inject docs

2 files changed, 17 insertions, 0 deletions

diff --git a/docs/env_variables.md b/docs/env_variables.md
index a7636511..a972b6da 100644
--- a/docs/env_variables.md
+++ b/docs/env_variables.md
@@ -196,6 +196,19 @@ in the specified file.
 For more information, see
 [instrumentation/README.instrument_list.md](../instrumentation/README.instrument_list.md).
 
+#### INJECTIONS
+
+This feature is able to find simple injection vulnerabilities in insecure
+calls to mysql/mariadb/nosql/postgresql/ldap and XSS in libxml2.
+
+  - Setting `AFL_LLVM_INJECTIONS_ALL` will enable all injection hooking
+
+  - Setting `AFL_LLVM_INJECTIONS_SQL` will enable SQL injection hooking
+
+  - Setting `AFL_LLVM_INJECTIONS_LDAP` will enable LDAP injection hooking
+
+  - Setting `AFL_LLVM_INJECTIONS_XSS` will enable XSS injection hooking
+
 #### LAF-INTEL
 
 This great feature will split compares into series of single byte comparisons to
diff --git a/src/afl-cc.c b/src/afl-cc.c
index a46facc7..54c733c9 100644
--- a/src/afl-cc.c
+++ b/src/afl-cc.c
@@ -2295,6 +2295,10 @@ int main(int argc, char **argv, char **envp) {
             "comparisons\n"
             "  AFL_LLVM_DICT2FILE_NO_MAIN: skip parsing main() for the "
             "dictionary\n"
+            "  AFL_LLVM_INJECTIONS_ALL: enables all injections hooking\n"
+            "  AFL_LLVM_INJECTIONS_SQL: enables SQL injections hooking\n"
+            "  AFL_LLVM_INJECTIONS_LDAP: enables LDAP injections hooking\n"
+            "  AFL_LLVM_INJECTIONS_XSS: enables XSS injections hooking\n"
             "  AFL_LLVM_LAF_ALL: enables all LAF splits/transforms\n"
             "  AFL_LLVM_LAF_SPLIT_COMPARES: enable cascaded comparisons\n"
             "  AFL_LLVM_LAF_SPLIT_COMPARES_BITW: size limit (default 8)\n"