diff options
| author | van Hauser <vh@thc.org> | 2023-08-09 18:29:25 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-09 18:29:25 +0000 |
| commit | fa44d8f79f03c0aab3cfea93c37b70edc367c1bb (patch) | |
| tree | f39de203508117dcb50b66baa8fd335a887a9c54 /include | |
| parent | 18d9234dfe4b6db32a2da335834908e49300e5cd (diff) | |
| parent | 55d696fbae435e0e69adf75cb2df1361186fb999 (diff) | |
| download | afl++-fa44d8f79f03c0aab3cfea93c37b70edc367c1bb.tar.gz | |
Merge pull request #1831 from AFLplusplus/dev
push to stable
Diffstat (limited to 'include')
| -rw-r--r-- | include/afl-fuzz.h | 6 | ||||
| -rw-r--r-- | include/afl-mutations.h | 21 | ||||
| -rw-r--r-- | include/config.h | 8 | ||||
| -rw-r--r-- | include/envs.h | 5 | ||||
| -rw-r--r-- | include/forkserver.h | 3 |
5 files changed, 25 insertions, 18 deletions
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index 27668da0..ef84a18c 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -1,3 +1,4 @@ + /* american fuzzy lop++ - fuzzer header ------------------------------------ @@ -401,7 +402,7 @@ typedef struct afl_env_vars { afl_exit_on_seed_issues, afl_try_affinity, afl_ignore_problems, afl_keep_timeouts, afl_no_crash_readme, afl_ignore_timeouts, afl_no_startup_calibration, afl_no_warn_instability, - afl_post_process_keep_original; + afl_post_process_keep_original, afl_crashing_seeds_as_new_crash; u8 *afl_tmpdir, *afl_custom_mutator_library, *afl_python_module, *afl_path, *afl_hang_tmout, *afl_forksrv_init_tmout, *afl_preload, @@ -674,7 +675,8 @@ typedef struct afl_state { u32 cmplog_max_filesize; u32 cmplog_lvl; u32 colorize_success; - u8 cmplog_enable_arith, cmplog_enable_transform, cmplog_random_colorization; + u8 cmplog_enable_arith, cmplog_enable_transform, + cmplog_enable_xtreme_transform, cmplog_random_colorization; struct afl_pass_stat *pass_stats; struct cmp_map *orig_cmp_map; diff --git a/include/afl-mutations.h b/include/afl-mutations.h index 0a9bbbf4..98ba6fcf 100644 --- a/include/afl-mutations.h +++ b/include/afl-mutations.h @@ -25,13 +25,14 @@ u32 max_len - the maximum size the mutated buffer may grow to */ -#ifndef _ANDROID_ASHMEM_H - #define AFL_MUTATIONS_H +#ifndef AFL_MUTATIONS_H +#define AFL_MUTATIONS_H - #include <stdbool.h> - #include "afl-fuzz.h" +#include <stdbool.h> +#include <inttypes.h> +#include "afl-fuzz.h" - #define MUT_STRATEGY_ARRAY_SIZE 256 +#define MUT_STRATEGY_ARRAY_SIZE 256 enum { @@ -77,7 +78,7 @@ enum { }; - #define MUT_TXT_ARRAY_SIZE 200 +#define MUT_TXT_ARRAY_SIZE 200 u32 text_array[MUT_TXT_ARRAY_SIZE] = {MUT_FLIPBIT, MUT_FLIPBIT, MUT_FLIPBIT, @@ -279,7 +280,7 @@ u32 text_array[MUT_TXT_ARRAY_SIZE] = {MUT_FLIPBIT, MUT_SPLICE_INSERT, MUT_SPLICE_INSERT}; - #define MUT_BIN_ARRAY_SIZE 256 +#define MUT_BIN_ARRAY_SIZE 256 u32 binary_array[MUT_BIN_ARRAY_SIZE] = {MUT_FLIPBIT, MUT_FLIPBIT, MUT_FLIPBIT, @@ -537,7 +538,7 @@ u32 binary_array[MUT_BIN_ARRAY_SIZE] = {MUT_FLIPBIT, MUT_SPLICE_INSERT, MUT_SPLICE_INSERT}; - #define MUT_NORMAL_ARRAY_SIZE 77 +#define MUT_NORMAL_ARRAY_SIZE 77 u32 normal_splice_array[MUT_NORMAL_ARRAY_SIZE] = {MUT_FLIPBIT, MUT_FLIPBIT, MUT_FLIPBIT, @@ -616,7 +617,7 @@ u32 normal_splice_array[MUT_NORMAL_ARRAY_SIZE] = {MUT_FLIPBIT, MUT_SPLICE_INSERT, MUT_SPLICE_INSERT}; - #define MUT_SPLICE_ARRAY_SIZE 81 +#define MUT_SPLICE_ARRAY_SIZE 81 u32 full_splice_array[MUT_SPLICE_ARRAY_SIZE] = {MUT_FLIPBIT, MUT_FLIPBIT, MUT_FLIPBIT, @@ -2456,7 +2457,7 @@ inline u32 afl_mutate(afl_state_t *afl, u8 *buf, u32 len, u32 steps, } char buf[20]; - snprintf(buf, sizeof(buf), "%ld", val); + snprintf(buf, sizeof(buf), "%" PRId64, val); u32 old_len = off2 - off; u32 new_len = strlen(buf); diff --git a/include/config.h b/include/config.h index 7c29a674..df545583 100644 --- a/include/config.h +++ b/include/config.h @@ -60,10 +60,6 @@ * */ -/* if TRANSFORM is enabled with '-l T', this additionally enables base64 - encoding/decoding */ -// #define CMPLOG_SOLVE_TRANSFORM_BASE64 - /* If a redqueen pass finds more than one solution, try to combine them? */ #define CMPLOG_COMBINE @@ -71,10 +67,10 @@ #define CMPLOG_CORPUS_PERCENT 5U /* Number of potential positions from which we decide if cmplog becomes - useless, default 8096 */ + useless, default 12288 */ #define CMPLOG_POSITIONS_MAX (12 * 1024) -/* Maximum allowed fails per CMP value. Default: 128 */ +/* Maximum allowed fails per CMP value. Default: 96 */ #define CMPLOG_FAIL_MAX 96 /* -------------------------------------*/ diff --git a/include/envs.h b/include/envs.h index edfd06e4..0007d5a8 100644 --- a/include/envs.h +++ b/include/envs.h @@ -35,6 +35,7 @@ static char *afl_environment_variables[] = { "AFL_COMPCOV_BINNAME", "AFL_COMPCOV_LEVEL", "AFL_CRASH_EXITCODE", + "AFL_CRASHING_SEEDS_AS_NEW_CRASH", "AFL_CUSTOM_MUTATOR_LIBRARY", "AFL_CUSTOM_MUTATOR_ONLY", "AFL_CUSTOM_INFO_PROGRAM", @@ -189,6 +190,10 @@ static char *afl_environment_variables[] = { "AFL_MAX_DET_EXTRAS", "AFL_NO_X86", // not really an env but we dont want to warn on it "AFL_NOOPT", + "AFL_NYX_AUX_SIZE", + "AFL_NYX_DISABLE_SNAPSHOT_MODE", + "AFL_NYX_LOG", + "AFL_NYX_REUSE_SNAPSHOT", "AFL_PASSTHROUGH", "AFL_PATH", "AFL_PERFORMANCE_FILE", diff --git a/include/forkserver.h b/include/forkserver.h index f5069ce2..5e498c56 100644 --- a/include/forkserver.h +++ b/include/forkserver.h @@ -86,6 +86,8 @@ typedef struct { uint32_t size); bool (*nyx_remove_work_dir)(const char *workdir); + bool (*nyx_config_set_aux_buffer_size)(void *config, + uint32_t aux_buffer_size); } nyx_plugin_handler_t; @@ -197,6 +199,7 @@ typedef struct afl_forkserver { char *nyx_aux_string; bool nyx_use_tmp_workdir; char *nyx_tmp_workdir_path; + s32 nyx_log_fd; #endif } afl_forkserver_t; |