Merge pull request #428 from AFLplusplus/dev

Dev

1 files changed, 70 insertions, 0 deletions

diff --git a/custom_mutators/radamsa/radamsa-mutator.c b/custom_mutators/radamsa/radamsa-mutator.c
new file mode 100644
index 00000000..82d28001
--- /dev/null
+++ b/custom_mutators/radamsa/radamsa-mutator.c
@@ -0,0 +1,70 @@
+// This simple example just creates random buffer <= 100 filled with 'A'
+// needs -I /path/to/AFLplusplus/include
+//#include "custom_mutator_helpers.h"
+
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
+
+#include "radamsa.h"
+#include "custom_mutator_helpers.h"
+
+typedef struct my_mutator {
+
+  afl_t *afl;
+
+  u8 *mutator_buf;
+
+  unsigned int seed;
+
+} my_mutator_t;
+
+my_mutator_t *afl_custom_init(afl_t *afl, unsigned int seed) {
+
+  srand(seed);
+  my_mutator_t *data = calloc(1, sizeof(my_mutator_t));
+  if (!data) {
+
+    perror("afl_custom_init alloc");
+    return NULL;
+
+  }
+
+  if ((data->mutator_buf = malloc(MAX_FILE)) == NULL) {
+
+    perror("mutator_buf alloc");
+    return NULL;
+
+  }
+
+  data->afl = afl;
+  data->seed = seed;
+
+  radamsa_init();
+
+  return data;
+
+}
+
+size_t afl_custom_fuzz(my_mutator_t *data, uint8_t *buf, size_t buf_size,
+                       u8 **out_buf, uint8_t *add_buf, size_t add_buf_size,
+                       size_t max_size) {
+
+  *out_buf = data->mutator_buf;
+  return radamsa(buf, buf_size, data->mutator_buf, max_size, data->seed++);
+
+}
+
+/**
+ * Deinitialize everything
+ *
+ * @param data The data ptr from afl_custom_init
+ */
+void afl_custom_deinit(my_mutator_t *data) {
+
+  free(data->mutator_buf);
+  free(data);
+
+}
+