diff options
| author | van Hauser <vh@thc.org> | 2020-10-12 02:26:14 +0200 |
|---|---|---|
| committer | van Hauser <vh@thc.org> | 2020-10-12 02:26:14 +0200 |
| commit | dab017dddaaab6d836a590f7bba3eea3549758d2 (patch) | |
| tree | eff0ab5816a4188f2dcfa279fe2cf91e680af6dd | |
| parent | 55e1726b235d722775397c6e94685dcfe0d8c886 (diff) | |
| download | afl++-dab017dddaaab6d836a590f7bba3eea3549758d2.tar.gz | |
no -M/-S: auto-set -S default
| -rw-r--r-- | README.md | 20 | ||||
| -rw-r--r-- | docs/Changelog.md | 1 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 16 |
3 files changed, 23 insertions, 14 deletions
diff --git a/README.md b/README.md index 819da093..384ae830 100644 --- a/README.md +++ b/README.md @@ -28,28 +28,30 @@ ## Major changes in afl++ 3.0 With afl++ 3.0 we introduced changes that break some previous afl and afl++ -behaviours: +behaviours and defaults: * There are no llvm_mode and gcc_plugin subdirectories anymore and there is only one compiler: afl-cc. All previous compilers now symlink to this one compiler. All instrumentation source code is now in the `instrumentation/` folder. - * The gcc_plugin was replaced with a new version submitted by AdaCore, that - supports more features, thank you! + * The gcc_plugin was replaced with a new version submitted by AdaCore that + supports more features. thank you! * qemu_mode got upgraded to QEMU 5.1, but to be able to build this a current ninja build tool version and python3 setuptools are required. qemu_mode also got new options like snapshotting, instrumenting specific - shared libraries, etc. and QEMU 5.1 supports more CPU targets so this is - worth it. + shared libraries, etc. Additionally QEMU 5.1 supports more CPU targets so + this is really worth it. * When instrumenting targets, afl-cc will not supersede optimizations. This allows to fuzz targets as same as they are built for debug or release. - * afl-fuzz': - * `-i` option now descends into subdirectories. + * afl-fuzz: + * if neither -M or -S is specified, `-S default` is assumed, so more + fuzzers can easily be added later + * `-i` input directory option now descends into subdirectories. It also + does not fatal on crashes and too large files, instead it skips them + and uses them for splicing mutations * -m none is now default, set memory limits (in MB) with e.g. -m 250 * deterministic fuzzing is now disabled by default (unless using -M) and can be enabled with -D - * afl-fuzz will skip over empty dictionaries and too-large test cases instead - of failing, and use them as a source for splicing mutations ## Contents diff --git a/docs/Changelog.md b/docs/Changelog.md index f15f1d93..36022399 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -23,6 +23,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. with -M) - statsd support by Edznux, thanks a lot! - Marcel Boehme submitted a patch that improves all AFFast schedules :) + - not specifying -M or -S will now auto-set "-S default" - reading testcases from -i now descends into subdirectories - allow up to 4 -x command line options - loaded extras now have a duplicate protection diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 004adffe..d42a0d36 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -411,8 +411,8 @@ int main(int argc, char **argv_orig, char **envp) { if (afl->sync_id) { FATAL("Multiple -S or -M options not supported"); } afl->sync_id = ck_strdup(optarg); - afl->skip_deterministic = 0; // force determinsitic fuzzing - afl->old_seed_selection = 1; // force old queue walking seed selection + afl->skip_deterministic = 0; // force determinsitic fuzzing + afl->old_seed_selection = 1; // force old queue walking seed selection if ((c = strchr(afl->sync_id, ':'))) { @@ -847,6 +847,8 @@ int main(int argc, char **argv_orig, char **envp) { "Eißfeldt, Andrea Fioraldi and Dominik Maier"); OKF("afl++ is open source, get it at " "https://github.com/AFLplusplus/AFLplusplus"); + OKF("NOTE: This is v3.x which changes several defaults and behaviours - see " + "README.md"); if (afl->sync_id && afl->is_main_node && afl->afl_env.afl_custom_mutator_only) { @@ -1135,15 +1137,19 @@ int main(int argc, char **argv_orig, char **envp) { WARNF("it is wasteful to run more than one main node!"); sleep(1); - } - - if (afl->is_secondary_node && check_main_node_exists(afl) == 0) { + } else if (afl->is_secondary_node && check_main_node_exists(afl) == 0) { WARNF( "no -M main node found. It is recommended to run exactly one main " "instance."); sleep(1); + } else if (!afl->sync_id) { + + afl->sync_id = "default"; + afl->is_secondary_node = 1; + OKF("no -M/-S set, autoconfiguring for \"-S %s\"", afl->sync_id); + } #ifdef RAND_TEST_VALUES |