diff options
| author | van Hauser <vh@thc.org> | 2020-07-20 10:19:14 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-07-20 10:19:14 +0200 |
| commit | f2d9b0096ef06d2759f45f7c8d288e2b38ef1f2e (patch) | |
| tree | b1bd0ac9d8c510a010fadb5788f8170899ed8f5f | |
| parent | 0da0b5cba05d1b49b7ca10987d11a74ab54892e0 (diff) | |
| parent | 67d2e6319bed90c06cf54b5d9a7a4bae51df317d (diff) | |
| download | afl++-f2d9b0096ef06d2759f45f7c8d288e2b38ef1f2e.tar.gz | |
Merge pull request #458 from h1994st/dev
Allow the custom trim function to return 0 bytes
| -rw-r--r-- | src/afl-fuzz-mutators.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/afl-fuzz-mutators.c b/src/afl-fuzz-mutators.c index 9fc77ffe..f6b36843 100644 --- a/src/afl-fuzz-mutators.c +++ b/src/afl-fuzz-mutators.c @@ -286,6 +286,15 @@ u8 trim_case_custom(afl_state_t *afl, struct queue_entry *q, u8 *in_buf, "Trimmed data returned by custom mutator is larger than original " "data"); + } else if (unlikely(retlen == 0)) { + + /* Do not run the empty test case on the target. To keep the custom + trimming function running, we simply treat the empty test case as an + unsuccessful trimming and skip it, instead of aborting the trimming. */ + + ++afl->trim_execs; + goto unsuccessful_trimming; + } write_to_testcase(afl, retbuf, retlen); @@ -325,6 +334,8 @@ u8 trim_case_custom(afl_state_t *afl, struct queue_entry *q, u8 *in_buf, } else { +unsuccessful_trimming: + /* Tell the custom mutator that the trimming was unsuccessful */ afl->stage_cur = mutator->afl_custom_post_trim(mutator->data, 0); if (unlikely(afl->stage_cur < 0)) { |