diff options
| author | vanhauser-thc <vh@thc.org> | 2021-02-07 08:27:35 +0100 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2021-02-07 08:27:35 +0100 |
| commit | 84f0b4f1874a9c3a5f2da4056f974df8273093d9 (patch) | |
| tree | 5dc529dade90ed2ebd987d68b31b6103af759cb0 | |
| parent | faa9daf260e63482121c9e06e1205efe0a7bcf2d (diff) | |
| download | afl++-84f0b4f1874a9c3a5f2da4056f974df8273093d9.tar.gz | |
persistent replay env setup
| -rw-r--r-- | include/afl-fuzz.h | 2 | ||||
| -rw-r--r-- | include/envs.h | 1 | ||||
| -rw-r--r-- | include/forkserver.h | 3 | ||||
| -rw-r--r-- | src/afl-forkserver.c | 2 | ||||
| -rw-r--r-- | src/afl-fuzz-state.c | 7 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 6 |
6 files changed, 19 insertions, 2 deletions
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index c3a8c2ee..3b6f2285 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -390,7 +390,7 @@ typedef struct afl_env_vars { *afl_hang_tmout, *afl_forksrv_init_tmout, *afl_skip_crashes, *afl_preload, *afl_max_det_extras, *afl_statsd_host, *afl_statsd_port, *afl_crash_exitcode, *afl_statsd_tags_flavor, *afl_testcache_size, - *afl_testcache_entries, *afl_kill_signal; + *afl_testcache_entries, *afl_kill_signal, *afl_persistent_replay; } afl_env_vars_t; diff --git a/include/envs.h b/include/envs.h index 210b34a6..f82bb803 100644 --- a/include/envs.h +++ b/include/envs.h @@ -123,6 +123,7 @@ static char *afl_environment_variables[] = { "AFL_MAX_DET_EXTRAS", "AFL_PATH", "AFL_PERFORMANCE_FILE", + "AFL_PERSISTEN_REPLAY", "AFL_PRELOAD", "AFL_PYTHON_MODULE", "AFL_QEMU_COMPCOV", diff --git a/include/forkserver.h b/include/forkserver.h index ac027f81..a0a60e0f 100644 --- a/include/forkserver.h +++ b/include/forkserver.h @@ -55,6 +55,9 @@ typedef struct afl_forkserver { u32 init_tmout; /* Configurable init timeout (ms) */ u32 map_size; /* map size used by the target */ u32 snapshot; /* is snapshot feature used */ + u32 persistent_replay; /* persistent replay setting */ + u32 persistent_replay_idx; /* persistent replay cache ptr */ + u32 persistent_replay_cnt; /* persistent replay counter */ u64 mem_limit; /* Memory cap for child (MB) */ u64 total_execs; /* How often run_target was called */ diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index 9ee59822..7968f69c 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -126,7 +126,7 @@ void afl_fsrv_init_dup(afl_forkserver_t *fsrv_to, afl_forkserver_t *from) { fsrv_to->last_run_timed_out = 0; fsrv_to->init_child_func = from->init_child_func; - // Note: do not copy ->add_extra_func + // Note: do not copy ->add_extra_func or ->persistent_replay* list_append(&fsrv_list, fsrv_to); diff --git a/src/afl-fuzz-state.c b/src/afl-fuzz-state.c index 5040e3ef..075aef1e 100644 --- a/src/afl-fuzz-state.c +++ b/src/afl-fuzz-state.c @@ -292,6 +292,13 @@ void read_afl_environment(afl_state_t *afl, char **envp) { afl->afl_env.afl_autoresume = get_afl_env(afl_environment_variables[i]) ? 1 : 0; + } else if (!strncmp(env, "AFL_PERSISTENT_REPLAY", + + afl_environment_variable_len)) { + + afl->afl_env.afl_persistent_replay = + get_afl_env(afl_environment_variables[i]); + } else if (!strncmp(env, "AFL_CYCLE_SCHEDULES", afl_environment_variable_len)) { diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index a579a8f5..77e6e2ce 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -1239,6 +1239,12 @@ int main(int argc, char **argv_orig, char **envp) { } + if (afl->afl_env.afl_persistent_replay) { + + afl->fsrv.persistent_replay = atoi(afl->afl_env.afl_persistent_replay); + + } + if (afl->afl_env.afl_crash_exitcode) { long exitcode = strtol(afl->afl_env.afl_crash_exitcode, NULL, 10); |