AFL_CUSTOM_MUTATOR_LATE_SEND added

3 files changed, 11 insertions, 0 deletions

diff --git a/docs/Changelog.md b/docs/Changelog.md
index 09ea8cb6..c16214e4 100644
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@@ -11,6 +11,8 @@
       to disable this feature set `AFL_NO_FASTRESUME=1`
       zlib compression is used if zlib is found at compile time
     - improved seed selection algorithm
+    - added `AFL_CUSTOM_MUTATOR_LATE_SEND=1` to call the custom send()
+      function after the target has been restarted.
   - frida_mode:
     - AFL_FRIDA_PERSISTENT_ADDR can now be be any reachable address not just
       a function entry
diff --git a/docs/custom_mutators.md b/docs/custom_mutators.md
index b7a7032f..3067ceab 100644
--- a/docs/custom_mutators.md
+++ b/docs/custom_mutators.md
@@ -198,6 +198,11 @@ def deinit():  # optional for Python
     This method can be used if you want to send data to the target yourself,
     e.g. via IPC. This replaces some usage of utils/afl_proxy but requires
     that you start the target with afl-fuzz.
+
+    Setting `AFL_CUSTOM_MUTATOR_LATE_SEND` will call the afl_custom_fuzz_send()
+    function after the target has been restarted. (This is needed for e.g. TCP
+    services.)
+
     Example: [custom_mutators/examples/custom_send.c](../custom_mutators/examples/custom_send.c)
 
 - `queue_new_entry` (optional):
diff --git a/docs/env_variables.md b/docs/env_variables.md
index 6db31df0..eebbcbda 100644
--- a/docs/env_variables.md
+++ b/docs/env_variables.md
@@ -368,6 +368,10 @@ checks or alter some of the more exotic semantics of the tool:
     XML or other highly flexible structured input. For details, see
     [custom_mutators.md](custom_mutators.md).
 
+  - Setting `AFL_CUSTOM_MUTATOR_LATE_SEND` will call the afl_custom_fuzz_send()
+    function after the target has been restarted. (This is needed for e.g. TCP
+    services.)
+
   - Setting `AFL_CYCLE_SCHEDULES` will switch to a different schedule every time
     a cycle is finished.