about summary refs log tree commit diff
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/afl-fuzz.h11
-rw-r--r--include/config.h34
-rw-r--r--include/envs.h136
3 files changed, 150 insertions, 31 deletions
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h
index ca785e47..adab8155 100644
--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@@ -139,8 +139,7 @@ struct queue_entry {
       var_behavior,                     /* Variable behavior?               */
       favored,                          /* Currently favored?               */
       fs_redundant,                     /* Marked as redundant in the fs?   */
-      fully_colorized,                  /* Do not run redqueen stage again  */
-      is_ascii;                         /* Is the input just ascii text?    */
+      fully_colorized;                  /* Do not run redqueen stage again  */
 
   u32 bitmap_size,                      /* Number of bits set in bitmap     */
       fuzz_level;                       /* Number of fuzzing iterations     */
@@ -547,6 +546,10 @@ typedef struct afl_state {
       *queue_top,                       /* Top of the list                  */
       *q_prev100;                       /* Previous 100 marker              */
 
+  // growing buf
+  struct queue_entry **queue_buf;
+  size_t queue_size;
+
   struct queue_entry **top_rated;           /* Top entries for bitmap bytes */
 
   struct extra_data *extras;            /* Extra tokens to fuzz with        */
@@ -948,7 +951,7 @@ u8 input_to_state_stage(afl_state_t *afl, u8 *orig_buf, u8 *buf, u32 len,
                         u64 exec_cksum);
 
 /* xoshiro256** */
-uint32_t rand_next(afl_state_t *afl);
+uint64_t rand_next(afl_state_t *afl);
 
 /**** Inline routines ****/
 
@@ -968,7 +971,7 @@ static inline u32 rand_below(afl_state_t *afl, u32 limit) {
 
   }
 
-  return (rand_next(afl) % limit);
+  return rand_next(afl) % limit;
 
 }
 
diff --git a/include/config.h b/include/config.h
index 09405a22..4503c3e9 100644
--- a/include/config.h
+++ b/include/config.h
@@ -28,7 +28,7 @@
 /* Version string: */
 
 // c = release, d = volatile github dev, e = experimental branch
-#define VERSION "++2.65d"
+#define VERSION "++2.66d"
 
 /******************************************************
  *                                                    *
@@ -234,7 +234,7 @@
 
 /* Sync interval (every n havoc cycles): */
 
-#define SYNC_INTERVAL 5
+#define SYNC_INTERVAL 8
 
 /* Output directory reuse grace period (minutes): */
 
@@ -293,7 +293,7 @@
 
 /* Call count interval between reseeding the libc PRNG from /dev/urandom: */
 
-#define RESEED_RNG 256000
+#define RESEED_RNG 100000
 
 /* Maximum line length passed from GCC to 'as' and used for parsing
    configuration files: */
@@ -380,6 +380,10 @@
 
 #define CMPLOG_SHM_ENV_VAR "__AFL_CMPLOG_SHM_ID"
 
+/* CPU Affinity lockfile env var */
+
+#define CPU_AFFINITY_ENV_VAR "__AFL_LOCKFILE"
+
 /* Uncomment this to use inferior block-coverage-based instrumentation. Note
    that you need to recompile the target binary for this to have any effect: */
 
@@ -397,29 +401,5 @@
 
 // #define IGNORE_FINDS
 
-/* Text mutations */
-
-/* What is the minimum length of a queue input to be evaluated for "is_ascii"?
- */
-
-#define AFL_TXT_MIN_LEN 12
-
-/* What is the minimum percentage of ascii characters present to be classifed
-   as "is_ascii"? */
-
-#define AFL_TXT_MIN_PERCENT 95
-
-/* How often to perform ASCII mutations 0 = disable, 1-8 are good values */
-
-#define AFL_TXT_BIAS 8
-
-/* Maximum length of a string to tamper with */
-
-#define AFL_TXT_STRING_MAX_LEN 1024
-
-/* Maximum mutations on a string */
-
-#define AFL_TXT_STRING_MAX_MUTATIONS 6
-
 #endif                                                  /* ! _HAVE_CONFIG_H */
 
diff --git a/include/envs.h b/include/envs.h
index 0651f9da..86222418 100644
--- a/include/envs.h
+++ b/include/envs.h
@@ -1,3 +1,139 @@
+#ifndef _ENVS_H
+
+#define _ENVS_H
+
+static char *afl_environment_deprecated[] = {
+
+    "AFL_LLVM_WHITELIST",
+    "AFL_GCC_WHITELIST",
+    "AFL_DEFER_FORKSRV",
+    "AFL_POST_LIBRARY",
+    "AFL_PERSISTENT",
+    NULL
+
+};
+
+static char *afl_environment_variables[] = {
+
+    "AFL_ALIGNED_ALLOC",
+    "AFL_ALLOW_TMP",
+    "AFL_ANALYZE_HEX",
+    "AFL_AS",
+    "AFL_AUTORESUME",
+    "AFL_AS_FORCE_INSTRUMENT",
+    "AFL_BENCH_JUST_ONE",
+    "AFL_BENCH_UNTIL_CRASH",
+    "AFL_CAL_FAST",
+    "AFL_CC",
+    "AFL_CMIN_ALLOW_ANY",
+    "AFL_CMIN_CRASHES_ONLY",
+    "AFL_CODE_END",
+    "AFL_CODE_START",
+    "AFL_COMPCOV_BINNAME",
+    "AFL_COMPCOV_LEVEL",
+    "AFL_CUSTOM_MUTATOR_LIBRARY",
+    "AFL_CUSTOM_MUTATOR_ONLY",
+    "AFL_CXX",
+    "AFL_DEBUG",
+    "AFL_DEBUG_CHILD_OUTPUT",
+    "AFL_DEBUG_GDB",
+    "AFL_DISABLE_TRIM",
+    "AFL_DONT_OPTIMIZE",
+    "AFL_DUMB_FORKSRV",
+    "AFL_ENTRYPOINT",
+    "AFL_EXIT_WHEN_DONE",
+    "AFL_FAST_CAL",
+    "AFL_FORCE_UI",
+    "AFL_GCC_INSTRUMENT_FILE",
+    "AFL_GCJ",
+    "AFL_HANG_TMOUT",
+    "AFL_HARDEN",
+    "AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES",
+    "AFL_IMPORT_FIRST",
+    "AFL_INST_LIBS",
+    "AFL_INST_RATIO",
+    "AFL_KEEP_TRACES",
+    "AFL_KEEP_ASSEMBLY",
+    "AFL_LD_HARD_FAIL",
+    "AFL_LD_LIMIT_MB",
+    "AFL_LD_NO_CALLOC_OVER",
+    "AFL_LD_PASSTHROUGH",
+    "AFL_REAL_LD",
+    "AFL_LD_PRELOAD",
+    "AFL_LD_VERBOSE",
+    "AFL_LLVM_CMPLOG",
+    "AFL_LLVM_INSTRIM",
+    "AFL_LLVM_CTX",
+    "AFL_LLVM_INSTRUMENT",
+    "AFL_LLVM_INSTRIM_LOOPHEAD",
+    "AFL_LLVM_LTO_AUTODICTIONARY",
+    "AFL_LLVM_AUTODICTIONARY",
+    "AFL_LLVM_SKIPSINGLEBLOCK",
+    "AFL_LLVM_INSTRIM_SKIPSINGLEBLOCK",
+    "AFL_LLVM_LAF_SPLIT_COMPARES",
+    "AFL_LLVM_LAF_SPLIT_COMPARES_BITW",
+    "AFL_LLVM_LAF_SPLIT_FLOATS",
+    "AFL_LLVM_LAF_SPLIT_SWITCHES",
+    "AFL_LLVM_LAF_ALL",
+    "AFL_LLVM_LAF_TRANSFORM_COMPARES",
+    "AFL_LLVM_MAP_ADDR",
+    "AFL_LLVM_MAP_DYNAMIC",
+    "AFL_LLVM_NGRAM_SIZE",
+    "AFL_NGRAM_SIZE",
+    "AFL_LLVM_NOT_ZERO",
+    "AFL_LLVM_INSTRUMENT_FILE",
+    "AFL_LLVM_SKIP_NEVERZERO",
+    "AFL_NO_AFFINITY",
+    "AFL_LLVM_LTO_STARTID",
+    "AFL_LLVM_LTO_DONTWRITEID",
+    "AFL_NO_ARITH",
+    "AFL_NO_BUILTIN",
+    "AFL_NO_CPU_RED",
+    "AFL_NO_FORKSRV",
+    "AFL_NO_UI",
+    "AFL_NO_PYTHON",
+    "AFL_UNTRACER_FILE",
+    "AFL_LLVM_USE_TRACE_PC",
+    "AFL_NO_X86",  // not really an env but we dont want to warn on it
+    "AFL_MAP_SIZE",
+    "AFL_MAPSIZE",
+    "AFL_PATH",
+    "AFL_PERFORMANCE_FILE",
+    "AFL_PRELOAD",
+    "AFL_PYTHON_MODULE",
+    "AFL_QEMU_COMPCOV",
+    "AFL_QEMU_COMPCOV_DEBUG",
+    "AFL_QEMU_DEBUG_MAPS",
+    "AFL_QEMU_DISABLE_CACHE",
+    "AFL_QEMU_PERSISTENT_ADDR",
+    "AFL_QEMU_PERSISTENT_CNT",
+    "AFL_QEMU_PERSISTENT_GPR",
+    "AFL_QEMU_PERSISTENT_HOOK",
+    "AFL_QEMU_PERSISTENT_RET",
+    "AFL_QEMU_PERSISTENT_RETADDR_OFFSET",
+    "AFL_QUIET",
+    "AFL_RANDOM_ALLOC_CANARY",
+    "AFL_REAL_PATH",
+    "AFL_SHUFFLE_QUEUE",
+    "AFL_SKIP_BIN_CHECK",
+    "AFL_SKIP_CPUFREQ",
+    "AFL_SKIP_CRASHES",
+    "AFL_TMIN_EXACT",
+    "AFL_TMPDIR",
+    "AFL_TOKEN_FILE",
+    "AFL_TRACE_PC",
+    "AFL_USE_ASAN",
+    "AFL_USE_MSAN",
+    "AFL_USE_TRACE_PC",
+    "AFL_USE_UBSAN",
+    "AFL_USE_CFISAN",
+    "AFL_WINE_PATH",
+    "AFL_NO_SNAPSHOT",
+    NULL
+
+};
 
 extern char *afl_environment_variables[];
 
+#endif
+
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-20 19:37:32 +0000