diff options
| author | van Hauser <vh@thc.org> | 2020-08-03 11:50:10 +0200 |
|---|---|---|
| committer | van Hauser <vh@thc.org> | 2020-08-03 11:50:10 +0200 |
| commit | f335c48686c2f4119d1d0b1207f5d5ceb3d4ff04 (patch) | |
| tree | 3efb3efbbf7cfe9fb3fd2da92021467bd4e26cab /TODO.md | |
| parent | 9d82c3cf5e131030073d6a4df1b2102573a8ace4 (diff) | |
| download | afl++-f335c48686c2f4119d1d0b1207f5d5ceb3d4ff04.tar.gz | |
better PS1 in dockerfile
Diffstat (limited to 'TODO.md')
| -rw-r--r-- | TODO.md | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -30,3 +30,15 @@ qemu_mode: persistent mode - add/implement AFL_QEMU_INST_LIBLIST and AFL_QEMU_NOINST_PROGRAM - add/implement AFL_QEMU_INST_REGIONS as a list of _START/_END addresses + +## Ideas + + - LTO/sancov: write current edge to prev_loc and use that information when + using cmplog or __sanitizer_cov_trace_cmp*. maybe we can deduct by follow + up edge numbers that both following cmp paths have been found and then + disable working on this edge id + + - new tancov: use some lightweight taint analysis to see which parts of a + new queue entry is accessed and only fuzz these bytes - or better, only + fuzz those bytes that are newly in coverage compared to the queue entry + the new one is based on |