diff --git a/configure.ac b/configure.ac index bd324f7..f4130c4 100644 --- a/configure.ac +++ b/configure.ac @@ -50,6 +50,8 @@ case "${host_os}" in *mingw32*) DLL_LDFLAGS="-Wl,-l,imagehlp" # Trick libtool here WINSOCK2_LIBS="-lws2_32" + # This one is necessary if we want inet_pton() with mingw + AC_DEFINE(_WIN32_WINNT, 0x600, [Define the Windows version to Vista]) ac_cv_func_recv=yes ac_cv_func_recvfrom=yes ac_cv_func_socket=yes diff --git a/msvc/config.h b/msvc/config.h index 8a551bf..ff3b1e3 100644 --- a/msvc/config.h +++ b/msvc/config.h @@ -151,6 +151,7 @@ #define RECV_T int #define SONAME "libzzuf.dll" #define STDC_HEADERS 1 +/* #undef _WIN32_WINNT */ /* #undef __func__ */ /* Fucking Visual Studio should just shut the fuck up with this fucking diff --git a/src/common/fd.c b/src/common/fd.c index c67347c..43a9c0d 100644 --- a/src/common/fd.c +++ b/src/common/fd.c @@ -32,7 +32,7 @@ # endif #endif #if _WIN32 -# include +# include #endif #include #include diff --git a/src/libzzuf/debug.c b/src/libzzuf/debug.c index 440abe1..b6c6e71 100644 --- a/src/libzzuf/debug.c +++ b/src/libzzuf/debug.c @@ -85,11 +85,11 @@ void _zz_debug(char const *format, ...) if (buf[0] == '\0') return; /* if buf is empty, we don't bother to send it to zzuf */ - /* FIXME: if len >= count, no null-terminator is appended, so we may erased the last character */ - if (ret >= sizeof(buf)) - buf[ret - 1] = '\n'; - else - buf[ret++] = '\n'; + /* If len >= count, no null-terminator is appended, so we need to + * erase the last character */ + if (ret >= (int)sizeof(buf)) + ret = (int)sizeof(buf) - 1; + buf[ret++] = '\n'; EnterCriticalSection(&_zz_pipe_cs); WriteFile(dbg_hdl, buf, ret, &written, NULL); @@ -115,9 +115,11 @@ void _zz_debug2(char const *format, ...) if (buf[0] == '\0') return; /* if buf is empty, we don't bother to send it to zzuf */ - /* FIXME: if len >= count, no null-terminator is appended, so we may erased the last character */ - if (ret >= sizeof(buf)) buf[ret - 1] = '\n'; - else buf[ret++] = '\n'; + /* If len >= count, no null-terminator is appended, so we need to + * erase the last character */ + if (ret >= (int)sizeof(buf)) + ret = (int)sizeof(buf) - 1; + buf[ret++] = '\n'; EnterCriticalSection(&_zz_pipe_cs); WriteFile(dbg_hdl, buf, ret, &written, NULL); diff --git a/src/libzzuf/sys.c b/src/libzzuf/sys.c index ae27294..93237d8 100644 --- a/src/libzzuf/sys.c +++ b/src/libzzuf/sys.c @@ -183,12 +183,14 @@ static void make_jmp32(uint8_t *src, uint8_t *dst, uint8_t *code) *(uint32_t *)(code + 1) = (uint32_t)MK_JMP_JD(dst, src); } +#ifdef _M_AMD64 static void make_jmp64(uint8_t *dst, uint8_t *code) { memcpy(code, "\x48\xb8", 2); /* MOV rAX, Iq */ - *(uint64_t *)(code + 2) = (uint64_t)dst; + *(uintptr_t *)(code + 2) = (uintptr_t)dst; memcpy(code + 10, "\xff\xe0", 2); /* JMP rAX */ } +#endif /* This function allocates and fills a trampoline for the function pointed by code. It also tries to handle some relocations. */ static int make_trampoline(uint8_t *code, size_t patch_size, uint8_t **trampoline_buf, size_t *trampoline_size) diff --git a/src/myfork.c b/src/myfork.c index 60dbf71..3f738b3 100644 --- a/src/myfork.c +++ b/src/myfork.c @@ -78,7 +78,6 @@ static int mypipe(int pipefd[2]); static int run_process(struct child *child, struct opts *, int[][2]); #if defined HAVE_WINDOWS_H -static void rep32(uint8_t *buf, void *addr); static int dll_inject(PROCESS_INFORMATION *, char const *); static void *get_proc_address(void *, DWORD, char const *); #endif @@ -343,8 +342,6 @@ static int run_process(struct child *child, struct opts *opts, int pipes[][2]) return 0; #elif HAVE_WINDOWS_H - HANDLE pid = GetCurrentProcess(); - /* Inherit standard handles */ STARTUPINFO sinfo; memset(&sinfo, 0, sizeof(sinfo)); @@ -359,7 +356,9 @@ static int run_process(struct child *child, struct opts *opts, int pipes[][2]) for (int i = 0; child->newargv[i]; ++i) len += (int)strlen(child->newargv[i]) + 1; char *cmdline = malloc(len); - for (int i = 0, len = 0; child->newargv[i]; ++i) + + len = 0; + for (int i = 0; child->newargv[i]; ++i) { strcpy(cmdline + len, child->newargv[i]); len += (int)strlen(child->newargv[i]) + 1; @@ -378,14 +377,14 @@ static int run_process(struct child *child, struct opts *opts, int pipes[][2]) if (!ret) { - LPTSTR buf; + LPTSTR tmp; DWORD err = GetLastError(); FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, - NULL, err, 0, (LPTSTR)&buf, 0, NULL); - fprintf(stderr, "error launching `%s': %s\n", child->newargv[0], buf); - LocalFree(buf); + NULL, err, 0, (LPTSTR)&tmp, 0, NULL); + fprintf(stderr, "error launching `%s': %s\n", child->newargv[0], tmp); + LocalFree(tmp); return -1; } @@ -475,7 +474,6 @@ static int dll_inject(PROCESS_INFORMATION *pinfo, char const *lib) DWORD pid = pinfo->dwProcessId; void *rldlib = NULL; SIZE_T written = 0; - DWORD old_prot = 0; /* Payload */ void *rpl = NULL; diff --git a/src/opts.h b/src/opts.h index 8b0ef13..4b6dc23 100644 --- a/src/opts.h +++ b/src/opts.h @@ -15,7 +15,7 @@ */ #ifdef _WIN32 -# include +# include #endif struct opts diff --git a/src/zzuf.c b/src/zzuf.c index 15ffa7d..9d55b5c 100644 --- a/src/zzuf.c +++ b/src/zzuf.c @@ -119,7 +119,7 @@ static void usage(void); ((fd >= 0) && (FD_ISSET(fd, p_fdset))) #if defined _WIN32 -# include +# include # include /* _O_RDWR */ # include /* _open */ static CRITICAL_SECTION _zz_pipe_cs; @@ -980,14 +980,15 @@ static void clean_children(struct opts *opts) struct child_overlapped { OVERLAPPED overlapped; - char buf[BUFSIZ]; + uint8_t buf[BUFSIZ]; struct opts * opts; int child_no; int fd_no; }; /* This callback is called when fuzzed applications write in fd out, err or debug */ -static void _stdcall read_child(DWORD err_code, DWORD nbr_of_bytes_transfered, LPOVERLAPPED overlapped) +static void __stdcall read_child(DWORD err_code, DWORD nbr_of_bytes_transfered, + LPOVERLAPPED overlapped) { struct child_overlapped * co = (struct child_overlapped *)overlapped;