1 files changed, 43 insertions, 0 deletions

diff --git a/utils/argv_fuzzing/argv-fuzz-inl.h b/utils/argv_fuzzing/argv-fuzz-inl.h
index ec22c53b..d3440799 100644
--- a/utils/argv_fuzzing/argv-fuzz-inl.h
+++ b/utils/argv_fuzzing/argv-fuzz-inl.h
@@ -29,6 +29,10 @@
    If you would like to always preserve argv[0], use this instead:
    AFL_INIT_SET0("prog_name");
 
+  To enable persistent fuzzing, use the AFL_INIT_ARGV_PERSISTENT macro with
+  buf as argument, or use AFL_INIT_SET0_PERSISTENT("prog_name", buf)
+  to preserver argv[0]. buf should be defined as:
+  unsigned char *buf = __AFL_FUZZ_TESTCASE_BUF;
 */
 
 #ifndef _HAVE_ARGV_FUZZ_INL
@@ -53,6 +57,20 @@
                                  \
   } while (0)
 
+#define AFL_INIT_ARGV_PERSISTENT(persistent_buff)                \
+    do {                                                         \
+        argv = afl_init_argv_persistent(&argc, persistent_buff); \
+     } while (0)
+
+#define AFL_INIT_SET0_PERSISTENT(_p, persistent_buff)            \
+  do {                                                           \
+                                                                 \
+    argv = afl_init_argv_persistent(&argc, persistent_buff);     \
+    argv[0] = (_p);                                              \
+    if (!argc) argc = 1;                                         \
+                                                                 \
+  } while (0)
+
 #define MAX_CMDLINE_LEN 100000
 #define MAX_CMDLINE_PAR 50000
 
@@ -87,6 +105,31 @@ static char **afl_init_argv(int *argc) {
 
 }
 
+static char **afl_init_argv_persistent(int *argc, unsigned char *persistent_buff) {
+
+  static char *ret[MAX_CMDLINE_PAR];
+
+  unsigned char *ptr = persistent_buff;
+  int   rc = 0;
+
+  while (*ptr && rc < MAX_CMDLINE_PAR) {
+
+    ret[rc] = (char *)ptr;
+    if (ret[rc][0] == 0x02 && !ret[rc][1]) ret[rc]++;
+    rc++;
+
+    while (*ptr)
+      ptr++;
+    ptr++;
+
+  }
+
+  *argc = rc;
+
+  return ret;
+
+}
+
 #undef MAX_CMDLINE_LEN
 #undef MAX_CMDLINE_PAR