| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
commit ecb5854be08fa ("add zlib compression for fast resume") added new
logic selected at compile-time when zlib is present. Unfortunately, it
also broke the existing logic by removing the last line of a multi-line
if statement, resulting in a syntax error when zlib isn't present.
Restore the line as it was.
|
|
This reverts commit 7c380a6612f00e4a7ed02364dc2b3769e8edc8f8.
|
|
|
|
|
|
In src/afl-fuzz.c `prev_queued_items` is used to decide whether the alias table should be recreated through the comparison with `afl->queued_items`.
https://github.com/AFLplusplus/AFLplusplus/blob/43f462c91b3699b66e4aa1c5703b30f5189b5618/src/afl-fuzz.c#L3103-L3117
However, this variable is also updated to `afl->queued_items` when INTROSPECTION is enabled and the `fuzz_one` appends seeds.
https://github.com/AFLplusplus/AFLplusplus/blob/43f462c91b3699b66e4aa1c5703b30f5189b5618/src/afl-fuzz.c#L3135-L3140
Due to the update of `prev_queued_items` when INTROSPECTION is on, alias table may not be recreated when it actually should be.
This can lead to potential heap buffer-overflow in `select_next_queue_entry` due to the lack of `afl_realloc` called in `create_alias_table`.
This patch fixes this bug by utilizing another variable for the INTROSPECTION part like other variables such as `prev_saved_tmouts`.
|
|
|
|
|
|
|
|
With CODE_COVERAGE builds, we need to collect the coverage data of each
iteration in a persistant buffer that has the same size as the regular
trace buffer used for fuzzing. We dump this information at the end of
the run and when combined with pointer data and module info, this can be
used to calculate code coverage.
|
|
|
|
Fastrestart
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
print_stats sets exit_soon even while syncing, this leaves -V 0 still broken, as we don't finish syncing.
Additionally, the change that introduced the previous -V fix also broke the runtime tracking, as runtime needs to include all time including sync, splice etc. This caused an underflow in the reported runtime.
|
|
|
|
|
|
|
|
|
|
This currently does not affect statsd nor the UI. Only the fuzzer_stats file is updated
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
replay mode support
|
|
|
|
|
|
|
|
|
|
|
|
* fuzzer: init commit based on aflpp 60dc37a8cf09f8e9048e4b6a2204d6c90b27655a
* fuzzers: adding the skip variables and initialize
* log: profile the det/havoc finding
* log: add profile log output
* fuzzers: sperate log/skipdet module
* fuzzers: add quick eff_map calc
* fuzzers: add skip_eff_map in fuzz_one
* fuzzers: mark whole input space in eff_map
* fuzzers: add undet bit threshold to skip some seeds
* fuzzers: fix one byte overflow
* fuzzers: fix overflow
* fix code format
* add havoc only again
* code format
* remove log to INTROSPECTION, rename skipdet module
* rename skipdet module
* remove log to stats
* clean redundant code
* code format
* remove redundant code format check
* remove redundant doc
* remove redundant objects
* clean files
* change -d to default skipdet
* disable deterministic when using CUSTOM_MUTATOR
* revert fix
|
