diff options
| -rw-r--r-- | docs/QuickStartGuide.txt | 2 | ||||
| -rw-r--r-- | docs/README | 2 | ||||
| -rw-r--r-- | test-instr.c | 6 |
3 files changed, 7 insertions, 3 deletions
diff --git a/docs/QuickStartGuide.txt b/docs/QuickStartGuide.txt index abe7032f..e94b26ed 100644 --- a/docs/QuickStartGuide.txt +++ b/docs/QuickStartGuide.txt @@ -12,6 +12,8 @@ how to hit the ground running: If testing a network service, modify it to run in the foreground and read from stdin. When fuzzing a format that uses checksums, comment out the checksum verification code, too. + If this is not possible (e.g. in -Q(emu) mode) then use AFL_POST_LIBRARY + to calculate the values with your own library. The program must crash properly when a fault is encountered. Watch out for custom SIGSEGV or SIGABRT handlers and background processes. For tips on diff --git a/docs/README b/docs/README index d1b05b5a..9c81a788 100644 --- a/docs/README +++ b/docs/README @@ -439,7 +439,7 @@ Here are some of the most important caveats for AFL: To work around this, you can comment out the relevant checks (see experimental/libpng_no_checksum/ for inspiration); if this is not possible, you can also write a postprocessor, as explained in - experimental/post_library/. + experimental/post_library/ (with AFL_POST_LIBRARY) - There are some unfortunate trade-offs with ASAN and 64-bit binaries. This isn't due to any specific fault of afl-fuzz; see notes_for_asan.txt for diff --git a/test-instr.c b/test-instr.c index 09a1c9f7..1b978c55 100644 --- a/test-instr.c +++ b/test-instr.c @@ -22,15 +22,17 @@ int main(int argc, char** argv) { char buf[8]; - if (read(0, buf, 8) < 1) { + if (read(0, buf, sizeof(buf)) < 1) { printf("Hum?\n"); exit(1); } if (buf[0] == '0') printf("Looks like a zero to me!\n"); + else if (buf[0] == '1') + printf("Pretty sure that is a one!\n"); else - printf("A non-zero value? How quaint!\n"); + printf("Neither one or zero? How quaint!\n"); exit(0); |