fix plot_data output and code-format

author: van Hauser <vh@thc.org> 2020-04-17 07:10:42 +0200
committer: van Hauser <vh@thc.org> 2020-04-17 07:10:42 +0200
commit: c961925356bf3388066969b9975b424c4cdae890 (patch)
tree: 7a8e806add44f2d61fcff837ae040e8b1999ae9a
parent: 23ea7279159dce964c69b3dfa5e7e36f3d5a5085 (diff)
download: afl++-c961925356bf3388066969b9975b424c4cdae890.tar.gz
7 files changed, 27 insertions, 21 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md
index e1e558b7..60d83508 100644
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@@ -19,14 +19,17 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
     - snapshot feature usage now visible in UI
     - Now setting "-L -1" will enable MOpt in parallel to normal mutation.
       Additionally this allows to run dictionaries, radamsa and cmplog.
+    - fix for cmplog/redqueen mode if stdin was used
+    - fix for writing a better plot_data file
+  - qemu_mode: fix for persistent mode
   - compare-transform/AFL_LLVM_LAF_TRANSFORM_COMPARES now transforms also
     static global and local variable comparisons (cannot find all though)
   - extended forkserver: map_size and more information is communicated to
     afl-fuzz (and afl-fuzz acts accordingly)
-  - more refactoring
   - if AFL_CC/AFL_CXX is set but empty afl compilers did fail, fixed
     (this bug is in vanilla afl too)
   - added NO_PYTHON flag to disable python support when building afl-fuzz
+  - more refactoring
 
 
 ### Version ++2.63c (release):
diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c
index 55f7ce53..7131ceed 100644
--- a/src/afl-fuzz-init.c
+++ b/src/afl-fuzz-init.c
@@ -1419,6 +1419,8 @@ void setup_dirs_fds(afl_state_t *afl) {
           "# unix_time, cycles_done, cur_path, paths_total, "
           "pending_total, pending_favs, map_size, unique_crashes, "
           "unique_hangs, max_depth, execs_per_sec\n");
+  fflush(afl->fsrv.plot_file);
+
   /* ignore errors */
 
 }
diff --git a/src/afl-fuzz-python.c b/src/afl-fuzz-python.c
index 33f01797..d4519c6d 100644
--- a/src/afl-fuzz-python.c
+++ b/src/afl-fuzz-python.c
@@ -42,7 +42,7 @@ it just fills in `&py_mutator->something_buf, &py_mutator->something_size`. */
       &((py_mutator_t *)py_mutator)->name##_size
 
 static size_t fuzz_py(void *py_mutator, u8 *buf, size_t buf_size, u8 **out_buf,
-               u8 *add_buf, size_t add_buf_size, size_t max_size) {
+                      u8 *add_buf, size_t add_buf_size, size_t max_size) {
 
   size_t    mutated_size;
   PyObject *py_args, *py_value;
diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c
index 6ad6444a..30ba0e65 100644
--- a/src/afl-fuzz-run.c
+++ b/src/afl-fuzz-run.c
@@ -34,7 +34,7 @@
    information. The called program will update afl->fsrv->trace_bits. */
 
 fsrv_run_result_t fuzz_run_target(afl_state_t *afl, afl_forkserver_t *fsrv,
-                             u32 timeout) {
+                                  u32 timeout) {
 
   fsrv_run_result_t res = afl_fsrv_run_target(fsrv, timeout, &afl->stop_soon);
   // TODO: Don't classify for faults?
diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c
index 7cc9b920..c507b7f7 100644
--- a/src/afl-fuzz-stats.c
+++ b/src/afl-fuzz-stats.c
@@ -145,14 +145,15 @@ void write_stats_file(afl_state_t *afl, double bitmap_cvg, double stability,
 
 void maybe_update_plot_file(afl_state_t *afl, double bitmap_cvg, double eps) {
 
-  if (afl->plot_prev_qp == afl->queued_paths &&
-      afl->plot_prev_pf == afl->pending_favored &&
-      afl->plot_prev_pnf == afl->pending_not_fuzzed &&
-      afl->plot_prev_ce == afl->current_entry &&
-      afl->plot_prev_qc == afl->queue_cycle &&
-      afl->plot_prev_uc == afl->unique_crashes &&
-      afl->plot_prev_uh == afl->unique_hangs &&
-      afl->plot_prev_md == afl->max_depth)
+  if (unlikely(afl->plot_prev_qp == afl->queued_paths &&
+               afl->plot_prev_pf == afl->pending_favored &&
+               afl->plot_prev_pnf == afl->pending_not_fuzzed &&
+               afl->plot_prev_ce == afl->current_entry &&
+               afl->plot_prev_qc == afl->queue_cycle &&
+               afl->plot_prev_uc == afl->unique_crashes &&
+               afl->plot_prev_uh == afl->unique_hangs &&
+               afl->plot_prev_md == afl->max_depth) ||
+      unlikely(!afl->queue_cycle))
     return;
 
   afl->plot_prev_qp = afl->queued_paths;
@@ -388,9 +389,9 @@ void show_stats(afl_state_t *afl) {
 
   /* Lord, forgive me this. */
 
-  SAYF(SET_G1 bSTG bLT bH bSTOP                         cCYA
+  SAYF(SET_G1 bSTG bLT bH bSTOP cCYA
        " process timing " bSTG bH30 bH5 bH bHB bH bSTOP cCYA
-       " overall results " bSTG bH2 bH2                 bRT "\n");
+       " overall results " bSTG bH2 bH2 bRT "\n");
 
   if (afl->dumb_mode) {
 
@@ -472,9 +473,9 @@ void show_stats(afl_state_t *afl) {
                 "   uniq hangs : " cRST "%-6s" bSTG         bV "\n",
        time_tmp, tmp);
 
-  SAYF(bVR bH bSTOP                                          cCYA
+  SAYF(bVR bH bSTOP            cCYA
        " cycle progress " bSTG bH10 bH5 bH2 bH2 bHB bH bSTOP cCYA
-       " map coverage " bSTG bH bHT bH20 bH2                 bVL "\n");
+       " map coverage " bSTG bH bHT bH20 bH2 bVL "\n");
 
   /* This gets funny because we want to print several variable-length variables
      together, but then cram them into a fixed-width field - so we need to
@@ -504,9 +505,9 @@ void show_stats(afl_state_t *afl) {
 
   SAYF(bSTOP " count coverage : " cRST "%-21s" bSTG bV "\n", tmp);
 
-  SAYF(bVR bH bSTOP                                         cCYA
+  SAYF(bVR bH bSTOP            cCYA
        " stage progress " bSTG bH10 bH5 bH2 bH2 bX bH bSTOP cCYA
-       " findings in depth " bSTG bH10 bH5 bH2 bH2          bVL "\n");
+       " findings in depth " bSTG bH10 bH5 bH2 bH2 bVL "\n");
 
   sprintf(tmp, "%s (%0.02f%%)", u_stringify_int(IB(0), afl->queued_favored),
           ((double)afl->queued_favored) * 100 / afl->queued_paths);
@@ -580,7 +581,7 @@ void show_stats(afl_state_t *afl) {
 
   /* Aaaalmost there... hold on! */
 
-  SAYF(bVR bH cCYA                                                     bSTOP
+  SAYF(bVR bH cCYA                      bSTOP
        " fuzzing strategy yields " bSTG bH10 bHT bH10 bH5 bHB bH bSTOP cCYA
        " path geometry " bSTG bH5 bH2 bVL "\n");
 
diff --git a/src/afl-showmap.c b/src/afl-showmap.c
index 61c1754f..f43beb1b 100644
--- a/src/afl-showmap.c
+++ b/src/afl-showmap.c
@@ -218,8 +218,8 @@ static u32 write_results_to_file(afl_forkserver_t *fsrv, u8 *outfile) {
 
 /* Execute target application. */
 
-static void showmap_run_target_forkserver(afl_forkserver_t *fsrv, char **argv, u8 *mem,
-                           u32 len) {
+static void showmap_run_target_forkserver(afl_forkserver_t *fsrv, char **argv,
+                                          u8 *mem, u32 len) {
 
   afl_fsrv_write_to_testcase(fsrv, mem, len);
 
diff --git a/src/afl-tmin.c b/src/afl-tmin.c
index 431ff0c4..0a462e9a 100644
--- a/src/afl-tmin.c
+++ b/src/afl-tmin.c
@@ -215,7 +215,7 @@ static s32 write_to_file(u8 *path, u8 *mem, u32 len) {
    1 if they should be kept. */
 
 static u8 tmin_run_target(afl_forkserver_t *fsrv, char **argv, u8 *mem, u32 len,
-                     u8 first_run) {
+                          u8 first_run) {
 
   afl_fsrv_write_to_testcase(fsrv, mem, len);
author	van Hauser <vh@thc.org>	2020-04-17 07:10:42 +0200
committer	van Hauser <vh@thc.org>	2020-04-17 07:10:42 +0200
commit	c961925356bf3388066969b9975b424c4cdae890 (patch)
tree	7a8e806add44f2d61fcff837ae040e8b1999ae9a
parent	23ea7279159dce964c69b3dfa5e7e36f3d5a5085 (diff)
download	afl++-c961925356bf3388066969b9975b424c4cdae890.tar.gz