fix getc model in dfsan

AngoraFuzzer · Apr 13, 2022 · 383edbd · 383edbd
1 parent b31af93
commit 383edbd
Show file tree

Hide file tree

Showing 6 changed files with 23 additions and 12 deletions.
diff --git a/fuzzer/src/bind_cpu.rs b/fuzzer/src/bind_cpu.rs
@@ -1,6 +1,3 @@
-use angora_common::defs;
-use libc;
-use num_cpus;
 use std::{env, fs::File, io::prelude::*, mem, path::Path};
 
 #[cfg(target_os = "linux")]
@@ -46,7 +43,7 @@ pub fn find_free_cpus(_ask_num: usize) -> Vec<usize> {
 #[cfg(target_os = "linux")]
 pub fn find_free_cpus(ask_num: usize) -> Vec<usize> {
     let mut free_cpus = vec![];
-    if env::var(defs::DISABLE_CPU_BINDING_VAR).is_ok() {
+    if env::var(angora_common::defs::DISABLE_CPU_BINDING_VAR).is_ok() {
         return free_cpus;
     }
 

diff --git a/fuzzer/src/check_dep.rs b/fuzzer/src/check_dep.rs
@@ -19,7 +19,7 @@ fn check_crash_handling() {
     f.read_to_string(&mut buffer).unwrap();
     // if buffer.trim() != "core" {
     if buffer.starts_with('|') {
-        panic!(CHECK_CRASH_MSG);
+        panic!("{}", CHECK_CRASH_MSG);
     }
 }
 

diff --git a/fuzzer/src/executor/forksrv.rs b/fuzzer/src/executor/forksrv.rs
@@ -23,7 +23,6 @@ pub struct Forksrv {
     path: String,
     pub socket: UnixStream,
     uses_asan: bool,
-    is_stdin: bool,
 }
 
 impl Forksrv {
@@ -89,7 +88,6 @@ impl Forksrv {
             path: socket_path.to_owned(),
             socket,
             uses_asan,
-            is_stdin,
         }
     }
 
@@ -137,8 +135,8 @@ impl Forksrv {
                         return StatusType::Error;
                     },
                 };
-                let exit_code = unsafe { libc::WEXITSTATUS(status) };
-                let signaled = unsafe { libc::WIFSIGNALED(status) };
+                let exit_code = libc::WEXITSTATUS(status) ;
+                let signaled = libc::WIFSIGNALED(status) ;
                 if signaled || (self.uses_asan && exit_code == MSAN_ERROR_CODE) {
                     debug!("Crash code: {}", status);
                     StatusType::Crash

diff --git a/llvm_mode/external_lib/io_func.c b/llvm_mode/external_lib/io_func.c
@@ -330,6 +330,22 @@ int __dfsw__IO_getc(FILE *fd, dfsan_label fd_label, dfsan_label *ret_label) {
   return c;
 }
 
+DEFAULT_VISIBILITY
+int __dfsw_getc(FILE *fd, dfsan_label fd_label, dfsan_label *ret_label) {
+  long offset = ftell(fd);
+  int c = getc(fd);
+  *ret_label = 0;
+#ifdef DEBUG_INFO
+  fprintf(stderr, "### getc %p, range is %ld, 1 , c is %d\n", fd, offset,
+          c);
+#endif
+  if (is_fuzzing_ffd(fd) && c != EOF) {
+    dfsan_label l = dfsan_create_label(offset);
+    *ret_label = l;
+  }
+  return c;
+}
+
 DEFAULT_VISIBILITY
 int __dfsw_getchar(dfsan_label *ret_label) {
   long offset = ftell(stdin);

diff --git a/llvm_mode/rules/angora_abilist.txt b/llvm_mode/rules/angora_abilist.txt
@@ -97,8 +97,8 @@ fun:__fxstat=custom
 
 # getc may be implemented as a macro
 ## some getc may be optimizted to __uflow ..
-# fun:getc=uninstrumented
-# fun:getc=custom
+fun:getc=uninstrumented
+fun:getc=custom
 fun:_IO_getc=uninstrumented
 fun:_IO_getc=custom
 # fun:getchar=uninstrumented

diff --git a/runtime/src/tag_set.rs b/runtime/src/tag_set.rs
@@ -1,4 +1,4 @@
-const VEC_CAP: usize = (1 << 16);
+const VEC_CAP: usize = 1 << 16;
 const LABEL_WITDH: u32 = 22;
 const MAX_LB: usize = (1 << LABEL_WITDH) - 1;
 const ROOT: usize = 0;