5 files changed, 25 insertions, 18 deletions

diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h
index 27668da0..ef84a18c 100644
--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@@ -1,3 +1,4 @@
+
 /*
    american fuzzy lop++ - fuzzer header
    ------------------------------------
@@ -401,7 +402,7 @@ typedef struct afl_env_vars {
       afl_exit_on_seed_issues, afl_try_affinity, afl_ignore_problems,
       afl_keep_timeouts, afl_no_crash_readme, afl_ignore_timeouts,
       afl_no_startup_calibration, afl_no_warn_instability,
-      afl_post_process_keep_original;
+      afl_post_process_keep_original, afl_crashing_seeds_as_new_crash;
 
   u8 *afl_tmpdir, *afl_custom_mutator_library, *afl_python_module, *afl_path,
       *afl_hang_tmout, *afl_forksrv_init_tmout, *afl_preload,
@@ -674,7 +675,8 @@ typedef struct afl_state {
   u32 cmplog_max_filesize;
   u32 cmplog_lvl;
   u32 colorize_success;
-  u8  cmplog_enable_arith, cmplog_enable_transform, cmplog_random_colorization;
+  u8  cmplog_enable_arith, cmplog_enable_transform,
+      cmplog_enable_xtreme_transform, cmplog_random_colorization;
 
   struct afl_pass_stat *pass_stats;
   struct cmp_map       *orig_cmp_map;
diff --git a/include/afl-mutations.h b/include/afl-mutations.h
index 0a9bbbf4..98ba6fcf 100644
--- a/include/afl-mutations.h
+++ b/include/afl-mutations.h
@@ -25,13 +25,14 @@
      u32 max_len - the maximum size the mutated buffer may grow to
 */
 
-#ifndef _ANDROID_ASHMEM_H
-  #define AFL_MUTATIONS_H
+#ifndef AFL_MUTATIONS_H
+#define AFL_MUTATIONS_H
 
-  #include <stdbool.h>
-  #include "afl-fuzz.h"
+#include <stdbool.h>
+#include <inttypes.h>
+#include "afl-fuzz.h"
 
-  #define MUT_STRATEGY_ARRAY_SIZE 256
+#define MUT_STRATEGY_ARRAY_SIZE 256
 
 enum {
 
@@ -77,7 +78,7 @@ enum {
 
 };
 
-  #define MUT_TXT_ARRAY_SIZE 200
+#define MUT_TXT_ARRAY_SIZE 200
 u32 text_array[MUT_TXT_ARRAY_SIZE] = {MUT_FLIPBIT,
                                       MUT_FLIPBIT,
                                       MUT_FLIPBIT,
@@ -279,7 +280,7 @@ u32 text_array[MUT_TXT_ARRAY_SIZE] = {MUT_FLIPBIT,
                                       MUT_SPLICE_INSERT,
                                       MUT_SPLICE_INSERT};
 
-  #define MUT_BIN_ARRAY_SIZE 256
+#define MUT_BIN_ARRAY_SIZE 256
 u32 binary_array[MUT_BIN_ARRAY_SIZE] = {MUT_FLIPBIT,
                                         MUT_FLIPBIT,
                                         MUT_FLIPBIT,
@@ -537,7 +538,7 @@ u32 binary_array[MUT_BIN_ARRAY_SIZE] = {MUT_FLIPBIT,
                                         MUT_SPLICE_INSERT,
                                         MUT_SPLICE_INSERT};
 
-  #define MUT_NORMAL_ARRAY_SIZE 77
+#define MUT_NORMAL_ARRAY_SIZE 77
 u32 normal_splice_array[MUT_NORMAL_ARRAY_SIZE] = {MUT_FLIPBIT,
                                                   MUT_FLIPBIT,
                                                   MUT_FLIPBIT,
@@ -616,7 +617,7 @@ u32 normal_splice_array[MUT_NORMAL_ARRAY_SIZE] = {MUT_FLIPBIT,
                                                   MUT_SPLICE_INSERT,
                                                   MUT_SPLICE_INSERT};
 
-  #define MUT_SPLICE_ARRAY_SIZE 81
+#define MUT_SPLICE_ARRAY_SIZE 81
 u32 full_splice_array[MUT_SPLICE_ARRAY_SIZE] = {MUT_FLIPBIT,
                                                 MUT_FLIPBIT,
                                                 MUT_FLIPBIT,
@@ -2456,7 +2457,7 @@ inline u32 afl_mutate(afl_state_t *afl, u8 *buf, u32 len, u32 steps,
         }
 
         char buf[20];
-        snprintf(buf, sizeof(buf), "%ld", val);
+        snprintf(buf, sizeof(buf), "%" PRId64, val);
         u32 old_len = off2 - off;
         u32 new_len = strlen(buf);
 
diff --git a/include/config.h b/include/config.h
index 7c29a674..df545583 100644
--- a/include/config.h
+++ b/include/config.h
@@ -60,10 +60,6 @@
  *
  */
 
-/* if TRANSFORM is enabled with '-l T', this additionally enables base64
-   encoding/decoding */
-// #define CMPLOG_SOLVE_TRANSFORM_BASE64
-
 /* If a redqueen pass finds more than one solution, try to combine them? */
 #define CMPLOG_COMBINE
 
@@ -71,10 +67,10 @@
 #define CMPLOG_CORPUS_PERCENT 5U
 
 /* Number of potential positions from which we decide if cmplog becomes
-   useless, default 8096 */
+   useless, default 12288 */
 #define CMPLOG_POSITIONS_MAX (12 * 1024)
 
-/* Maximum allowed fails per CMP value. Default: 128 */
+/* Maximum allowed fails per CMP value. Default: 96 */
 #define CMPLOG_FAIL_MAX 96
 
 /* -------------------------------------*/
diff --git a/include/envs.h b/include/envs.h
index edfd06e4..0007d5a8 100644
--- a/include/envs.h
+++ b/include/envs.h
@@ -35,6 +35,7 @@ static char *afl_environment_variables[] = {
     "AFL_COMPCOV_BINNAME",
     "AFL_COMPCOV_LEVEL",
     "AFL_CRASH_EXITCODE",
+    "AFL_CRASHING_SEEDS_AS_NEW_CRASH",
     "AFL_CUSTOM_MUTATOR_LIBRARY",
     "AFL_CUSTOM_MUTATOR_ONLY",
     "AFL_CUSTOM_INFO_PROGRAM",
@@ -189,6 +190,10 @@ static char *afl_environment_variables[] = {
     "AFL_MAX_DET_EXTRAS",
     "AFL_NO_X86",  // not really an env but we dont want to warn on it
     "AFL_NOOPT",
+    "AFL_NYX_AUX_SIZE",
+    "AFL_NYX_DISABLE_SNAPSHOT_MODE",
+    "AFL_NYX_LOG",
+    "AFL_NYX_REUSE_SNAPSHOT",
     "AFL_PASSTHROUGH",
     "AFL_PATH",
     "AFL_PERFORMANCE_FILE",
diff --git a/include/forkserver.h b/include/forkserver.h
index f5069ce2..5e498c56 100644
--- a/include/forkserver.h
+++ b/include/forkserver.h
@@ -86,6 +86,8 @@ typedef struct {
                                  uint32_t size);
 
   bool (*nyx_remove_work_dir)(const char *workdir);
+  bool (*nyx_config_set_aux_buffer_size)(void    *config,
+                                         uint32_t aux_buffer_size);
 
 } nyx_plugin_handler_t;
 
@@ -197,6 +199,7 @@ typedef struct afl_forkserver {
   char                 *nyx_aux_string;
   bool                  nyx_use_tmp_workdir;
   char                 *nyx_tmp_workdir_path;
+  s32                   nyx_log_fd;
 #endif
 
 } afl_forkserver_t;