diff options
| author | van Hauser <vh@thc.org> | 2020-06-29 18:36:06 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-29 18:36:06 +0200 |
| commit | fc5cfc6cb309b072a45b991be117c17396e46a89 (patch) | |
| tree | 4c762f1e2cfb4a8741c08b5b60d07c2ae8eee860 /include | |
| parent | 76a2d9b59b23873c8a6d174a2f3c48eba60712fb (diff) | |
| parent | 6d9b29daca46c8912aa9ddf6c053bc8554e9e9f7 (diff) | |
| download | afl++-fc5cfc6cb309b072a45b991be117c17396e46a89.tar.gz | |
Merge pull request #428 from AFLplusplus/dev
Dev
Diffstat (limited to 'include')
| -rw-r--r-- | include/afl-fuzz.h | 21 | ||||
| -rw-r--r-- | include/afl-prealloc.h | 2 | ||||
| -rw-r--r-- | include/alloc-inl.h | 6 | ||||
| -rw-r--r-- | include/debug.h | 2 | ||||
| -rw-r--r-- | include/hash.h | 6 | ||||
| -rw-r--r-- | include/sharedmem.h | 2 | ||||
| -rw-r--r-- | include/types.h | 1 |
7 files changed, 23 insertions, 17 deletions
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index 8d8db100..ca785e47 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -49,6 +49,7 @@ #include "sharedmem.h" #include "forkserver.h" #include "common.h" +#include "hash.h" #include <stdio.h> #include <unistd.h> @@ -188,10 +189,11 @@ enum { /* 15 */ STAGE_HAVOC, /* 16 */ STAGE_SPLICE, /* 17 */ STAGE_PYTHON, - /* 18 */ STAGE_RADAMSA, - /* 19 */ STAGE_CUSTOM_MUTATOR, - /* 20 */ STAGE_COLORIZATION, - /* 21 */ STAGE_ITS, + /* 18 */ STAGE_CUSTOM_MUTATOR, + /* 19 */ STAGE_COLORIZATION, + /* 20 */ STAGE_ITS, + + STAGE_NUM_MAX }; @@ -233,6 +235,7 @@ enum { /* 05 */ QUAD, /* Quadratic schedule */ /* 06 */ RARE, /* Rare edges */ /* 07 */ MMOPT, /* Modified MOPT schedule */ + /* 08 */ SEEK, /* EXPLORE that ignores timings */ POWER_SCHEDULES_NUM @@ -426,9 +429,6 @@ typedef struct afl_state { u8 schedule; /* Power schedule (default: EXPLORE)*/ u8 havoc_max_mult; - u8 use_radamsa; - size_t (*radamsa_mutate_ptr)(u8 *, size_t, u8 *, size_t, u32); - u8 skip_deterministic, /* Skip deterministic stages? */ use_splicing, /* Recombine input files? */ non_instrumented_mode, /* Run in non-instrumented mode? */ @@ -972,13 +972,16 @@ static inline u32 rand_below(afl_state_t *afl, u32 limit) { } -static inline u32 get_rand_seed(afl_state_t *afl) { +static inline s64 rand_get_seed(afl_state_t *afl) { - if (unlikely(afl->fixed_seed)) { return (u32)afl->init_seed; } + if (unlikely(afl->fixed_seed)) { return afl->init_seed; } return afl->rand_seed[0]; } +/* initialize randomness with a given seed. Can be called again at any time. */ +void rand_set_seed(afl_state_t *afl, s64 init_seed); + /* Find first power of two greater or equal to val (assuming val under 2^63). */ diff --git a/include/afl-prealloc.h b/include/afl-prealloc.h index 5e5d7b85..edf69a67 100644 --- a/include/afl-prealloc.h +++ b/include/afl-prealloc.h @@ -60,7 +60,7 @@ typedef enum prealloc_status { \ if ((prealloc_counter) >= (prealloc_size)) { \ \ - el_ptr = malloc(sizeof(*el_ptr)); \ + el_ptr = (void *)malloc(sizeof(*el_ptr)); \ if (!el_ptr) { FATAL("error in list.h -> out of memory for element!"); } \ el_ptr->pre_status = PRE_STATUS_MALLOC; \ \ diff --git a/include/alloc-inl.h b/include/alloc-inl.h index ca593549..832b2de4 100644 --- a/include/alloc-inl.h +++ b/include/alloc-inl.h @@ -170,10 +170,10 @@ static inline u8 *DFL_ck_strdup(u8 *str) { size = strlen((char *)str) + 1; ALLOC_CHECK_SIZE(size); - ret = malloc(size); + ret = (u8 *)malloc(size); ALLOC_CHECK_RESULT(ret, size); - return memcpy(ret, str, size); + return (u8 *)memcpy(ret, str, size); } @@ -204,7 +204,7 @@ static inline u8 *DFL_ck_memdup_str(u8 *mem, u32 size) { if (!mem || !size) { return NULL; } ALLOC_CHECK_SIZE(size); - ret = malloc(size + 1); + ret = (u8 *)malloc(size + 1); ALLOC_CHECK_RESULT(ret, size); memcpy(ret, mem, size); diff --git a/include/debug.h b/include/debug.h index 9dd21ace..d1bd971b 100644 --- a/include/debug.h +++ b/include/debug.h @@ -262,7 +262,7 @@ \ } while (0) -/* Die with FAULT() or PFAULT() depending on the value of res (used to +/* Die with FATAL() or PFATAL() depending on the value of res (used to interpret different failure modes for read(), write(), etc). */ #define RPFATAL(res, x...) \ diff --git a/include/hash.h b/include/hash.h index 6910e0e2..9319ab95 100644 --- a/include/hash.h +++ b/include/hash.h @@ -30,8 +30,8 @@ #include "types.h" -u32 hash32(const void *key, u32 len, u32 seed); -u64 hash64(const void *key, u32 len, u64 seed); +u32 hash32(u8 *key, u32 len, u32 seed); +u64 hash64(u8 *key, u32 len, u64 seed); #if 0 @@ -41,7 +41,7 @@ The following code is disabled because xxh3 is 30% faster #define ROL64(_x, _r) ((((u64)(_x)) << (_r)) | (((u64)(_x)) >> (64 - (_r)))) -static inline u32 hash32(const void *key, u32 len, u32 seed) { +static inline u32 hash32(u8 *key, u32 len, u32 seed) { const u64 *data = (u64 *)key; u64 h1 = seed ^ len; diff --git a/include/sharedmem.h b/include/sharedmem.h index a77ab7c0..b15d0535 100644 --- a/include/sharedmem.h +++ b/include/sharedmem.h @@ -38,6 +38,8 @@ typedef struct sharedmem { /* ================ Proteas ================ */ int g_shm_fd; char g_shm_file_path[L_tmpnam]; + int cmplog_g_shm_fd; + char cmplog_g_shm_file_path[L_tmpnam]; /* ========================================= */ #else s32 shm_id; /* ID of the SHM region */ diff --git a/include/types.h b/include/types.h index 77b7ae74..39f599a0 100644 --- a/include/types.h +++ b/include/types.h @@ -48,6 +48,7 @@ typedef uint32_t u32; #define FS_OPT_SNAPSHOT 0x20000000 #define FS_OPT_AUTODICT 0x10000000 #define FS_OPT_SHDMEM_FUZZ 0x01000000 +#define FS_OPT_OLD_AFLPP_WORKAROUND 0x0f000000 // FS_OPT_MAX_MAPSIZE is 8388608 = 0x800000 = 2^23 = 1 << 22 #define FS_OPT_MAX_MAPSIZE ((0x00fffffe >> 1) + 1) #define FS_OPT_GET_MAPSIZE(x) (((x & 0x00fffffe) >> 1) + 1) |