code format
diff --git a/examples/custom_mutators/example.c b/examples/custom_mutators/example.c
index 8a45d87..4b0a461 100644
--- a/examples/custom_mutators/example.c
+++ b/examples/custom_mutators/example.c
@@ -149,6 +149,7 @@
data->pre_save_size = buf_size + 5;
}
+
*out_buf = data->pre_save_buf;
memcpy(*out_buf + 5, buf, buf_size);
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h
index 2154d86..32eaf4a 100644
--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@@ -583,27 +583,26 @@
u8 clean_trace_custom[MAP_SIZE];
u8 first_trace[MAP_SIZE];
-/*needed for afl_fuzz_one */
-// TODO: see which we can reuse
- u8 *out_buf;
+ /*needed for afl_fuzz_one */
+ // TODO: see which we can reuse
+ u8 * out_buf;
size_t out_size;
- u8 *out_scratch_buf;
+ u8 * out_scratch_buf;
size_t out_scratch_size;
- u8 *eff_buf;
+ u8 * eff_buf;
size_t eff_size;
- u8 *in_buf;
+ u8 * in_buf;
size_t in_size;
- u8 *in_scratch_buf;
+ u8 * in_scratch_buf;
size_t in_scratch_size;
- u8 *ex_buf;
+ u8 * ex_buf;
size_t ex_size;
-
} afl_state_t;
/* A global pointer to all instances is needed (for now) for signals to arrive
diff --git a/include/alloc-inl.h b/include/alloc-inl.h
index 75b038c..92d29c1 100644
--- a/include/alloc-inl.h
+++ b/include/alloc-inl.h
@@ -774,7 +774,8 @@
Will FATAL if size_needed is <1 or *size is negative.
@return For convenience, this function returns *buf.
*/
-static inline void *ck_maybe_grow(void **buf, size_t *size, size_t size_needed) {
+static inline void *ck_maybe_grow(void **buf, size_t *size,
+ size_t size_needed) {
/* Oops. found a bug? */
if (unlikely(size_needed < 1)) FATAL("cannot grow to non-positive size");
@@ -785,21 +786,27 @@
/* No inital size was set */
if (*size == 0) *size = INITIAL_GROWTH_SIZE;
while (*size < size_needed) {
+
*size *= 2;
+
}
+
*buf = ck_realloc(*buf, *size);
return *buf;
}
/* Swaps buf1 ptr and buf2 ptr, as well as their sizes */
-static inline void swap_bufs(void **buf1, size_t *size1, void **buf2, size_t *size2) {
- void *scratch_buf = *buf1;
+static inline void swap_bufs(void **buf1, size_t *size1, void **buf2,
+ size_t *size2) {
+
+ void * scratch_buf = *buf1;
size_t scratch_size = *size1;
*buf1 = *buf2;
*size1 = *size2;
*buf2 = scratch_buf;
*size2 = scratch_size;
+
}
#undef INITIAL_GROWTH_SIZE
diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c
index c45c879..99bc8d0 100644
--- a/llvm_mode/afl-clang-fast.c
+++ b/llvm_mode/afl-clang-fast.c
@@ -397,15 +397,15 @@
if (getenv("AFL_USE_CFISAN")) {
- if (!lto_mode) {
-
+ if (!lto_mode) {
+
uint32_t i = 0, found = 0;
while (envp[i] != NULL && !found)
- if (strncmp("-flto", envp[i++], 5) == 0)
- found = 1;
+ if (strncmp("-flto", envp[i++], 5) == 0) found = 1;
if (!found) cc_params[cc_par_cnt++] = "-flto";
-
+
}
+
cc_params[cc_par_cnt++] = "-fsanitize=cfi";
cc_params[cc_par_cnt++] = "-fvisibility=hidden";
diff --git a/llvm_mode/afl-llvm-pass.so.cc b/llvm_mode/afl-llvm-pass.so.cc
index 1c0a3c9..f6ead9e 100644
--- a/llvm_mode/afl-llvm-pass.so.cc
+++ b/llvm_mode/afl-llvm-pass.so.cc
@@ -132,8 +132,11 @@
char AFLCoverage::ID = 0;
/* needed up to 3.9.0 */
-#if LLVM_VERSION_MAJOR == 3 && (LLVM_VERSION_MINOR < 9 || (LLVM_VERSION_MINOR == 9 && LLVM_VERSION_PATCH < 1))
+#if LLVM_VERSION_MAJOR == 3 && \
+ (LLVM_VERSION_MINOR < 9 || \
+ (LLVM_VERSION_MINOR == 9 && LLVM_VERSION_PATCH < 1))
uint64_t PowerOf2Ceil(unsigned in) {
+
uint64_t in64 = in - 1;
in64 |= (in64 >> 1);
in64 |= (in64 >> 2);
@@ -142,7 +145,9 @@
in64 |= (in64 >> 16);
in64 |= (in64 >> 32);
return in64 + 1;
+
}
+
#endif
bool AFLCoverage::runOnModule(Module &M) {
diff --git a/src/afl-fuzz-bitmap.c b/src/afl-fuzz-bitmap.c
index bb01ad2..8ca286b 100644
--- a/src/afl-fuzz-bitmap.c
+++ b/src/afl-fuzz-bitmap.c
@@ -31,7 +31,7 @@
void write_bitmap(afl_state_t *afl) {
- u8 fname[PATH_MAX];
+ u8 fname[PATH_MAX];
s32 fd;
if (!afl->bitmap_changed) return;
@@ -461,7 +461,7 @@
static void write_crash_readme(afl_state_t *afl) {
- u8 fn[PATH_MAX];
+ u8 fn[PATH_MAX];
s32 fd;
FILE *f;
@@ -558,12 +558,13 @@
#ifndef SIMPLE_FILES
- queue_fn = alloc_printf("%s/queue/id:%06u,%s", afl->out_dir, afl->queued_paths,
- describe_op(afl, hnb));
+ queue_fn = alloc_printf("%s/queue/id:%06u,%s", afl->out_dir,
+ afl->queued_paths, describe_op(afl, hnb));
#else
- queue_fn = alloc_printf("%s/queue/id_%06u", afl->out_dir, afl->queued_paths);
+ queue_fn =
+ alloc_printf("%s/queue/id_%06u", afl->out_dir, afl->queued_paths);
#endif /* ^!SIMPLE_FILES */
@@ -645,11 +646,12 @@
#ifndef SIMPLE_FILES
snprintf(fn, PATH_MAX, "%s/hangs/id:%06llu,%s", afl->out_dir,
- afl->unique_hangs, describe_op(afl, 0));
+ afl->unique_hangs, describe_op(afl, 0));
#else
- snprintf(fn, PATH_MAX, "%s/hangs/id_%06llu", afl->out_dir, afl->unique_hangs);
+ snprintf(fn, PATH_MAX, "%s/hangs/id_%06llu", afl->out_dir,
+ afl->unique_hangs);
#endif /* ^!SIMPLE_FILES */
@@ -687,11 +689,13 @@
#ifndef SIMPLE_FILES
- snprintf(fn, PATH_MAX, "%s/crashes/id:%06llu,sig:%02u,%s", afl->out_dir, afl->unique_crashes, afl->kill_signal, describe_op(afl, 0));
+ snprintf(fn, PATH_MAX, "%s/crashes/id:%06llu,sig:%02u,%s", afl->out_dir,
+ afl->unique_crashes, afl->kill_signal, describe_op(afl, 0));
#else
- snprintf(fn, PATH_MAX, "%s/crashes/id_%06llu_%02u", afl->out_dir, afl->unique_crashes, afl->kill_signal);
+ snprintf(fn, PATH_MAX, "%s/crashes/id_%06llu_%02u", afl->out_dir,
+ afl->unique_crashes, afl->kill_signal);
#endif /* ^!SIMPLE_FILES */
diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c
index 1033c58..1909220 100644
--- a/src/afl-fuzz-init.c
+++ b/src/afl-fuzz-init.c
@@ -76,7 +76,7 @@
while ((de = readdir(d))) {
- u8 fn[PATH_MAX];
+ u8 fn[PATH_MAX];
FILE *f;
u8 tmp[MAX_LINE];
u8 has_vmsize = 0;
@@ -85,11 +85,7 @@
snprintf(fn, PATH_MAX, "/proc/%s/status", de->d_name);
- if (!(f = fopen(fn, "r"))) {
-
- continue;
-
- }
+ if (!(f = fopen(fn, "r"))) { continue; }
while (fgets(tmp, MAX_LINE, f)) {
@@ -368,7 +364,8 @@
struct stat st;
u8 dfn[PATH_MAX];
- snprintf(dfn, PATH_MAX, "%s/.state/deterministic_done/%s", afl->in_dir, nl[i]->d_name);
+ snprintf(dfn, PATH_MAX, "%s/.state/deterministic_done/%s", afl->in_dir,
+ nl[i]->d_name);
u8 *fn2 = alloc_printf("%s/%s", afl->in_dir, nl[i]->d_name);
u8 passed_det = 0;
diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c
index 6c1d69a..c731ebc 100644
--- a/src/afl-fuzz-one.c
+++ b/src/afl-fuzz-one.c
@@ -1957,7 +1957,9 @@
clone_to = rand_below(afl, temp_len);
- new_buf = ck_maybe_grow((void **)&afl->out_scratch_buf, &afl->out_scratch_size, temp_len + clone_len);
+ new_buf =
+ ck_maybe_grow((void **)&afl->out_scratch_buf,
+ &afl->out_scratch_size, temp_len + clone_len);
/* Head */
@@ -1977,8 +1979,8 @@
memcpy(new_buf + clone_to + clone_len, out_buf + clone_to,
temp_len - clone_to);
-
- swap_bufs((void **)&afl->out_buf, &afl->out_size, (void **)&afl->out_scratch_buf, &afl->out_scratch_size);
+ swap_bufs((void **)&afl->out_buf, &afl->out_size,
+ (void **)&afl->out_scratch_buf, &afl->out_scratch_size);
out_buf = new_buf;
temp_len += clone_len;
@@ -2072,7 +2074,8 @@
if (temp_len + extra_len >= MAX_FILE) break;
- new_buf = ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + extra_len);
+ new_buf =
+ ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + extra_len);
/* Head */
memcpy(new_buf, out_buf, insert_at);
@@ -2088,7 +2091,8 @@
if (temp_len + extra_len >= MAX_FILE) break;
- new_buf = ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + extra_len);
+ new_buf =
+ ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + extra_len);
/* Head */
memcpy(new_buf, out_buf, insert_at);
@@ -2236,11 +2240,7 @@
locate_diffs(in_buf, new_buf, MIN(len, target->len), &f_diff, &l_diff);
- if (f_diff < 0 || l_diff < 2 || f_diff == l_diff) {
-
- goto retry_splicing;
-
- }
+ if (f_diff < 0 || l_diff < 2 || f_diff == l_diff) { goto retry_splicing; }
/* Split somewhere between the first and last differing byte. */
@@ -2308,11 +2308,7 @@
}
- if (common_fuzz_stuff(afl, tmp_buf, temp_len)) {
-
- goto abandon_entry;
-
- }
+ if (common_fuzz_stuff(afl, tmp_buf, temp_len)) { goto abandon_entry; }
}
@@ -3885,7 +3881,8 @@
clone_to = rand_below(afl, temp_len);
- new_buf = ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + clone_len);
+ new_buf = ck_maybe_grow(BUF_PARAMS(out_scratch),
+ temp_len + clone_len);
/* Head */
@@ -4399,7 +4396,6 @@
return key_val_lv;
-
#undef BUF_PARAMS
}
diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c
index b5ae125..4f1bd04 100644
--- a/src/afl-fuzz-queue.c
+++ b/src/afl-fuzz-queue.c
@@ -30,10 +30,11 @@
void mark_as_det_done(afl_state_t *afl, struct queue_entry *q) {
- u8 fn[PATH_MAX];
+ u8 fn[PATH_MAX];
s32 fd;
- snprintf(fn, PATH_MAX, "%s/queue/.state/deterministic_done/%s", afl->out_dir, strrchr(q->fname, '/') + 1);
+ snprintf(fn, PATH_MAX, "%s/queue/.state/deterministic_done/%s", afl->out_dir,
+ strrchr(q->fname, '/') + 1);
fd = open(fn, O_WRONLY | O_CREAT | O_EXCL, 0600);
if (fd < 0) PFATAL("Unable to create '%s'", fn);
@@ -79,7 +80,8 @@
q->fs_redundant = state;
- sprintf(fn, "%s/queue/.state/redundant_edges/%s", afl->out_dir, strrchr(q->fname, '/') + 1);
+ sprintf(fn, "%s/queue/.state/redundant_edges/%s", afl->out_dir,
+ strrchr(q->fname, '/') + 1);
if (state) {
diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c
index d640383..7fde2fd 100644
--- a/src/afl-fuzz-stats.c
+++ b/src/afl-fuzz-stats.c
@@ -33,7 +33,7 @@
struct rusage rus;
unsigned long long int cur_time = get_cur_time();
- u8 fn[PATH_MAX];
+ u8 fn[PATH_MAX];
s32 fd;
FILE * f;
