Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
double free or corruption (!prev): 0xcafecafe

Andrea Fioraldi andreafioraldi

💭
double free or corruption (!prev): 0xcafecafe
View GitHub Profile
@andreafioraldi
andreafioraldi / nostd_rust_ctor.rs
Created Nov 28, 2020
Use rust ctor crate on no_std when producing an ELF
View nostd_rust_ctor.rs
#![no_std]
#![no_main]
extern crate libc;
#[ctor::ctor]
fn foo() {
unsafe { libc::puts("foo()\x00".as_ptr() as *const i8); }
}
View classes.c
#include <stdio.h>
#include <assert.h>
/* Macro magic, you don't have to understand, just believe. */
#define AFL_MAGIC_FIRST_(a, ...) a
#define AFL_MAGIC_SECOND_(a, b, ...) b
#define AFL_MAGIC_FIRST(...) AFL_MAGIC_FIRST_(__VA_ARGS__,)
#define AFL_MAGIC_SECOND(...) AFL_MAGIC_SECOND_(__VA_ARGS__,)
View bind.rs
/* automatically generated by rust-bindgen 0.55.1 */
#[doc = " class Object"]
pub type afl_object_t = afl_object;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct afl_object_vtable {
pub _base_vptr: *mut afl_object_vtable,
pub _create_wrapper: ::std::option::Option<
unsafe extern "C" fn(arg1: *mut ::std::os::raw::c_void) -> *mut ::std::os::raw::c_void,
View c_objects.c
#include <stdio.h>
#define INHERITS(type) struct type _base;
#define BASE_CAST(ptr) (&(ptr)->_base)
#define VTABLE_INHERITS(type) struct type##_vtable _base;
#define VTABLE_INIT_BASE_VPTR(type) \
._base_vptr = (struct afl_object_vtable*)&type##_vtable_instance
#define VTABLE_OF(type, ptr) ((struct type##_vtable*)(((struct afl_object*)(ptr))->vptr))
@andreafioraldi
andreafioraldi / cpp_c.cc
Last active Oct 5, 2020
C to C++ and back
View cpp_c.cc
#include <stdio.h>
#include <stdlib.h>
#define offsetof(type, field) ((size_t)&(((type *)0)->field))
#define derived_cast(derived_type, obj) ((derived_type*)((char*)(obj) - offsetof(derived_type, base)))
/// BASE
struct base_C_class;
View triage.py
#!/usr/bin/env python3
'''
Copyright (c) 2020-2021, Andrea Fioraldi
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
View sanitizer_crash_min.py
#!/usr/bin/env python3
'''
Copyright (c) 2020, Andrea Fioraldi
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
View blob_loader.c
#include <sys/mman.h>
#include <sys/stat.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <stdint.h>
#include <stdint.h>
typedef uint8_t u8;
View ubsan_minimize_crashes.py
#!/usr/bin/env python3
'''
Copyright (c) 2020, Andrea Fioraldi
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
View libfuzzer_afl_driver.cpp
//===- afl_driver.cpp - a glue between AFL and libFuzzer --------*- C++ -* ===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//===----------------------------------------------------------------------===//
/* This file allows to fuzz libFuzzer-style target functions
(LLVMFuzzerTestOneInput) with AFL using AFL's persistent (in-process) mode.