afl_custom_fuzz_send added

1 files changed, 10 insertions, 0 deletions

diff --git a/docs/custom_mutators.md b/docs/custom_mutators.md
index ffd3cce8..ecc004e2 100644
--- a/docs/custom_mutators.md
+++ b/docs/custom_mutators.md
@@ -57,6 +57,7 @@ int afl_custom_post_trim(void *data, unsigned char success);
 size_t afl_custom_havoc_mutation(void *data, unsigned char *buf, size_t buf_size, unsigned char **out_buf, size_t max_size);
 unsigned char afl_custom_havoc_mutation_probability(void *data);
 unsigned char afl_custom_queue_get(void *data, const unsigned char *filename);
+void (*afl_custom_fuzz_send)(void *data, const u8 *buf, size_t buf_size);
 u8 afl_custom_queue_new_entry(void *data, const unsigned char *filename_new_queue, const unsigned int *filename_orig_queue);
 const char* afl_custom_introspection(my_mutator_t *data);
 void afl_custom_deinit(void *data);
@@ -98,6 +99,9 @@ def havoc_mutation_probability():
 def queue_get(filename):
     return True
 
+def fuzz_send(buf):
+    pass
+
 def queue_new_entry(filename_new_queue, filename_orig_queue):
     return False
 
@@ -168,6 +172,12 @@ def deinit():  # optional for Python
     to the target, e.g. if it is too short, too corrupted, etc. If so,
     return a NULL buffer and zero length (or a 0 length string in Python).
 
+- `fuzz_send` (optional):
+
+    This method can be used if you want to send data to the target yourself,
+    e.g. via IPC. This replaces some usage of utils/afl_proxy but requires
+    that you start the target with afl-fuzz.
+
 - `queue_new_entry` (optional):
 
     This methods is called after adding a new test case to the queue. If the