diff options
| author | vanhauser-thc <vh@thc.org> | 2022-02-05 10:36:37 +0100 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2022-02-05 10:36:37 +0100 |
| commit | fa3c0d8a3756c1d80356690796877d94959f305c (patch) | |
| tree | a8e269f7da6bd6505fb0a55b07d2c77cb4ee39ed /src | |
| parent | d5b9cd4b73253c2fbbc7da88015ae0eac303eb32 (diff) | |
| download | afl++-fa3c0d8a3756c1d80356690796877d94959f305c.tar.gz | |
change -y to -g/-G and add env var alternatives
Diffstat (limited to 'src')
| -rw-r--r-- | src/afl-fuzz-state.c | 14 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 43 |
2 files changed, 28 insertions, 29 deletions
diff --git a/src/afl-fuzz-state.c b/src/afl-fuzz-state.c index 24bd28dd..115e62de 100644 --- a/src/afl-fuzz-state.c +++ b/src/afl-fuzz-state.c @@ -482,6 +482,20 @@ void read_afl_environment(afl_state_t *afl, char **envp) { afl->afl_env.afl_target_env = (u8 *)get_afl_env(afl_environment_variables[i]); + } else if (!strncmp(env, "AFL_INPUT_LEN_MIN", + + afl_environment_variable_len)) { + + afl->min_length = atoi( + (u8 *)get_afl_env(afl_environment_variables[i])); + + } else if (!strncmp(env, "AFL_INPUT_LEN_MAX", + + afl_environment_variable_len)) { + + afl->max_length = atoi( + (u8 *)get_afl_env(afl_environment_variables[i])); + } } else { diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 6ca9be33..ffa991ae 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -155,9 +155,9 @@ static void usage(u8 *argv0, int more_help) { "\n" "Mutator settings:\n" - " -y [min-]max - set minimum and maximum length of generated fuzzing " - "input.\n" - " default: 1-%lu\n" + " -g minlength - set min length of generated fuzz input (default: 1)\n" + " -G minlength - set max length of generated fuzz input (default: " + "%lu)\n" " -D - enable deterministic fuzzing (once per queue entry)\n" " -L minutes - use MOpt(imize) mode and set the time limit for " "entering the\n" @@ -256,6 +256,7 @@ static void usage(u8 *argv0, int more_help) { "AFL_IGNORE_UNKNOWN_ENVS: don't warn on unknown env vars\n" "AFL_IGNORE_PROBLEMS: do not abort fuzzing if an incorrect setup is detected during a run\n" "AFL_IMPORT_FIRST: sync and import test cases from other fuzzer instances first\n" + "AFL_INPUT_LEN_MIN/AFL_INPUT_LEN_MAX: like -g/-G set min/max fuzz length produced\n" "AFL_KILL_SIGNAL: Signal ID delivered to child processes on timeout, etc. (default: SIGKILL)\n" "AFL_MAP_SIZE: the shared memory size for that target. must be >= the size\n" " the target was compiled for\n" @@ -530,37 +531,21 @@ int main(int argc, char **argv_orig, char **envp) { afl->shmem_testcase_mode = 1; // we always try to perform shmem fuzzing - while ((opt = getopt( - argc, argv, - "+Ab:B:c:CdDe:E:hi:I:f:F:l:L:m:M:nNOo:p:RQs:S:t:T:UV:WXx:Yy:Z")) > - 0) { + while ( + (opt = getopt( + argc, argv, + "+Ab:B:c:CdDe:E:hi:I:f:F:g:G:l:L:m:M:nNOo:p:RQs:S:t:T:UV:WXx:YZ")) > + 0) { switch (opt) { - case 'y': { - - u8 *sep; - if (!(sep = strchr(optarg, '-')) && !(sep = strchr(optarg, ':'))) { - - afl->max_length = atoi(optarg); - - } else { - - afl->min_length = atoi(optarg); - afl->max_length = atoi(sep + 1); - - } - - if (afl->min_length < 1 || afl->max_length > MAX_FILE || - afl->min_length > afl->max_length) { - - FATAL("Illegal min/max length values: %s", optarg); - - } - + case 'g': + afl->min_length = atoi(optarg); break; - } + case 'G': + afl->max_length = atoi(optarg); + break; case 'Z': afl->old_seed_selection = 1; |