Skip to content

Commit a3125c3

Browse files
committed
fix afl-showmap shmmemleak
1 parent 224add0 commit a3125c3

File tree

2 files changed

+26
-7
lines changed

2 files changed

+26
-7
lines changed

docs/Changelog.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@
2727
* afl-cmin
2828
- work with input files that have a space
2929
* afl-showmap
30+
- fix memory leak on shmem testcase usage (thanks to @ndrewh)
3031
- minor fix to collect coverage -C (thanks to @bet4it)
3132
* enhanced the ASAN configuration
3233

src/afl-showmap.c

Lines changed: 25 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -225,8 +225,13 @@ static void at_exit_handler(void) {
225225

226226
if (remove_shm) {
227227

228+
remove_shm = false;
228229
if (shm.map) afl_shm_deinit(&shm);
229-
if (fsrv->use_shmem_fuzz) deinit_shmem(fsrv, shm_fuzz);
230+
if ((shm_fuzz && shm_fuzz->shmemfuzz_mode) || fsrv->use_shmem_fuzz) {
231+
232+
deinit_shmem(fsrv, shm_fuzz);
233+
234+
}
230235

231236
}
232237

@@ -1527,6 +1532,8 @@ int main(int argc, char **argv_orig, char **envp) {
15271532

15281533
/* initialize cmplog_mode */
15291534
shm_fuzz->cmplog_mode = 0;
1535+
atexit(at_exit_handler);
1536+
15301537
u8 *map = afl_shm_init(shm_fuzz, MAX_FILE + sizeof(u32), 1);
15311538
shm_fuzz->shmemfuzz_mode = true;
15321539
if (!map) { FATAL("BUG: Zero return from afl_shm_init."); }
@@ -1676,8 +1683,6 @@ int main(int argc, char **argv_orig, char **envp) {
16761683

16771684
}
16781685

1679-
atexit(at_exit_handler);
1680-
16811686
if (get_afl_env("AFL_DEBUG")) {
16821687

16831688
int j = optind;
@@ -1694,8 +1699,12 @@ int main(int argc, char **argv_orig, char **envp) {
16941699

16951700
map_size = fsrv->map_size;
16961701

1697-
if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz)
1702+
if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) {
1703+
16981704
shm_fuzz = deinit_shmem(fsrv, shm_fuzz);
1705+
shm_fuzz->shmemfuzz_mode = 0;
1706+
1707+
}
16991708

17001709
if (in_dir) {
17011710

@@ -1728,8 +1737,12 @@ int main(int argc, char **argv_orig, char **envp) {
17281737

17291738
} else {
17301739

1731-
if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz)
1740+
if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) {
1741+
17321742
shm_fuzz = deinit_shmem(fsrv, shm_fuzz);
1743+
shm_fuzz->shmemfuzz_mode = 0;
1744+
1745+
}
17331746

17341747
#ifdef __linux__
17351748
if (!fsrv->nyx_mode) {
@@ -1777,9 +1790,14 @@ int main(int argc, char **argv_orig, char **envp) {
17771790

17781791
}
17791792

1780-
remove_shm = 0;
1793+
remove_shm = false;
17811794
afl_shm_deinit(&shm);
1782-
if (fsrv->use_shmem_fuzz) shm_fuzz = deinit_shmem(fsrv, shm_fuzz);
1795+
if (fsrv->use_shmem_fuzz) {
1796+
1797+
shm_fuzz = deinit_shmem(fsrv, shm_fuzz);
1798+
shm_fuzz->shmemfuzz_mode = 0;
1799+
1800+
}
17831801

17841802
u32 ret;
17851803

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy