = NULL; in load_custom_mutator()
334 mutator->afl_custom_post_trim = NULL; in load_custom_mutator()
339 mutator->afl_custom_havoc_mutation = dlsym(dh, "afl_custom_havoc_mutation"); in load_custom_mutator()
340 if (!mutator->afl_custom_havoc_mutation) { in load_custom_mutator()
351 mutator->afl_custom_havoc_mutation_probability = in load_custom_mutator()
353 if (!mutator->afl_custom_havoc_mutation_probability) { in load_custom_mutator()
364 mutator->afl_custom_queue_get = dlsym(dh, "afl_custom_queue_get"); in load_custom_mutator()
365 if (!mutator->afl_custom_queue_get) { in load_custom_mutator()
376 mutator->afl_custom_splice_optout = dlsym(dh, "afl_custom_splice_optout"); in load_custom_mutator()
377 if (!mutator->afl_custom_splice_optout) { in load_custom_mutator()
384 afl->custom_splice_optout = 1; in load_custom_mutator()
389 mutator->afl_custom_fuzz_send = dlsym(dh, "afl_custom_fuzz_send"); in load_custom_mutator()
390 if (!mutator->afl_custom_fuzz_send) { in load_custom_mutator()
401 mutator->afl_custom_post_run = dlsym(dh, "afl_custom_post_run"); in load_custom_mutator()
402 if (!mutator->afl_custom_post_run) { in load_custom_mutator()
413 mutator->afl_custom_queue_new_entry = dlsym(dh, "afl_custom_queue_new_entry"); in load_custom_mutator()
414 if (!mutator->afl_custom_queue_new_entry) { in load_custom_mutator()
425 mutator->afl_custom_describe = dlsym(dh, "afl_custom_describe"); in load_custom_mutator()
426 if (!mutator->afl_custom_describe) { in load_custom_mutator()
439 if (mutator->afl_custom_init) { in load_custom_mutator()
441 mutator->data = mutator->afl_custom_init(afl, rand_below(afl, 0xFFFFFFFF)); in load_custom_mutator()
445 mutator->stacked_custom = (mutator && mutator->afl_custom_havoc_mutation); in load_custom_mutator()
446 mutator->stacked_custom_prob = in load_custom_mutator()
458 u32 orig_len = q->len; in trim_case_custom()
464 afl->stage_name = afl->stage_name_buf; in trim_case_custom()
465 afl->bytes_trim_in += q->len; in trim_case_custom()
468 afl->stage_cur = 0; in trim_case_custom()
469 s32 retval = mutator->afl_custom_init_trim(mutator->data, in_buf, q->len); in trim_case_custom()
476 afl->stage_max = retval; in trim_case_custom()
480 if (afl->not_on_tty && afl->debug) { in trim_case_custom()
482 SAYF("[Custom Trimming] START: Max %u iterations, %u bytes", afl->stage_max, in trim_case_custom()
483 q->len); in trim_case_custom()
487 while (afl->stage_cur < afl->stage_max) { in trim_case_custom()
491 sprintf(afl->stage_name_buf, "ptrim %s", in trim_case_custom()
496 size_t retlen = mutator->afl_custom_trim(mutator->data, &retbuf); in trim_case_custom()
514 if (afl->not_on_tty && afl->debug) { in trim_case_custom()
526 unsuccessful trimming and skip it, instead of aborting the trimming. */ in trim_case_custom()
528 ++afl->trim_execs; in trim_case_custom()
538 ++afl->trim_execs; in trim_case_custom()
542 fault = fuzz_run_target(afl, &afl->fsrv, afl->fsrv.exec_tmout); in trim_case_custom()
543 ++afl->trim_execs; in trim_case_custom()
545 if (afl->stop_soon || fault == FSRV_RUN_ERROR) { goto abort_trimming; } in trim_case_custom()
547 classify_counts(&afl->fsrv); in trim_case_custom()
548 cksum = hash64(afl->fsrv.trace_bits, afl->fsrv.map_size, HASH_CONST); in trim_case_custom()
554 if (likely(retlen && cksum == q->exec_cksum)) { in trim_case_custom()
562 memcpy(afl->clean_trace_custom, afl->fsrv.trace_bits, in trim_case_custom()
563 afl->fsrv.map_size); in trim_case_custom()
579 afl->stage_cur = mutator->afl_custom_post_trim(mutator->data, 1); in trim_case_custom()
581 if (afl->not_on_tty && afl->debug) { in trim_case_custom()
584 afl->stage_cur, afl->stage_max, out_len); in trim_case_custom()
591 s32 retval2 = mutator->afl_custom_post_trim(mutator->data, 0); in trim_case_custom()
598 afl->stage_cur = retval2; in trim_case_custom()
602 if (afl->not_on_tty && afl->debug) { in trim_case_custom()
604 SAYF("[Custom Trimming] FAILURE: %u/%u iterations", afl->stage_cur, in trim_case_custom()
605 afl->stage_max); in trim_case_custom()
613 if (!(trim_exec++ % afl->stats_update_freq)) { show_stats(afl); } in trim_case_custom()
617 /* If we have made changes, we also need to update the on-disk in trim_case_custom()
624 unlink(q->fname); /* ignore errors */ in trim_case_custom()
626 fd = open(q->fname, O_WRONLY | O_CREAT | O_EXCL, DEFAULT_PERMISSION); in trim_case_custom()
628 if (fd < 0) { PFATAL("Unable to create '%s'", q->fname); } in trim_case_custom()
630 ck_write(fd, out_buf, out_len, q->fname); in trim_case_custom()
635 also don't update q->len. */ in trim_case_custom()
636 q->len = out_len; in trim_case_custom()
638 memcpy(afl->fsrv.trace_bits, afl->clean_trace_custom, afl->fsrv.map_size); in trim_case_custom()
643 if (afl->not_on_tty && afl->debug) { in trim_case_custom()
645 SAYF("[Custom Trimming] DONE: %u bytes -> %u bytes", orig_len, q->len); in trim_case_custom()
652 afl->bytes_trim_out += q->len; in trim_case_custom()