about summary refs log tree commit diff
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/afl-fuzz.h6
-rw-r--r--include/cmplog.h6
-rw-r--r--include/forkserver.h10
3 files changed, 17 insertions, 5 deletions
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h
index edda81e1..97c1f31c 100644
--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@@ -439,7 +439,6 @@ typedef struct afl_state {
       no_arith,                         /* Skip most arithmetic ops         */
       shuffle_queue,                    /* Shuffle input queue?             */
       bitmap_changed,                   /* Time to update bitmap?           */
-      qemu_mode,                        /* Running in QEMU mode?            */
       unicorn_mode,                     /* Running in Unicorn mode?         */
       use_wine,                         /* Use WINE with QEMU mode          */
       skip_requested,                   /* Skip request, via SIGUSR1        */
@@ -560,7 +559,7 @@ typedef struct afl_state {
   /* CmpLog */
 
   char *cmplog_binary;
-  s32   cmplog_child_pid, cmplog_fsrv_pid;
+  afl_forkserver_t cmplog_fsrv;     /* cmplog has its own little forkserver */
 
   /* Custom mutators */
   struct custom_mutator *mutator;
@@ -878,7 +877,7 @@ void show_init_stats(afl_state_t *);
 
 /* Run */
 
-u8   run_target(afl_state_t *, u32);
+u8   run_target(afl_state_t *, afl_forkserver_t *fsrv, u32);
 void write_to_testcase(afl_state_t *, void *, u32);
 u8   calibrate_case(afl_state_t *, struct queue_entry *, u8 *, u32, u8);
 void sync_fuzzers(afl_state_t *);
@@ -922,7 +921,6 @@ void   save_cmdline(afl_state_t *, u32, char **);
 
 /* CmpLog */
 
-void init_cmplog_forkserver(afl_state_t *afl);
 u8   common_fuzz_cmplog_stuff(afl_state_t *afl, u8 *out_buf, u32 len);
 
 /* RedQueen */
diff --git a/include/cmplog.h b/include/cmplog.h
index 36f8f2c5..4731f779 100644
--- a/include/cmplog.h
+++ b/include/cmplog.h
@@ -29,6 +29,7 @@
 #define _AFL_CMPLOG_H
 
 #include "config.h"
+#include "forkserver.h"
 
 #define CMP_MAP_W 65536
 #define CMP_MAP_H 256
@@ -74,5 +75,10 @@ struct cmp_map {
 
 };
 
+/* Execs the child */
+
+void cmplog_exec_child(afl_forkserver_t *fsrv, char **argv);
+
+
 #endif
 
diff --git a/include/forkserver.h b/include/forkserver.h
index 7470dbbc..24fa3e1b 100644
--- a/include/forkserver.h
+++ b/include/forkserver.h
@@ -66,15 +66,23 @@ typedef struct afl_forkserver {
 
   u32 prev_timed_out;                   /* if prev forkserver run timed out */
 
+  u8 qemu_mode;                         /* if running in qemu mode or not   */
+
+  char *cmplog_binary;                    /* the name of the cmplog binary    */
+
+  /* Function to kick off the forkserver child */
+  void (*init_child_func)(struct afl_forkserver *fsrv, char **argv);
+
   u8 *function_opt;                     /* for autodictionary: afl ptr      */
 
   void (*function_ptr)(void *afl_tmp, u8 *mem, u32 len);
 
+
 } afl_forkserver_t;
 
 void afl_fsrv_init(afl_forkserver_t *fsrv);
 void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
-                    volatile u8 *stop_soon_p);
+                    volatile u8 *stop_soon_p, u8 debug_child_output);
 void afl_fsrv_deinit(afl_forkserver_t *fsrv);
 void afl_fsrv_killall();
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-06-02 04:52:51 +0000