diff options
| author | van Hauser <vh@thc.org> | 2020-03-23 18:19:20 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-03-23 18:19:20 +0100 |
| commit | 82432195a8e46f67394b528fbfe8749903c7f064 (patch) | |
| tree | 1289a776f96b7af6fed7b1c61509368de14aeb46 /src/afl-fuzz-extras.c | |
| parent | 0e1d82dd9f5cfe48b294e876924acea2f5094f01 (diff) | |
| parent | 77b81e7361f7286cc3e0174b87ae5facb9f1290d (diff) | |
| download | afl++-82432195a8e46f67394b528fbfe8749903c7f064.tar.gz | |
Merge pull request #266 from AFLplusplus/dev
Diffstat (limited to 'src/afl-fuzz-extras.c')
| -rw-r--r-- | src/afl-fuzz-extras.c | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/src/afl-fuzz-extras.c b/src/afl-fuzz-extras.c index ff4c0ae2..4dd1647c 100644 --- a/src/afl-fuzz-extras.c +++ b/src/afl-fuzz-extras.c @@ -55,6 +55,8 @@ void load_extras_file(afl_state_t *afl, u8 *fname, u32 *min_len, u32 *max_len, u8 * lptr; u32 cur_line = 0; + u8 val_bufs[2][STRINGIFY_VAL_SIZE_MAX]; + f = fopen(fname, "r"); if (!f) PFATAL("Unable to open '%s'", fname); @@ -170,8 +172,10 @@ void load_extras_file(afl_state_t *afl, u8 *fname, u32 *min_len, u32 *max_len, afl->extras[afl->extras_cnt].len = klen; if (afl->extras[afl->extras_cnt].len > MAX_DICT_FILE) - FATAL("Keyword too big in line %u (%s, limit is %s)", cur_line, DMS(klen), - DMS(MAX_DICT_FILE)); + FATAL( + "Keyword too big in line %u (%s, limit is %s)", cur_line, + stringify_mem_size(val_bufs[0], sizeof(val_bufs[0]), klen), + stringify_mem_size(val_bufs[1], sizeof(val_bufs[1]), MAX_DICT_FILE)); if (*min_len > klen) *min_len = klen; if (*max_len < klen) *max_len = klen; @@ -193,6 +197,8 @@ void load_extras(afl_state_t *afl, u8 *dir) { u32 min_len = MAX_DICT_FILE, max_len = 0, dict_level = 0; u8 * x; + u8 val_bufs[2][STRINGIFY_VAL_SIZE_MAX]; + /* If the name ends with @, extract level and continue. */ if ((x = strchr(dir, '@'))) { @@ -238,8 +244,10 @@ void load_extras(afl_state_t *afl, u8 *dir) { } if (st.st_size > MAX_DICT_FILE) - FATAL("Extra '%s' is too big (%s, limit is %s)", fn, DMS(st.st_size), - DMS(MAX_DICT_FILE)); + FATAL( + "Extra '%s' is too big (%s, limit is %s)", fn, + stringify_mem_size(val_bufs[0], sizeof(val_bufs[0]), st.st_size), + stringify_mem_size(val_bufs[1], sizeof(val_bufs[1]), MAX_DICT_FILE)); if (min_len > st.st_size) min_len = st.st_size; if (max_len < st.st_size) max_len = st.st_size; @@ -273,11 +281,12 @@ check_and_sort: compare_extras_len); OKF("Loaded %u extra tokens, size range %s to %s.", afl->extras_cnt, - DMS(min_len), DMS(max_len)); + stringify_mem_size(val_bufs[0], sizeof(val_bufs[0]), min_len), + stringify_mem_size(val_bufs[1], sizeof(val_bufs[1]), max_len)); if (max_len > 32) WARNF("Some tokens are relatively large (%s) - consider trimming.", - DMS(max_len)); + stringify_mem_size(val_bufs[0], sizeof(val_bufs[0]), max_len)); if (afl->extras_cnt > MAX_DET_EXTRAS) WARNF("More than %d tokens - will use them probabilistically.", @@ -378,7 +387,7 @@ void maybe_add_auto(afl_state_t *afl, u8 *mem, u32 len) { } else { - i = MAX_AUTO_EXTRAS / 2 + UR(afl, (MAX_AUTO_EXTRAS + 1) / 2); + i = MAX_AUTO_EXTRAS / 2 + rand_below(afl, (MAX_AUTO_EXTRAS + 1) / 2); ck_free(afl->a_extras[i].data); |