diff options
| author | van Hauser <vh@thc.org> | 2023-02-23 11:49:28 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-02-23 11:49:28 +0100 |
| commit | eb5c1ee4f3ffd6e42a3637082ab4ea089052ad8b (patch) | |
| tree | b0ebfc066252a9c78dfe90cf811b2b27f43cc215 /docs/fuzzing_in_depth.md | |
| parent | a293281b9bbb4e61bfbe5e67ab108d9e5ee40192 (diff) | |
| parent | eeccb2da69d7e6f32ee74c431e7c5053e8379dff (diff) | |
| download | afl++-eb5c1ee4f3ffd6e42a3637082ab4ea089052ad8b.tar.gz | |
Merge pull request #1650 from AFLplusplus/autotoken
Autotoken
Diffstat (limited to 'docs/fuzzing_in_depth.md')
| -rw-r--r-- | docs/fuzzing_in_depth.md | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/docs/fuzzing_in_depth.md b/docs/fuzzing_in_depth.md index 2a088201..f75ca5dc 100644 --- a/docs/fuzzing_in_depth.md +++ b/docs/fuzzing_in_depth.md @@ -534,6 +534,8 @@ dictionaries/FORMAT.dict`. * With `afl-clang-fast`, you can set `AFL_LLVM_DICT2FILE=/full/path/to/new/file.dic` to automatically generate a dictionary during target compilation. + Adding `AFL_LLVM_DICT2FILE_NO_MAIN=1` to not parse main (usually command line + parameter parsing) is often a good idea too. * You also have the option to generate a dictionary yourself during an independent run of the target, see [utils/libtokencap/README.md](../utils/libtokencap/README.md). @@ -937,7 +939,7 @@ too long for your overall available fuzz run time. 3. Also randomize the afl-fuzz runtime options, e.g.: * 65% for `AFL_DISABLE_TRIM` * 50% for `AFL_KEEP_TIMEOUTS` - * 50% use a dictionary generated by `AFL_LLVM_DICT2FILE` + * 50% use a dictionary generated by `AFL_LLVM_DICT2FILE` + `AFL_LLVM_DICT2FILE_NO_MAIN=1` * 40% use MOpt (`-L 0`) * 40% for `AFL_EXPAND_HAVOC_NOW` * 20% for old queue processing (`-Z`) |