diff options
| -rw-r--r-- | docs/Changelog.md | 2 | ||||
| -rw-r--r-- | docs/env_variables.md | 3 | ||||
| -rw-r--r-- | include/afl-fuzz.h | 2 | ||||
| -rw-r--r-- | include/envs.h | 9 | ||||
| -rw-r--r-- | src/afl-fuzz-run.c | 2 | ||||
| -rw-r--r-- | src/afl-fuzz-state.c | 7 | ||||
| -rw-r--r-- | src/afl-fuzz-stats.c | 6 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 1 |
8 files changed, 23 insertions, 9 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md index ba7eb6a3..1f6a940e 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -10,6 +10,7 @@ three times faster. The reason for this is unknown. - added AFL_DISABLE_REDUNDANT for huge queues - fix AFL_PERSISTENT_RECORD + - added `AFL_NO_SYNC` environment variable that does what you think it does - run custom_post_process after standard trimming - prevent filenames in the queue that have spaces - minor fix for FAST schedules @@ -32,6 +33,7 @@ * afl-showmap - fix memory leak on shmem testcase usage (thanks to @ndrewh) - minor fix to collect coverage -C (thanks to @bet4it) + * libtokencap: script generate_libtoken_dict.sh added by @a-shvedov * enhanced the ASAN configuration diff --git a/docs/env_variables.md b/docs/env_variables.md index b3519107..22e0ce0f 100644 --- a/docs/env_variables.md +++ b/docs/env_variables.md @@ -588,6 +588,9 @@ checks or alter some of the more exotic semantics of the tool: between fuzzing instances synchronization. Default sync time is 30 minutes, note that time is halved for -M main nodes. + - `AFL_NO_SYNC` disables any syncing whatsoever and takes priority on all + other syncing parameters. + - Setting `AFL_TARGET_ENV` causes AFL++ to set extra environment variables for the target binary. Example: `AFL_TARGET_ENV="VAR1=1 VAR2='a b c'" afl-fuzz ... `. This exists mostly for things like `LD_LIBRARY_PATH` but it would diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index 74b04fdb..65304d19 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -457,7 +457,7 @@ typedef struct afl_env_vars { afl_no_startup_calibration, afl_no_warn_instability, afl_post_process_keep_original, afl_crashing_seeds_as_new_crash, afl_final_sync, afl_ignore_seed_problems, afl_disable_redundant, - afl_sha1_filenames; + afl_sha1_filenames, afl_no_sync; u8 *afl_tmpdir, *afl_custom_mutator_library, *afl_python_module, *afl_path, *afl_hang_tmout, *afl_forksrv_init_tmout, *afl_preload, diff --git a/include/envs.h b/include/envs.h index 5b516905..45b080cb 100644 --- a/include/envs.h +++ b/include/envs.h @@ -81,14 +81,13 @@ static char *afl_environment_variables[] = { "AFL_LLVM_MAP_DYNAMIC", "AFL_LLVM_NGRAM_SIZE", "AFL_NGRAM_SIZE", "AFL_LLVM_NO_RPATH", "AFL_LLVM_NOT_ZERO", "AFL_LLVM_INSTRUMENT_FILE", "AFL_LLVM_THREADSAFE_INST", "AFL_LLVM_SKIP_NEVERZERO", "AFL_NO_AFFINITY", - "AFL_TRY_AFFINITY", "AFL_LLVM_LTO_DONTWRITEID", - "AFL_LLVM_LTO_SKIPINIT" - "AFL_LLVM_LTO_STARTID", - "AFL_FUZZER_LOOPCOUNT", "AFL_NO_ARITH", "AFL_NO_AUTODICT", "AFL_NO_BUILTIN", + "AFL_TRY_AFFINITY", "AFL_LLVM_LTO_DONTWRITEID", "AFL_LLVM_LTO_SKIPINIT", + "AFL_LLVM_LTO_STARTID", "AFL_FUZZER_LOOPCOUNT", "AFL_NO_ARITH", + "AFL_NO_AUTODICT", "AFL_NO_BUILTIN", #if defined USE_COLOR && !defined ALWAYS_COLORED "AFL_NO_COLOR", "AFL_NO_COLOUR", #endif - "AFL_NO_CPU_RED", + "AFL_NO_CPU_RED", "AFL_NO_SYNC", "AFL_NO_CFG_FUZZING", // afl.rs rust crate option "AFL_NO_CRASH_README", "AFL_NO_FORKSRV", "AFL_NO_UI", "AFL_NO_PYTHON", "AFL_NO_STARTUP_CALIBRATION", "AFL_NO_WARN_INSTABILITY", diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c index 4e2cceff..6a0da6ab 100644 --- a/src/afl-fuzz-run.c +++ b/src/afl-fuzz-run.c @@ -666,6 +666,8 @@ abort_calibration: void sync_fuzzers(afl_state_t *afl) { + if (unlikely(afl->afl_env.afl_no_sync)) { return; } + DIR *sd; struct dirent *sd_ent; u32 sync_cnt = 0, synced = 0, entries = 0; diff --git a/src/afl-fuzz-state.c b/src/afl-fuzz-state.c index 333d57b2..a1c1e30c 100644 --- a/src/afl-fuzz-state.c +++ b/src/afl-fuzz-state.c @@ -279,6 +279,13 @@ void read_afl_environment(afl_state_t *afl, char **envp) { afl->afl_env.afl_final_sync = get_afl_env(afl_environment_variables[i]) ? 1 : 0; + } else if (!strncmp(env, "AFL_NO_SYNC", + + afl_environment_variable_len)) { + + afl->afl_env.afl_no_sync = + get_afl_env(afl_environment_variables[i]) ? 1 : 0; + } else if (!strncmp(env, "AFL_CUSTOM_MUTATOR_ONLY", afl_environment_variable_len)) { diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index eafeebba..609b11e4 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -2487,7 +2487,7 @@ void show_init_stats(afl_state_t *afl) { } -void update_calibration_time(afl_state_t *afl, u64 *time) { +inline void update_calibration_time(afl_state_t *afl, u64 *time) { u64 cur = get_cur_time_us(); afl->calibration_time_us += cur - *time; @@ -2495,7 +2495,7 @@ void update_calibration_time(afl_state_t *afl, u64 *time) { } -void update_trim_time(afl_state_t *afl, u64 *time) { +inline void update_trim_time(afl_state_t *afl, u64 *time) { u64 cur = get_cur_time_us(); afl->trim_time_us += cur - *time; @@ -2503,7 +2503,7 @@ void update_trim_time(afl_state_t *afl, u64 *time) { } -void update_sync_time(afl_state_t *afl, u64 *time) { +inline void update_sync_time(afl_state_t *afl, u64 *time) { u64 cur = get_cur_time_us(); afl->sync_time_us += cur - *time; diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 70ab983c..0f6216c4 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -335,6 +335,7 @@ static void usage(u8 *argv0, int more_help) { "AFL_STATSD_PORT: change default statsd port (default: 8125)\n" "AFL_STATSD_TAGS_FLAVOR: set statsd tags format (default: disable tags)\n" " suported formats: dogstatsd, librato, signalfx, influxdb\n" + "AFL_NO_SYNC: disables all syncing\n" "AFL_SYNC_TIME: sync time between fuzzing instances (in minutes)\n" "AFL_FINAL_SYNC: sync a final time when exiting (will delay the exit!)\n" "AFL_NO_CRASH_README: do not create a README in the crashes directory\n" |