diff options
| author | van Hauser <vh@thc.org> | 2023-06-09 10:29:19 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-06-09 10:29:19 +0300 |
| commit | 31e2c6c2b479507c659e5a433e1dc166f7c92563 (patch) | |
| tree | 772ec1048ed6f5319398a0c4255b603b714ce1aa /src | |
| parent | c28779adc543ffd3c68696867eef0f719ecee9d4 (diff) | |
| parent | 14e25340fb7b9e13357a9059dd1c128a2d7d9d5b (diff) | |
| download | afl++-31e2c6c2b479507c659e5a433e1dc166f7c92563.tar.gz | |
Merge pull request #1764 from AFLplusplus/mncomp
class afl++ mutations
Diffstat (limited to 'src')
| -rw-r--r-- | src/afl-fuzz-one.c | 43 |
1 files changed, 29 insertions, 14 deletions
diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c index af5e57a0..e722f0c6 100644 --- a/src/afl-fuzz-one.c +++ b/src/afl-fuzz-one.c @@ -2083,33 +2083,48 @@ havoc_stage: where we take the input file and make random stacked tweaks. */ u32 *mutation_array; - u32 stack_max; // stack_max_pow = afl->havoc_stack_pow2; + u32 stack_max, rand_max; // stack_max_pow = afl->havoc_stack_pow2; - if (unlikely(afl->text_input || afl->queue_cur->is_ascii)) { // is text? + if (unlikely(afl->expand_havoc && afl->ready_for_splicing_count > 1)) { - if (likely(afl->fuzz_mode == 0)) { // is exploration? + mutation_array = full_splice_array; + rand_max = MUT_SPLICE_ARRAY_SIZE; - mutation_array = (unsigned int *)&mutation_strategy_exploration_text; + } else { - } else { // is exploitation! + mutation_array = normal_splice_array; + rand_max = MUT_NORMAL_ARRAY_SIZE; - mutation_array = (unsigned int *)&mutation_strategy_exploitation_text; + } - } + /* + if (unlikely(afl->text_input || afl->queue_cur->is_ascii)) { // is text? + + if (likely(afl->fuzz_mode == 0)) { // is exploration? + + mutation_array = (unsigned int *)&mutation_strategy_exploration_text; + + } else { // is exploitation! - } else { // is binary! + mutation_array = (unsigned int *)&mutation_strategy_exploitation_text; - if (likely(afl->fuzz_mode == 0)) { // is exploration? + } + + } else { // is binary! - mutation_array = (unsigned int *)&mutation_strategy_exploration_binary; + if (likely(afl->fuzz_mode == 0)) { // is exploration? - } else { // is exploitation! + mutation_array = (unsigned int *)&mutation_strategy_exploration_binary; - mutation_array = (unsigned int *)&mutation_strategy_exploitation_binary; + } else { // is exploitation! + + mutation_array = (unsigned int *)&mutation_strategy_exploitation_binary; + + } } - } + */ /* if (temp_len < 64) { @@ -2182,7 +2197,7 @@ havoc_stage: retry_havoc_step : { - u32 r = rand_below(afl, MUT_STRATEGY_ARRAY_SIZE), item; + u32 r = rand_below(afl, rand_max), item; switch (mutation_array[r]) { |