From a2e2fae840e9946c7994ac6807bed8496d71af56 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Thu, 3 Dec 2020 14:43:06 +0100 Subject: AFL_CRASH_EXITCODE env var added, u8->bool --- src/afl-fuzz-state.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'src/afl-fuzz-state.c') diff --git a/src/afl-fuzz-state.c b/src/afl-fuzz-state.c index 489d4e53..73b94466 100644 --- a/src/afl-fuzz-state.c +++ b/src/afl-fuzz-state.c @@ -394,6 +394,13 @@ void read_afl_environment(afl_state_t *afl, char **envp) { afl->afl_env.afl_statsd_tags_flavor = (u8 *)get_afl_env(afl_environment_variables[i]); + } else if (!strncmp(env, "AFL_CRASH_EXITCODE", + + afl_environment_variable_len)) { + + afl->afl_env.afl_crash_exitcode = + (u8 *)get_afl_env(afl_environment_variables[i]); + } } else { -- cgit 1.4.1 From 8a1acac559edb66e8e246e73508cec541a9fc530 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Fri, 11 Dec 2020 10:28:39 +0100 Subject: schedule improvements, new default is FAST --- docs/Changelog.md | 7 ++++--- src/afl-fuzz-queue.c | 2 +- src/afl-fuzz-state.c | 2 +- 3 files changed, 6 insertions(+), 5 deletions(-) (limited to 'src/afl-fuzz-state.c') diff --git a/docs/Changelog.md b/docs/Changelog.md index 5094769d..4470388e 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -16,16 +16,17 @@ sending a mail to . - all compilers combined to afl-cc which emulates the previous ones - afl-llvm/gcc-rt.o merged into afl-compiler-rt.o - afl-fuzz - - memory limits are now disabled by default, set them with -m if required + - not specifying -M or -S will now auto-set "-S default" - deterministic fuzzing is now disabled by default and can be enabled with -D. It is still enabled by default for -M. - a new seed selection was implemented that uses weighted randoms based on a schedule performance score, which is much better that the previous walk the whole queue approach. Select the old mode with -Z (auto enabled with -M) - - rpc.statsd support, for stats and charts, by Edznux, thanks a lot! - Marcel Boehme submitted a patch that improves all AFFast schedules :) - - not specifying -M or -S will now auto-set "-S default" + - the default schedule is now FAST + - memory limits are now disabled by default, set them with -m if required + - rpc.statsd support, for stats and charts, by Edznux, thanks a lot! - reading testcases from -i now descends into subdirectories - allow the -x command line option up to 4 times - loaded extras now have a duplication protection diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index 84092ff8..d74c07a1 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -47,7 +47,7 @@ double compute_weight(afl_state_t *afl, struct queue_entry *q, u32 hits; - if (likely(afl->schedule >= FAST && afl->schedule < RARE)) { + if (likely(afl->schedule >= FAST && afl->schedule <= RARE)) { hits = afl->n_fuzz[q->n_fuzz_entry]; if (hits == 0) { hits = 1; } diff --git a/src/afl-fuzz-state.c b/src/afl-fuzz-state.c index 73b94466..36da2730 100644 --- a/src/afl-fuzz-state.c +++ b/src/afl-fuzz-state.c @@ -87,7 +87,7 @@ void afl_state_init(afl_state_t *afl, uint32_t map_size) { afl->w_end = 0.3; afl->g_max = 5000; afl->period_pilot_tmp = 5000.0; - afl->schedule = EXPLORE; /* Power schedule (default: EXPLORE) */ + afl->schedule = FAST ; /* Power schedule (default: FAST) */ afl->havoc_max_mult = HAVOC_MAX_MULT; afl->clear_screen = 1; /* Window resized? */ -- cgit 1.4.1 From cc781e44f36d716f05da13bf760154a7810bfe43 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Fri, 11 Dec 2020 11:21:28 +0100 Subject: code format --- src/afl-cc.c | 8 ++++---- src/afl-fuzz-queue.c | 13 ++++++++----- src/afl-fuzz-state.c | 2 +- 3 files changed, 13 insertions(+), 10 deletions(-) (limited to 'src/afl-fuzz-state.c') diff --git a/src/afl-cc.c b/src/afl-cc.c index 37cfc7c8..c43ac2c1 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -891,9 +891,9 @@ static void edit_params(u32 argc, char **argv, char **envp) { alloc_printf("-Wl,--dynamic-list=%s/dynamic_list.txt", obj_path); #endif -#ifdef USEMMAP + #ifdef USEMMAP cc_params[cc_par_cnt++] = "-lrt"; -#endif + #endif } @@ -1467,9 +1467,9 @@ int main(int argc, char **argv, char **envp) { #endif #ifdef USEMMAP - SAYF("Compiled with shm_open support (adds -lrt when linking).\n"); + SAYF("Compiled with shm_open support (adds -lrt when linking).\n"); #else - SAYF("Compiled with shmat support.\n"); + SAYF("Compiled with shmat support.\n"); #endif SAYF("\n"); diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index d74c07a1..54afa17c 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -46,14 +46,17 @@ double compute_weight(afl_state_t *afl, struct queue_entry *q, double avg_exec_us, double avg_bitmap_size) { u32 hits; - + if (likely(afl->schedule >= FAST && afl->schedule <= RARE)) { - + hits = afl->n_fuzz[q->n_fuzz_entry]; if (hits == 0) { hits = 1; } - - } else { hits = 1; } - + + } else { + + hits = 1; + + } double weight = 1.0; weight *= avg_exec_us / q->exec_us; diff --git a/src/afl-fuzz-state.c b/src/afl-fuzz-state.c index 36da2730..9c51a3ef 100644 --- a/src/afl-fuzz-state.c +++ b/src/afl-fuzz-state.c @@ -87,7 +87,7 @@ void afl_state_init(afl_state_t *afl, uint32_t map_size) { afl->w_end = 0.3; afl->g_max = 5000; afl->period_pilot_tmp = 5000.0; - afl->schedule = FAST ; /* Power schedule (default: FAST) */ + afl->schedule = FAST; /* Power schedule (default: FAST) */ afl->havoc_max_mult = HAVOC_MAX_MULT; afl->clear_screen = 1; /* Window resized? */ -- cgit 1.4.1