Merge pull request #534 from AFLplusplus/dev

push to stable for GSOC

1 files changed, 12 insertions, 0 deletions

diff --git a/docs/custom_mutators.md b/docs/custom_mutators.md
index a22c809b..a128f587 100644
--- a/docs/custom_mutators.md
+++ b/docs/custom_mutators.md
@@ -32,6 +32,7 @@ performed with the custom mutator.
 C/C++:
 ```c
 void *afl_custom_init(afl_t *afl, unsigned int seed);
+uint32_t afl_custom_fuzz_count(void *data, const u8 *buf, size_t buf_size);
 size_t afl_custom_fuzz(void *data, uint8_t *buf, size_t buf_size, u8 **out_buf, uint8_t *add_buf, size_t add_buf_size, size_t max_size);
 size_t afl_custom_post_process(void *data, uint8_t *buf, size_t buf_size, uint8_t **out_buf);
 int32_t afl_custom_init_trim(void *data, uint8_t *buf, size_t buf_size);
@@ -49,6 +50,9 @@ Python:
 def init(seed):
     pass
 
+def fuzz_count(buf, add_buf, max_size):
+    return cnt
+
 def fuzz(buf, add_buf, max_size):
     return mutated_out
 
@@ -88,6 +92,14 @@ def queue_new_entry(filename_new_queue, filename_orig_queue):
     This method determines whether the custom fuzzer should fuzz the current
     queue entry or not
 
+- `fuzz_count` (optional):
+
+    When a queue entry is selected to be fuzzed, afl-fuzz selects the number
+    of fuzzing attempts with this input based on a few factors.
+    If however the custom mutator wants to set this number instead on how often
+    it is called for a specific queue entry, use this function.
+    This function in mostly useful if **not** `AFL_CUSTOM_MUTATOR_ONLY` is used.
+
 - `fuzz` (optional):
 
     This method performs custom mutations on a given input. It also accepts an