diff options
| author | van Hauser <vh@thc.org> | 2021-01-26 22:45:59 +0100 |
|---|---|---|
| committer | van Hauser <vh@thc.org> | 2021-01-26 22:45:59 +0100 |
| commit | 36b5336152cd886d911f4299c3154b7817c94838 (patch) | |
| tree | a8de66b4d1e39766bc069b7c6fcb6131000f82ea | |
| parent | 9c393adbb953fe5bf6809e5b0feca7be2f52b7f8 (diff) | |
| download | afl++-36b5336152cd886d911f4299c3154b7817c94838.tar.gz | |
better foreign sync name
| -rw-r--r-- | src/afl-fuzz-init.c | 15 | ||||
| -rw-r--r-- | src/afl-fuzz-redqueen.c | 4 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 10 |
3 files changed, 26 insertions, 3 deletions
diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c index ed2010cd..4f59a42f 100644 --- a/src/afl-fuzz-init.c +++ b/src/afl-fuzz-init.c @@ -460,6 +460,7 @@ void read_foreign_testcases(afl_state_t *afl, int first) { u32 i, iter; u8 val_buf[2][STRINGIFY_VAL_SIZE_MAX]; + u8 foreign_name[16]; for (iter = 0; iter < afl->foreign_sync_cnt; iter++) { @@ -468,6 +469,18 @@ void read_foreign_testcases(afl_state_t *afl, int first) { if (first) ACTF("Scanning '%s'...", afl->foreign_syncs[iter].dir); time_t ctime_max = 0; + u8 * name = rindex(afl->foreign_syncs[iter].dir, '/'); + if (!name) { name = afl->foreign_syncs[iter].dir; } + if (!strcmp(name, "queue") || !strcmp(name, "out") || + !strcmp(name, "default")) { + + snprintf(foreign_name, sizeof(foreign_name), "foreign_%u", iter); + + } else { + + snprintf(foreign_name, sizeof(foreign_name), "%s_%u", name, iter); + + } /* We use scandir() + alphasort() rather than readdir() because otherwise, the ordering of test cases would vary somewhat randomly and would be @@ -581,7 +594,7 @@ void read_foreign_testcases(afl_state_t *afl, int first) { write_to_testcase(afl, mem, st.st_size); fault = fuzz_run_target(afl, &afl->fsrv, afl->fsrv.exec_tmout); - afl->syncing_party = "foreign"; + afl->syncing_party = foreign_name; afl->queued_imported += save_if_interesting(afl, mem, st.st_size, fault); afl->syncing_party = 0; diff --git a/src/afl-fuzz-redqueen.c b/src/afl-fuzz-redqueen.c index 6721b8ef..34db7231 100644 --- a/src/afl-fuzz-redqueen.c +++ b/src/afl-fuzz-redqueen.c @@ -249,7 +249,7 @@ static u8 colorization(afl_state_t *afl, u8 *buf, u32 len, afl->stage_cur = 0; // in colorization we do not classify counts, hence we have to calculate - // the original checksum! + // the original checksum. if (unlikely(get_exec_checksum(afl, buf, len, &exec_cksum))) { goto checksum_fail; @@ -2368,7 +2368,7 @@ u8 input_to_state_stage(afl_state_t *afl, u8 *orig_buf, u8 *buf, u32 len) { u64 orig_hit_cnt, new_hit_cnt; u64 orig_execs = afl->fsrv.total_execs; orig_hit_cnt = afl->queued_paths + afl->unique_crashes; - u64 screen_update = 1000000 / afl->queue_cur->exec_us, + u64 screen_update = 100000 / afl->queue_cur->exec_us, execs = afl->fsrv.total_execs; afl->stage_name = "input-to-state"; diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index ecf69728..b92aa2a7 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -559,6 +559,16 @@ int main(int argc, char **argv_orig, char **envp) { FATAL("Maximum %u entried of -F option can be specified", FOREIGN_SYNCS_MAX); afl->foreign_syncs[afl->foreign_sync_cnt].dir = optarg; + while (afl->foreign_syncs[afl->foreign_sync_cnt] + .dir[strlen(afl->foreign_syncs[afl->foreign_sync_cnt].dir) - + 1] == '/') { + + afl->foreign_syncs[afl->foreign_sync_cnt] + .dir[strlen(afl->foreign_syncs[afl->foreign_sync_cnt].dir) - 1] = + 0; + + } + afl->foreign_sync_cnt++; break; |