diff options
| author | van Hauser <vh@thc.org> | 2023-02-25 09:20:47 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-02-25 09:20:47 +0100 |
| commit | ea14f3fd40e32234989043a525e3853fcb33c1b6 (patch) | |
| tree | aaa8770a743f6ab25a9f2849f62af8a68521344d /custom_mutators/examples | |
| parent | 3881ccd0b7520f67fd0b34f010443dc249cbc8f1 (diff) | |
| parent | 2b5c9954f6099d7a70cbcf2db9af5a19327f385f (diff) | |
| download | afl++-ea14f3fd40e32234989043a525e3853fcb33c1b6.tar.gz | |
Merge pull request #1653 from AFLplusplus/dev
push to stable
Diffstat (limited to 'custom_mutators/examples')
| -rw-r--r-- | custom_mutators/examples/custom_send.c | 9 | ||||
| -rw-r--r-- | custom_mutators/examples/example.c | 4 | ||||
| -rw-r--r-- | custom_mutators/examples/post_library_gif.so.c | 4 |
3 files changed, 13 insertions, 4 deletions
diff --git a/custom_mutators/examples/custom_send.c b/custom_mutators/examples/custom_send.c index ffea927e..7de72819 100644 --- a/custom_mutators/examples/custom_send.c +++ b/custom_mutators/examples/custom_send.c @@ -1,7 +1,14 @@ +// +// This is an example on how to use afl_custom_send +// It writes each mutated data set to /tmp/foo +// You can modify this to send to IPC, shared memory, etc. +// // cc -O3 -fPIC -shared -g -o custom_send.so -I../../include custom_send.c // cd ../.. // afl-cc -o test-instr test-instr.c -// afl-fuzz -i in -o out -- ./test-instr -f /tmp/foo +// AFL_CUSTOM_MUTATOR_LIBRARY=custom_mutators/examples/custom_send.so \ +// afl-fuzz -i in -o out -- ./test-instr -f /tmp/foo +// #include "custom_mutator_helpers.h" diff --git a/custom_mutators/examples/example.c b/custom_mutators/examples/example.c index 3f299508..e680ec8e 100644 --- a/custom_mutators/examples/example.c +++ b/custom_mutators/examples/example.c @@ -6,7 +6,7 @@ Dominik Maier <mail@dmnk.co> */ -// You need to use -I /path/to/AFLplusplus/include +// You need to use -I/path/to/AFLplusplus/include -I. #include "custom_mutator_helpers.h" #include <stdint.h> @@ -118,6 +118,8 @@ size_t afl_custom_fuzz(my_mutator_t *data, uint8_t *buf, size_t buf_size, } + if (max_size > mutated_size) { mutated_size = max_size; } + *out_buf = mutated_out; return mutated_size; diff --git a/custom_mutators/examples/post_library_gif.so.c b/custom_mutators/examples/post_library_gif.so.c index 9cd224f4..3cb018a6 100644 --- a/custom_mutators/examples/post_library_gif.so.c +++ b/custom_mutators/examples/post_library_gif.so.c @@ -129,8 +129,8 @@ size_t afl_custom_post_process(post_state_t *data, unsigned char *in_buf, /* Allocate memory for new buffer, reusing previous allocation if possible. Note we have to use afl-fuzz's own realloc! - Note that you should only do this if you need to grow the buffer, - otherwise work with in_buf, and assign it to *out_buf instead. */ + We use afl_realloc because it is effective. + You can also work within in_buf, and assign it to *out_buf. */ *out_buf = afl_realloc(out_buf, len); |