diff options
| author | van Hauser <vh@thc.org> | 2019-06-20 13:51:39 +0200 |
|---|---|---|
| committer | van Hauser <vh@thc.org> | 2019-06-20 13:51:39 +0200 |
| commit | 549b83504fad02e12fe7f6068173479e7063ee99 (patch) | |
| tree | ae0962558732a00ed6364cfa92c487518998688a | |
| parent | d10ebd1a6837f9fc42886fd5debe5311784be75a (diff) | |
| download | afl++-549b83504fad02e12fe7f6068173479e7063ee99.tar.gz | |
added -s fixed_seed feature
| -rw-r--r-- | afl-fuzz.c | 18 | ||||
| -rw-r--r-- | docs/ChangeLog | 3 |
2 files changed, 18 insertions, 3 deletions
@@ -140,6 +140,7 @@ EXP_ST u8 skip_deterministic, /* Skip deterministic stages? */ run_over10m, /* Run time over 10 minutes? */ persistent_mode, /* Running in persistent mode? */ deferred_mode, /* Deferred forkserver mode? */ + fixed_seed, /* do not reseed */ fast_cal; /* Try to calibrate faster? */ static s32 out_fd, /* Persistent fd for out_file */ @@ -591,7 +592,7 @@ static u64 get_cur_time_us(void) { static inline u32 UR(u32 limit) { - if (unlikely(!rand_cnt--)) { + if (!fixed_seed && unlikely(!rand_cnt--)) { u32 seed[2]; @@ -7624,6 +7625,7 @@ static void usage(u8* argv0) { " -T text - text banner to show on the screen\n" " -M / -S id - distributed mode (see parallel_fuzzing.txt)\n" " -C - crash exploration mode (the peruvian rabbit thing)\n" + " -s seed - use a fixed seed for the rng - important to testing\n" " -e ext - File extension for the temporarily generated test case\n\n" #ifdef USE_PYTHON @@ -8312,6 +8314,7 @@ int main(int argc, char** argv) { u8 mem_limit_given = 0; u8 exit_1 = !!getenv("AFL_BENCH_JUST_ONE"); char** use_argv; + s64 init_seed; struct timeval tv; struct timezone tz; @@ -8321,12 +8324,18 @@ int main(int argc, char** argv) { doc_path = access(DOC_PATH, F_OK) ? "docs" : DOC_PATH; gettimeofday(&tv, &tz); - srandom(tv.tv_sec ^ tv.tv_usec ^ getpid()); + init_seed = tv.tv_sec ^ tv.tv_usec ^ getpid(); - while ((opt = getopt(argc, argv, "+i:o:f:m:t:T:dnCB:S:M:x:Qe:p:")) > 0) + while ((opt = getopt(argc, argv, "+i:o:f:m:t:T:dnCB:S:M:x:Qe:p:s:")) > 0) switch (opt) { + case 's': { + init_seed = strtoul(optarg, 0L, 10); + fixed_seed = 1; + break; + } + case 'p': /* Power schedule */ if (!stricmp(optarg, "fast")) { @@ -8528,6 +8537,9 @@ int main(int argc, char** argv) { if (optind == argc || !in_dir || !out_dir) usage(argv[0]); + if (fixed_seed) + OKF("Running with fixed seed: %u", (u32)init_seed); + srandom((u32)init_seed); setup_signal_handlers(); check_asan_opts(); diff --git a/docs/ChangeLog b/docs/ChangeLog index 616dd78b..ea6e59bc 100644 --- a/docs/ChangeLog +++ b/docs/ChangeLog @@ -20,6 +20,9 @@ Version ++2.52d (tbd): - added Python Module mutator support, python2.7-dev is autodetected. see docs/python_mutators.txt (originally by choller@mozilla) - added AFL_CAL_FAST for slow applications and AFL_DEBUG_CHILD_OUTPUT for debugging + - added a -s seed switch to allow afl run with a fixed initial + seed that is not updated. this is good for performance and path discovery + tests as the random numbers are deterministic then - ... your idea or patch? |