diff options
| author | van Hauser <vh@thc.org> | 2020-08-09 00:35:12 +0200 |
|---|---|---|
| committer | van Hauser <vh@thc.org> | 2020-08-09 00:35:12 +0200 |
| commit | e4a0237cbc745552a5b21a2450d7ab55ee98759d (patch) | |
| tree | 4a744f0705ab405dd86017b791a510f1dde22a1e /src/afl-fuzz-run.c | |
| parent | d8f5502d83ec530bcc1ad15b2d23b2660cd6ce58 (diff) | |
| download | afl++-e4a0237cbc745552a5b21a2450d7ab55ee98759d.tar.gz | |
step 1
Diffstat (limited to 'src/afl-fuzz-run.c')
| -rw-r--r-- | src/afl-fuzz-run.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c index 8d652155..207b3046 100644 --- a/src/afl-fuzz-run.c +++ b/src/afl-fuzz-run.c @@ -471,6 +471,19 @@ abort_calibration: afl->stage_cur = old_sc; afl->stage_max = old_sm; + /* if taint mode was selected, run the taint */ + + if (afl->fsrv.taint_mode) { + write_to_testcase(afl, use_mem, q->len); + if (afl_fsrv_run_target(&afl->taint_fsrv, use_tmout, &afl->stop_soon) == 0) { + u32 len = q->len / 8; + if (q->len % 8) len++; + u32 bits = count_bits_len(afl, afl->taint_fsrv.trace_bits, len); + if (afl->debug) fprintf(stderr, "Debug: tainted bytes: %u\n", bits); + + } + } + if (!first_run) { show_stats(afl); } return fault; |