| OLD | NEW |
| 1 /* | 1 /* |
| 2 american fuzzy lop - LLVM-mode wrapper for clang | 2 american fuzzy lop - LLVM-mode wrapper for clang |
| 3 ------------------------------------------------ | 3 ------------------------------------------------ |
| 4 | 4 |
| 5 Written by Laszlo Szekeres <lszekeres@google.com> and | 5 Written by Laszlo Szekeres <lszekeres@google.com> and |
| 6 Michal Zalewski <lcamtuf@google.com> | 6 Michal Zalewski <lcamtuf@google.com> |
| 7 | 7 |
| 8 LLVM integration design comes from Laszlo Szekeres. | 8 LLVM integration design comes from Laszlo Szekeres. |
| 9 | 9 |
| 10 Copyright 2015, 2016 Google Inc. All rights reserved. | 10 Copyright 2015, 2016 Google Inc. All rights reserved. |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 92 } | 92 } |
| 93 | 93 |
| 94 | 94 |
| 95 /* Copy argv to cc_params, making the necessary edits. */ | 95 /* Copy argv to cc_params, making the necessary edits. */ |
| 96 | 96 |
| 97 static void edit_params(u32 argc, char** argv) { | 97 static void edit_params(u32 argc, char** argv) { |
| 98 | 98 |
| 99 u8 fortify_set = 0, asan_set = 0, x_set = 0, maybe_linking = 1, bit_mode = 0; | 99 u8 fortify_set = 0, asan_set = 0, x_set = 0, maybe_linking = 1, bit_mode = 0; |
| 100 u8 *name; | 100 u8 *name; |
| 101 | 101 |
| 102 cc_params = ck_alloc((argc + 64) * sizeof(u8*)); | 102 cc_params = ck_alloc((argc + 128) * sizeof(u8*)); |
| 103 | 103 |
| 104 name = strrchr(argv[0], '/'); | 104 name = strrchr(argv[0], '/'); |
| 105 if (!name) name = argv[0]; else name++; | 105 if (!name) name = argv[0]; else name++; |
| 106 | 106 |
| 107 if (!strcmp(name, "afl-clang-fast++")) { | 107 if (!strcmp(name, "afl-clang-fast++")) { |
| 108 u8* alt_cxx = getenv("AFL_CXX"); | 108 u8* alt_cxx = getenv("AFL_CXX"); |
| 109 cc_params[0] = alt_cxx ? alt_cxx : (u8*)"clang++"; | 109 cc_params[0] = alt_cxx ? alt_cxx : (u8*)"clang++"; |
| 110 } else { | 110 } else { |
| 111 u8* alt_cc = getenv("AFL_CC"); | 111 u8* alt_cc = getenv("AFL_CC"); |
| 112 cc_params[0] = alt_cc ? alt_cc : (u8*)"clang"; | 112 cc_params[0] = alt_cc ? alt_cc : (u8*)"clang"; |
| (...skipping 10 matching lines...) Expand all Loading... |
| 123 cc_params[cc_par_cnt++] = "-fsanitize-coverage=bb,trace-pc"; | 123 cc_params[cc_par_cnt++] = "-fsanitize-coverage=bb,trace-pc"; |
| 124 #else | 124 #else |
| 125 cc_params[cc_par_cnt++] = "-Xclang"; | 125 cc_params[cc_par_cnt++] = "-Xclang"; |
| 126 cc_params[cc_par_cnt++] = "-load"; | 126 cc_params[cc_par_cnt++] = "-load"; |
| 127 cc_params[cc_par_cnt++] = "-Xclang"; | 127 cc_params[cc_par_cnt++] = "-Xclang"; |
| 128 cc_params[cc_par_cnt++] = alloc_printf("%s/afl-llvm-pass.so", obj_path); | 128 cc_params[cc_par_cnt++] = alloc_printf("%s/afl-llvm-pass.so", obj_path); |
| 129 #endif /* ^USE_TRACE_PC */ | 129 #endif /* ^USE_TRACE_PC */ |
| 130 | 130 |
| 131 cc_params[cc_par_cnt++] = "-Qunused-arguments"; | 131 cc_params[cc_par_cnt++] = "-Qunused-arguments"; |
| 132 | 132 |
| 133 /* Detect stray -v calls from ./configure scripts. */ |
| 134 |
| 135 if (argc == 1 && !strcmp(argv[1], "-v")) maybe_linking = 0; |
| 136 |
| 133 while (--argc) { | 137 while (--argc) { |
| 134 u8* cur = *(++argv); | 138 u8* cur = *(++argv); |
| 135 | 139 |
| 136 if (!strcmp(cur, "-m32")) bit_mode = 32; | 140 if (!strcmp(cur, "-m32")) bit_mode = 32; |
| 137 if (!strcmp(cur, "-m64")) bit_mode = 64; | 141 if (!strcmp(cur, "-m64")) bit_mode = 64; |
| 138 | 142 |
| 139 if (!strcmp(cur, "-x")) x_set = 1; | 143 if (!strcmp(cur, "-x")) x_set = 1; |
| 140 | 144 |
| 141 if (!strcmp(cur, "-c") || !strcmp(cur, "-S") || !strcmp(cur, "-E") || | 145 if (!strcmp(cur, "-c") || !strcmp(cur, "-S") || !strcmp(cur, "-E")) |
| 142 !strcmp(cur, "-v")) maybe_linking = 0; | 146 maybe_linking = 0; |
| 143 | 147 |
| 144 if (!strcmp(cur, "-fsanitize=address") || | 148 if (!strcmp(cur, "-fsanitize=address") || |
| 145 !strcmp(cur, "-fsanitize=memory")) asan_set = 1; | 149 !strcmp(cur, "-fsanitize=memory")) asan_set = 1; |
| 146 | 150 |
| 147 if (strstr(cur, "FORTIFY_SOURCE")) fortify_set = 1; | 151 if (strstr(cur, "FORTIFY_SOURCE")) fortify_set = 1; |
| 148 | 152 |
| 149 if (!strcmp(cur, "-shared")) maybe_linking = 0; | 153 if (!strcmp(cur, "-shared")) maybe_linking = 0; |
| 150 | 154 |
| 151 cc_params[cc_par_cnt++] = cur; | 155 cc_params[cc_par_cnt++] = cur; |
| 152 | 156 |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 189 #endif /* USE_TRACE_PC */ | 193 #endif /* USE_TRACE_PC */ |
| 190 | 194 |
| 191 if (!getenv("AFL_DONT_OPTIMIZE")) { | 195 if (!getenv("AFL_DONT_OPTIMIZE")) { |
| 192 | 196 |
| 193 cc_params[cc_par_cnt++] = "-g"; | 197 cc_params[cc_par_cnt++] = "-g"; |
| 194 cc_params[cc_par_cnt++] = "-O3"; | 198 cc_params[cc_par_cnt++] = "-O3"; |
| 195 cc_params[cc_par_cnt++] = "-funroll-loops"; | 199 cc_params[cc_par_cnt++] = "-funroll-loops"; |
| 196 | 200 |
| 197 } | 201 } |
| 198 | 202 |
| 203 if (getenv("AFL_NO_BUILTIN")) { |
| 204 |
| 205 cc_params[cc_par_cnt++] = "-fno-builtin-strcmp"; |
| 206 cc_params[cc_par_cnt++] = "-fno-builtin-strncmp"; |
| 207 cc_params[cc_par_cnt++] = "-fno-builtin-strcasecmp"; |
| 208 cc_params[cc_par_cnt++] = "-fno-builtin-strncasecmp"; |
| 209 cc_params[cc_par_cnt++] = "-fno-builtin-memcmp"; |
| 210 |
| 211 } |
| 212 |
| 199 cc_params[cc_par_cnt++] = "-D__AFL_HAVE_MANUAL_CONTROL=1"; | 213 cc_params[cc_par_cnt++] = "-D__AFL_HAVE_MANUAL_CONTROL=1"; |
| 200 cc_params[cc_par_cnt++] = "-D__AFL_COMPILER=1"; | 214 cc_params[cc_par_cnt++] = "-D__AFL_COMPILER=1"; |
| 201 cc_params[cc_par_cnt++] = "-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION=1"; | 215 cc_params[cc_par_cnt++] = "-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION=1"; |
| 202 | 216 |
| 203 /* When the user tries to use persistent or deferred forkserver modes by | 217 /* When the user tries to use persistent or deferred forkserver modes by |
| 204 appending a single line to the program, we want to reliably inject a | 218 appending a single line to the program, we want to reliably inject a |
| 205 signature into the binary (to be picked up by afl-fuzz) and we want | 219 signature into the binary (to be picked up by afl-fuzz) and we want |
| 206 to call a function from the runtime .o file. This is unnecessarily | 220 to call a function from the runtime .o file. This is unnecessarily |
| 207 painful for three reasons: | 221 painful for three reasons: |
| 208 | 222 |
| (...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 318 | 332 |
| 319 edit_params(argc, argv); | 333 edit_params(argc, argv); |
| 320 | 334 |
| 321 execvp(cc_params[0], (char**)cc_params); | 335 execvp(cc_params[0], (char**)cc_params); |
| 322 | 336 |
| 323 FATAL("Oops, failed to execute '%s' - check your PATH", cc_params[0]); | 337 FATAL("Oops, failed to execute '%s' - check your PATH", cc_params[0]); |
| 324 | 338 |
| 325 return 0; | 339 return 0; |
| 326 | 340 |
| 327 } | 341 } |
| OLD | NEW |