|
17 | 17 |
|
18 | 18 | void counter_shm_init(void)
|
19 | 19 | {
|
20 |
| - char *shm_path = g_strdup_printf("/qemu-fuzz-cntrs.%d", getpid()); |
21 |
| - int fd = shm_open(shm_path, O_CREAT | O_RDWR, S_IRUSR | S_IWUSR); |
22 |
| - g_free(shm_path); |
23 |
| - |
24 |
| - if (fd == -1) { |
25 |
| - perror("Error: "); |
26 |
| - exit(1); |
27 |
| - } |
28 |
| - if (ftruncate(fd, &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START) == -1) { |
29 |
| - perror("Error: "); |
30 |
| - exit(1); |
31 |
| - } |
32 |
| - /* Copy what's in the counter region to the shm.. */ |
33 |
| - void *rptr = mmap(NULL , |
34 |
| - &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START, |
35 |
| - PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); |
36 |
| - memcpy(rptr, |
| 20 | + /* Copy what's in the counter region to a temporary buffer.. */ |
| 21 | + void *copy = malloc(&__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START); |
| 22 | + memcpy(copy, |
37 | 23 | &__FUZZ_COUNTERS_START,
|
38 | 24 | &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START);
|
39 | 25 |
|
40 |
| - munmap(rptr, &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START); |
41 |
| - |
42 |
| - /* And map the shm over the counter region */ |
43 |
| - rptr = mmap(&__FUZZ_COUNTERS_START, |
44 |
| - &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START, |
45 |
| - PROT_READ | PROT_WRITE, MAP_SHARED | MAP_FIXED, fd, 0); |
46 |
| - |
47 |
| - close(fd); |
48 |
| - |
49 |
| - if (!rptr) { |
| 26 | + /* Map a shared region over the counter region */ |
| 27 | + if (mmap(&__FUZZ_COUNTERS_START, |
| 28 | + &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START, |
| 29 | + PROT_READ | PROT_WRITE, MAP_SHARED | MAP_FIXED | MAP_ANONYMOUS, |
| 30 | + 0, 0) == MAP_FAILED) { |
50 | 31 | perror("Error: ");
|
51 | 32 | exit(1);
|
52 | 33 | }
|
| 34 | + |
| 35 | + /* Copy the original data back to the counter-region */ |
| 36 | + memcpy(&__FUZZ_COUNTERS_START, copy, |
| 37 | + &__FUZZ_COUNTERS_END - &__FUZZ_COUNTERS_START); |
| 38 | + free(copy); |
53 | 39 | }
|
54 | 40 |
|
55 | 41 |
|
0 commit comments