about summary refs log tree commit diff
path: root/src/afl-fuzz-one.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/afl-fuzz-one.c')
-rw-r--r--src/afl-fuzz-one.c62
1 files changed, 2 insertions, 60 deletions
diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c
index 60db9777..dfb103d7 100644
--- a/src/afl-fuzz-one.c
+++ b/src/afl-fuzz-one.c
@@ -554,8 +554,6 @@ u8 fuzz_one_original(afl_state_t *afl) {
 
   if (unlikely(perf_score == 0)) { goto abandon_entry; }
 
-  if (unlikely(afl->use_radamsa > 1)) { goto radamsa_stage; }
-
   if (afl->shm.cmplog_mode && !afl->queue_cur->fully_colorized) {
 
     if (input_to_state_stage(afl, in_buf, out_buf, len,
@@ -1685,6 +1683,7 @@ custom_mutator_stage:
 
       retry_external_pick:
         /* Pick a random other queue entry for passing to external API */
+
         do {
 
           tid = rand_below(afl, afl->queued_paths);
@@ -1709,7 +1708,7 @@ custom_mutator_stage:
         /* Make sure that the target has a reasonable length. */
 
         while (target && (target->len < 2 || target == afl->queue_cur) &&
-               afl->queued_paths > 1) {
+               afl->queued_paths > 3) {
 
           target = target->next;
           ++afl->splicing_with;
@@ -2426,63 +2425,6 @@ retry_splicing:
 #endif                                                     /* !IGNORE_FINDS */
 
   ret_val = 0;
-  goto radamsa_stage;
-
-radamsa_stage:
-
-  if (likely(!afl->use_radamsa || !afl->radamsa_mutate_ptr)) {
-
-    goto abandon_entry;
-
-  }
-
-  afl->stage_name = "radamsa";
-  afl->stage_short = "radamsa";
-  afl->stage_max = (HAVOC_CYCLES * perf_score / afl->havoc_div / 100)
-                   << afl->use_radamsa;
-
-  if (afl->stage_max < HAVOC_MIN) { afl->stage_max = HAVOC_MIN; }
-
-  orig_hit_cnt = afl->queued_paths + afl->unique_crashes;
-
-  /* Read the additional testcase.
-  We'll reuse in_scratch, as it is free at this point.
-  */
-  u8 *save_buf = ck_maybe_grow(BUF_PARAMS(in_scratch), len);
-  memcpy(save_buf, out_buf, len);
-
-  u32 max_len = len + choose_block_len(afl, HAVOC_BLK_XL);
-  u8 *new_buf = ck_maybe_grow(BUF_PARAMS(out_scratch), max_len);
-  u8 *tmp_buf;
-
-  for (afl->stage_cur = 0; afl->stage_cur < afl->stage_max; ++afl->stage_cur) {
-
-    u32 new_len = afl->radamsa_mutate_ptr(save_buf, len, new_buf, max_len,
-                                          rand_get_seed(afl));
-
-    if (new_len) {
-
-      temp_len = new_len;
-      tmp_buf = new_buf;
-
-    } else {
-
-      tmp_buf = save_buf;  // nope but I dont care
-      temp_len = len;
-
-    }
-
-    if (common_fuzz_stuff(afl, tmp_buf, temp_len)) { goto abandon_entry; }
-
-  }
-
-  new_hit_cnt = afl->queued_paths + afl->unique_crashes;
-
-  afl->stage_finds[STAGE_RADAMSA] += new_hit_cnt - orig_hit_cnt;
-  afl->stage_cycles[STAGE_RADAMSA] += afl->stage_max;
-
-  ret_val = 0;
-  goto abandon_entry;
 
 /* we are through with this queue entry - for this iteration */
 abandon_entry:
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-18 02:05:14 +0000