diff options
| author | vanhauser-thc <vh@thc.org> | 2023-06-06 16:55:32 +0200 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2023-06-06 16:55:32 +0200 |
| commit | 14e25340fb7b9e13357a9059dd1c128a2d7d9d5b (patch) | |
| tree | 978dcf42becc20c65a936c238e8b7abf2a71341e /src | |
| parent | 4deb45f3b3e9f53880596d21432069b05553bcb3 (diff) | |
| download | afl++-14e25340fb7b9e13357a9059dd1c128a2d7d9d5b.tar.gz | |
comparison
Diffstat (limited to 'src')
| -rw-r--r-- | src/afl-fuzz-one.c | 43 |
1 files changed, 29 insertions, 14 deletions
diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c index ec348a95..9d4b366e 100644 --- a/src/afl-fuzz-one.c +++ b/src/afl-fuzz-one.c @@ -2081,33 +2081,48 @@ havoc_stage: where we take the input file and make random stacked tweaks. */ u32 *mutation_array; - u32 stack_max; // stack_max_pow = afl->havoc_stack_pow2; + u32 stack_max, rand_max; // stack_max_pow = afl->havoc_stack_pow2; - if (unlikely(afl->text_input || afl->queue_cur->is_ascii)) { // is text? + if (unlikely(afl->expand_havoc && afl->ready_for_splicing_count > 1)) { - if (likely(afl->fuzz_mode == 0)) { // is exploration? + mutation_array = full_splice_array; + rand_max = MUT_SPLICE_ARRAY_SIZE; - mutation_array = (unsigned int *)&mutation_strategy_exploration_text; + } else { - } else { // is exploitation! + mutation_array = normal_splice_array; + rand_max = MUT_NORMAL_ARRAY_SIZE; - mutation_array = (unsigned int *)&mutation_strategy_exploitation_text; + } - } + /* + if (unlikely(afl->text_input || afl->queue_cur->is_ascii)) { // is text? + + if (likely(afl->fuzz_mode == 0)) { // is exploration? + + mutation_array = (unsigned int *)&mutation_strategy_exploration_text; + + } else { // is exploitation! - } else { // is binary! + mutation_array = (unsigned int *)&mutation_strategy_exploitation_text; - if (likely(afl->fuzz_mode == 0)) { // is exploration? + } + + } else { // is binary! - mutation_array = (unsigned int *)&mutation_strategy_exploration_binary; + if (likely(afl->fuzz_mode == 0)) { // is exploration? - } else { // is exploitation! + mutation_array = (unsigned int *)&mutation_strategy_exploration_binary; - mutation_array = (unsigned int *)&mutation_strategy_exploitation_binary; + } else { // is exploitation! + + mutation_array = (unsigned int *)&mutation_strategy_exploitation_binary; + + } } - } + */ /* if (temp_len < 64) { @@ -2180,7 +2195,7 @@ havoc_stage: retry_havoc_step : { - u32 r = rand_below(afl, MUT_STRATEGY_ARRAY_SIZE), item; + u32 r = rand_below(afl, rand_max), item; switch (mutation_array[r]) { |