about summary refs log tree commit diff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/afl-fuzz-one.c43
1 files changed, 29 insertions, 14 deletions
diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c
index ec348a95..9d4b366e 100644
--- a/src/afl-fuzz-one.c
+++ b/src/afl-fuzz-one.c
@@ -2081,33 +2081,48 @@ havoc_stage:
      where we take the input file and make random stacked tweaks. */
 
   u32 *mutation_array;
-  u32  stack_max;  // stack_max_pow = afl->havoc_stack_pow2;
+  u32  stack_max, rand_max;  // stack_max_pow = afl->havoc_stack_pow2;
 
-  if (unlikely(afl->text_input || afl->queue_cur->is_ascii)) {  // is text?
+  if (unlikely(afl->expand_havoc && afl->ready_for_splicing_count > 1)) {
 
-    if (likely(afl->fuzz_mode == 0)) {  // is exploration?
+    mutation_array = full_splice_array;
+    rand_max = MUT_SPLICE_ARRAY_SIZE;
 
-      mutation_array = (unsigned int *)&mutation_strategy_exploration_text;
+  } else {
 
-    } else {  // is exploitation!
+    mutation_array = normal_splice_array;
+    rand_max = MUT_NORMAL_ARRAY_SIZE;
 
-      mutation_array = (unsigned int *)&mutation_strategy_exploitation_text;
+  }
 
-    }
+  /*
+    if (unlikely(afl->text_input || afl->queue_cur->is_ascii)) {  // is text?
+
+      if (likely(afl->fuzz_mode == 0)) {  // is exploration?
+
+        mutation_array = (unsigned int *)&mutation_strategy_exploration_text;
+
+      } else {  // is exploitation!
 
-  } else {  // is binary!
+        mutation_array = (unsigned int *)&mutation_strategy_exploitation_text;
 
-    if (likely(afl->fuzz_mode == 0)) {  // is exploration?
+      }
+
+    } else {  // is binary!
 
-      mutation_array = (unsigned int *)&mutation_strategy_exploration_binary;
+      if (likely(afl->fuzz_mode == 0)) {  // is exploration?
 
-    } else {  // is exploitation!
+        mutation_array = (unsigned int *)&mutation_strategy_exploration_binary;
 
-      mutation_array = (unsigned int *)&mutation_strategy_exploitation_binary;
+      } else {  // is exploitation!
+
+        mutation_array = (unsigned int *)&mutation_strategy_exploitation_binary;
+
+      }
 
     }
 
-  }
+  */
 
   /*
   if (temp_len < 64) {
@@ -2180,7 +2195,7 @@ havoc_stage:
 
     retry_havoc_step : {
 
-      u32 r = rand_below(afl, MUT_STRATEGY_ARRAY_SIZE), item;
+      u32 r = rand_below(afl, rand_max), item;
 
       switch (mutation_array[r]) {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-24 18:32:03 +0000