Merge pull request #496 from AFLplusplus/dev

push to stable

1 files changed, 16 insertions, 18 deletions

diff --git a/custom_mutators/honggfuzz/mangle.c b/custom_mutators/honggfuzz/mangle.c
index 05e0dcfa..c2988319 100644
--- a/custom_mutators/honggfuzz/mangle.c
+++ b/custom_mutators/honggfuzz/mangle.c
@@ -51,7 +51,7 @@ static inline size_t mangle_LenLeft(run_t *run, size_t off) {
 
 }
 
-/* Get a random value between <1:max> with x^2 distribution */
+/* Get a random value <1:max>, but prefer smaller ones - up to 4KiB */
 static inline size_t mangle_getLen(size_t max) {
 
   if (max > _HF_INPUT_MAX_SIZE) {
@@ -64,27 +64,25 @@ static inline size_t mangle_getLen(size_t max) {
   if (max == 0) { LOG_F("max == 0"); }
   if (max == 1) { return 1; }
 
-  const uint64_t max2 = (uint64_t)max * max;
-  const uint64_t max3 = (uint64_t)max * max * max;
-  const uint64_t rnd = util_rndGet(1, max2 - 1);
+  /* Give 50% chance the the uniform distribution */
+  switch (util_rndGet(0, 9)) {
 
-  uint64_t ret = rnd * rnd;
-  ret /= max3;
-  ret += 1;
-
-  if (ret < 1) {
-
-    LOG_F("ret (%" PRIu64 ") < 1, max:%zu, rnd:%" PRIu64, ret, max, rnd);
-
-  }
-
-  if (ret > max) {
-
-    LOG_F("ret (%" PRIu64 ") > max (%zu), rnd:%" PRIu64, ret, max, rnd);
+    case 0:
+      return (size_t)util_rndGet(1, HF_MIN(16, max));
+    case 1:
+      return (size_t)util_rndGet(1, HF_MIN(64, max));
+    case 2:
+      return (size_t)util_rndGet(1, HF_MIN(256, max));
+    case 3:
+      return (size_t)util_rndGet(1, HF_MIN(1024, max));
+    case 4:
+      return (size_t)util_rndGet(1, HF_MIN(4096, max));
+    default:
+      break;
 
   }
 
-  return (size_t)ret;
+  return (size_t)util_rndGet(1, max);
 
 }