From c19d1f0c7519fe7d1234e695c497a78f24aaf8b7 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Fri, 9 Apr 2021 12:22:16 +0200 Subject: update grammar-mutator, show better fuzzing strategy yields --- src/afl-fuzz-stats.c | 72 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 45 insertions(+), 27 deletions(-) (limited to 'src/afl-fuzz-stats.c') diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index 2c814d90..b9a94ac3 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -861,9 +861,9 @@ void show_stats(afl_state_t *afl) { " fuzzing strategy yields " bSTG bH10 bHT bH10 bH5 bHB bH bSTOP cCYA " path geometry " bSTG bH5 bH2 bVL "\n"); - if (afl->skip_deterministic) { + if (likely(afl->skip_deterministic)) { - strcpy(tmp, "n/a, n/a, n/a"); + strcpy(tmp, "disabled (default, enable with -D)"); } else { @@ -881,7 +881,7 @@ void show_stats(afl_state_t *afl) { " levels : " cRST "%-10s" bSTG bV "\n", tmp, u_stringify_int(IB(0), afl->max_depth)); - if (!afl->skip_deterministic) { + if (unlikely(!afl->skip_deterministic)) { sprintf(tmp, "%s/%s, %s/%s, %s/%s", u_stringify_int(IB(0), afl->stage_finds[STAGE_FLIP8]), @@ -897,7 +897,7 @@ void show_stats(afl_state_t *afl) { " pending : " cRST "%-10s" bSTG bV "\n", tmp, u_stringify_int(IB(0), afl->pending_not_fuzzed)); - if (!afl->skip_deterministic) { + if (unlikely(!afl->skip_deterministic)) { sprintf(tmp, "%s/%s, %s/%s, %s/%s", u_stringify_int(IB(0), afl->stage_finds[STAGE_ARITH8]), @@ -913,7 +913,7 @@ void show_stats(afl_state_t *afl) { " pend fav : " cRST "%-10s" bSTG bV "\n", tmp, u_stringify_int(IB(0), afl->pending_favored)); - if (!afl->skip_deterministic) { + if (unlikely(!afl->skip_deterministic)) { sprintf(tmp, "%s/%s, %s/%s, %s/%s", u_stringify_int(IB(0), afl->stage_finds[STAGE_INTEREST8]), @@ -929,7 +929,7 @@ void show_stats(afl_state_t *afl) { " own finds : " cRST "%-10s" bSTG bV "\n", tmp, u_stringify_int(IB(0), afl->queued_discovered)); - if (!afl->skip_deterministic) { + if (unlikely(!afl->skip_deterministic)) { sprintf(tmp, "%s/%s, %s/%s, %s/%s", u_stringify_int(IB(0), afl->stage_finds[STAGE_EXTRAS_UO]), @@ -974,35 +974,52 @@ void show_stats(afl_state_t *afl) { : cRST), tmp); - if (afl->shm.cmplog_mode) { + if (unlikely(afl->afl_env.afl_python_module)) { - sprintf(tmp, "%s/%s, %s/%s, %s/%s, %s/%s", + sprintf(tmp, "%s/%s, ", u_stringify_int(IB(0), afl->stage_finds[STAGE_PYTHON]), - u_stringify_int(IB(1), afl->stage_cycles[STAGE_PYTHON]), - u_stringify_int(IB(2), afl->stage_finds[STAGE_CUSTOM_MUTATOR]), - u_stringify_int(IB(3), afl->stage_cycles[STAGE_CUSTOM_MUTATOR]), + u_stringify_int(IB(1), afl->stage_cycles[STAGE_PYTHON])); + + } else { + + strcpy(tmp, "unused, "); + + } + + if (unlikely(afl->afl_env.afl_custom_mutator_library)) { + + sprintf(tmp, "%s%s/%s, ", tmp, + u_stringify_int(IB(2), afl->stage_finds[STAGE_PYTHON]), + u_stringify_int(IB(3), afl->stage_cycles[STAGE_PYTHON])); + + } else { + + strcat(tmp, "unused, "); + + } + + if (unlikely(afl->shm.cmplog_mode)) { + + sprintf(tmp, "%s%s/%s, %s/%s", tmp, u_stringify_int(IB(4), afl->stage_finds[STAGE_COLORIZATION]), u_stringify_int(IB(5), afl->stage_cycles[STAGE_COLORIZATION]), u_stringify_int(IB(6), afl->stage_finds[STAGE_ITS]), u_stringify_int(IB(7), afl->stage_cycles[STAGE_ITS])); - SAYF(bV bSTOP " custom/rq : " cRST "%-36s " bSTG bVR bH20 bH2 bH bRB "\n", - tmp); - } else { - sprintf(tmp, "%s/%s, %s/%s", - u_stringify_int(IB(0), afl->stage_finds[STAGE_PYTHON]), - u_stringify_int(IB(1), afl->stage_cycles[STAGE_PYTHON]), - u_stringify_int(IB(2), afl->stage_finds[STAGE_CUSTOM_MUTATOR]), - u_stringify_int(IB(3), afl->stage_cycles[STAGE_CUSTOM_MUTATOR])); - - SAYF(bV bSTOP " py/custom : " cRST "%-36s " bSTG bVR bH20 bH2 bH bRB "\n", - tmp); + strcat(tmp, "unused, unused "); } - if (!afl->bytes_trim_out) { + SAYF(bV bSTOP "py/custom/rq : " cRST "%-36s " bSTG bVR bH20 bH2 bH bRB "\n", + tmp); + + if (likely(afl->disable_trim)) { + + sprintf(tmp, "disabled, "); + + } else if (unlikely(!afl->bytes_trim_out)) { sprintf(tmp, "n/a, "); @@ -1015,12 +1032,13 @@ void show_stats(afl_state_t *afl) { } - if (!afl->blocks_eff_total) { + if (likely(afl->skip_deterministic)) { - u8 tmp2[128]; + strcat(tmp, "disabled"); - sprintf(tmp2, "n/a"); - strcat(tmp, tmp2); + } else if (unlikely(!afl->blocks_eff_total)) { + + strcat(tmp, "n/a"); } else { -- cgit 1.4.1 From 0c06371cda94e916f62b6456e86b849333acb338 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 13 Apr 2021 11:16:12 +0200 Subject: display dictionary usage in havoc only mode --- src/afl-fuzz-stats.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'src/afl-fuzz-stats.c') diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index b9a94ac3..ed4787ea 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -939,6 +939,14 @@ void show_stats(afl_state_t *afl) { u_stringify_int(IB(4), afl->stage_finds[STAGE_EXTRAS_AO]), u_stringify_int(IB(5), afl->stage_cycles[STAGE_EXTRAS_AO])); + } else if (unlikely(!afl->extras_cnt)) { + + strcpy(tmp, "n/a"); + + } else { + + strcpy(tmp, "havoc mode"); + } SAYF(bV bSTOP " dictionary : " cRST "%-36s " bSTG bV bSTOP -- cgit 1.4.1 From 50bb931ea604a83784609dc71934a4a8f8feb156 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Tue, 13 Apr 2021 11:26:27 +0200 Subject: ui custom mutator only display --- include/afl-fuzz.h | 1 - src/afl-fuzz-stats.c | 8 ++++++-- 2 files changed, 6 insertions(+), 3 deletions(-) (limited to 'src/afl-fuzz-stats.c') diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index 40a7fc85..325168f2 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -483,7 +483,6 @@ typedef struct afl_state { no_unlink, /* do not unlink cur_input */ debug, /* Debug mode */ custom_only, /* Custom mutator only mode */ - python_only, /* Python-only mode */ is_main_node, /* if this is the main node */ is_secondary_node; /* if this is a secondary instance */ diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index ed4787ea..e0e24a18 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -861,7 +861,11 @@ void show_stats(afl_state_t *afl) { " fuzzing strategy yields " bSTG bH10 bHT bH10 bH5 bHB bH bSTOP cCYA " path geometry " bSTG bH5 bH2 bVL "\n"); - if (likely(afl->skip_deterministic)) { + if (unlikely(afl->custom_only)) { + + strcpy(tmp, "disabled (custom mutator only mode)"); + + } else if (likely(afl->skip_deterministic)) { strcpy(tmp, "disabled (default, enable with -D)"); @@ -939,7 +943,7 @@ void show_stats(afl_state_t *afl) { u_stringify_int(IB(4), afl->stage_finds[STAGE_EXTRAS_AO]), u_stringify_int(IB(5), afl->stage_cycles[STAGE_EXTRAS_AO])); - } else if (unlikely(!afl->extras_cnt)) { + } else if (unlikely(!afl->extras_cnt || afl->custom_only)) { strcpy(tmp, "n/a"); -- cgit 1.4.1 From 5e72568a455bde8ac389b8b234cbdbbb0d33e015 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Wed, 14 Apr 2021 17:52:43 +0200 Subject: ui update --- docs/status_screen.md | 11 +++++++++-- src/afl-fuzz-stats.c | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) (limited to 'src/afl-fuzz-stats.c') diff --git a/docs/status_screen.md b/docs/status_screen.md index 0329d960..e3abcc5f 100644 --- a/docs/status_screen.md +++ b/docs/status_screen.md @@ -251,8 +251,9 @@ exceed it by a margin sufficient to be classified as hangs. | arithmetics : 53/2.54M, 0/537k, 0/55.2k | | known ints : 8/322k, 12/1.32M, 10/1.70M | | dictionary : 9/52k, 1/53k, 1/24k | - | havoc : 1903/20.0M, 0/0 | - | trim : 20.31%/9201, 17.05% | + |havoc/splice : 1903/20.0M, 0/0 | + |py/custom/rq : unused, 53/2.54M, unused | + | trim/eff : 20.31%/9201, 17.05% | +-----------------------------------------------------+ ``` @@ -268,6 +269,12 @@ goal. Finally, the third number shows the proportion of bytes that, although not possible to remove, were deemed to have no effect and were excluded from some of the more expensive deterministic fuzzing steps. +Note that when deterministic mutation mode is off (which is the default +because it is not very efficient) the first five lines display +"disabled (default, enable with -D)". + +Only what is activated will have counter shown. + ### Path geometry ``` diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index e0e24a18..009cebf6 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -1074,7 +1074,7 @@ void show_stats(afl_state_t *afl) { // //} else { - SAYF(bV bSTOP " trim : " cRST "%-36s " bSTG bV RESET_G1, tmp); + SAYF(bV bSTOP " trim/eff : " cRST "%-36s " bSTG bV RESET_G1, tmp); //} -- cgit 1.4.1 From ab0f13ed068a7ef47cc84e6871428e1812382688 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 15 Apr 2021 00:11:32 +0200 Subject: fix writing stat file on exit --- src/afl-fuzz-stats.c | 43 +++++++++++++++++++++++-------------------- src/afl-fuzz.c | 1 - 2 files changed, 23 insertions(+), 21 deletions(-) (limited to 'src/afl-fuzz-stats.c') diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index 009cebf6..fa1f3c70 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -355,18 +355,18 @@ void write_stats_file(afl_state_t *afl, u32 t_bytes, double bitmap_cvg, void maybe_update_plot_file(afl_state_t *afl, u32 t_bytes, double bitmap_cvg, double eps) { - if (unlikely(afl->stop_soon) || - unlikely(afl->plot_prev_qp == afl->queued_paths && - afl->plot_prev_pf == afl->pending_favored && - afl->plot_prev_pnf == afl->pending_not_fuzzed && - afl->plot_prev_ce == afl->current_entry && - afl->plot_prev_qc == afl->queue_cycle && - afl->plot_prev_uc == afl->unique_crashes && - afl->plot_prev_uh == afl->unique_hangs && - afl->plot_prev_md == afl->max_depth && - afl->plot_prev_ed == afl->fsrv.total_execs) || - unlikely(!afl->queue_cycle) || - unlikely(get_cur_time() - afl->start_time <= 60)) { + if (unlikely(!afl->force_ui_update && + (afl->stop_soon || + (afl->plot_prev_qp == afl->queued_paths && + afl->plot_prev_pf == afl->pending_favored && + afl->plot_prev_pnf == afl->pending_not_fuzzed && + afl->plot_prev_ce == afl->current_entry && + afl->plot_prev_qc == afl->queue_cycle && + afl->plot_prev_uc == afl->unique_crashes && + afl->plot_prev_uh == afl->unique_hangs && + afl->plot_prev_md == afl->max_depth && + afl->plot_prev_ed == afl->fsrv.total_execs) || + !afl->queue_cycle || get_cur_time() - afl->start_time <= 60))) { return; @@ -531,7 +531,8 @@ void show_stats(afl_state_t *afl) { /* Roughly every minute, update fuzzer stats and save auto tokens. */ - if (cur_ms - afl->stats_last_stats_ms > STATS_UPDATE_SEC * 1000) { + if (unlikely(afl->force_ui_update || + cur_ms - afl->stats_last_stats_ms > STATS_UPDATE_SEC * 1000)) { afl->stats_last_stats_ms = cur_ms; write_stats_file(afl, t_bytes, t_byte_ratio, stab_ratio, @@ -543,7 +544,8 @@ void show_stats(afl_state_t *afl) { if (unlikely(afl->afl_env.afl_statsd)) { - if (cur_ms - afl->statsd_last_send_ms > STATSD_UPDATE_SEC * 1000) { + if (unlikely(afl->force_ui_update && cur_ms - afl->statsd_last_send_ms > + STATSD_UPDATE_SEC * 1000)) { /* reset counter, even if send failed. */ afl->statsd_last_send_ms = cur_ms; @@ -555,7 +557,8 @@ void show_stats(afl_state_t *afl) { /* Every now and then, write plot data. */ - if (cur_ms - afl->stats_last_plot_ms > PLOT_UPDATE_SEC * 1000) { + if (unlikely(afl->force_ui_update || + cur_ms - afl->stats_last_plot_ms > PLOT_UPDATE_SEC * 1000)) { afl->stats_last_plot_ms = cur_ms; maybe_update_plot_file(afl, t_bytes, t_byte_ratio, afl->stats_avg_exec); @@ -564,14 +567,14 @@ void show_stats(afl_state_t *afl) { /* Honor AFL_EXIT_WHEN_DONE and AFL_BENCH_UNTIL_CRASH. */ - if (!afl->non_instrumented_mode && afl->cycles_wo_finds > 100 && - !afl->pending_not_fuzzed && afl->afl_env.afl_exit_when_done) { + if (unlikely(!afl->non_instrumented_mode && afl->cycles_wo_finds > 100 && + !afl->pending_not_fuzzed && afl->afl_env.afl_exit_when_done)) { afl->stop_soon = 2; } - if (afl->total_crashes && afl->afl_env.afl_bench_until_crash) { + if (unlikely(afl->total_crashes && afl->afl_env.afl_bench_until_crash)) { afl->stop_soon = 2; @@ -583,7 +586,7 @@ void show_stats(afl_state_t *afl) { /* If we haven't started doing things, bail out. */ - if (!afl->queue_cur) { return; } + if (unlikely(!afl->queue_cur)) { return; } /* Compute some mildly useful bitmap stats. */ @@ -602,7 +605,7 @@ void show_stats(afl_state_t *afl) { SAYF(TERM_HOME); - if (afl->term_too_small) { + if (unlikely(afl->term_too_small)) { SAYF(cBRI "Your terminal is too small to display the UI.\n" diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 9688c84f..d9bf2b28 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -2130,7 +2130,6 @@ int main(int argc, char **argv_orig, char **envp) { stop_fuzzing: - write_stats_file(afl, 0, 0, 0, 0); afl->force_ui_update = 1; // ensure the screen is reprinted show_stats(afl); // print the screen one last time -- cgit 1.4.1 From cd40fa1745de1aba6549dd37d1d94b0e26cce442 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 15 Apr 2021 11:04:39 +0200 Subject: fix warnings --- src/afl-fuzz-stats.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'src/afl-fuzz-stats.c') diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index fa1f3c70..d1e5e9f8 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -427,7 +427,7 @@ void show_stats(afl_state_t *afl) { u32 t_bytes, t_bits; u32 banner_len, banner_pad; - u8 tmp[256]; + u8 tmp[256], tmp2[256]; u8 time_tmp[64]; u8 val_buf[8][STRINGIFY_VAL_SIZE_MAX]; @@ -991,31 +991,31 @@ void show_stats(afl_state_t *afl) { if (unlikely(afl->afl_env.afl_python_module)) { - sprintf(tmp, "%s/%s, ", + sprintf(tmp, "%s/%s,", u_stringify_int(IB(0), afl->stage_finds[STAGE_PYTHON]), u_stringify_int(IB(1), afl->stage_cycles[STAGE_PYTHON])); } else { - strcpy(tmp, "unused, "); + strcpy(tmp, "unused,"); } if (unlikely(afl->afl_env.afl_custom_mutator_library)) { - sprintf(tmp, "%s%s/%s, ", tmp, + sprintf(tmp2, " %s%s/%s,", tmp, u_stringify_int(IB(2), afl->stage_finds[STAGE_PYTHON]), u_stringify_int(IB(3), afl->stage_cycles[STAGE_PYTHON])); } else { - strcat(tmp, "unused, "); + strcat(tmp2, " unused,"); } if (unlikely(afl->shm.cmplog_mode)) { - sprintf(tmp, "%s%s/%s, %s/%s", tmp, + sprintf(tmp, "%s %s/%s, %s/%s", tmp2, u_stringify_int(IB(4), afl->stage_finds[STAGE_COLORIZATION]), u_stringify_int(IB(5), afl->stage_cycles[STAGE_COLORIZATION]), u_stringify_int(IB(6), afl->stage_finds[STAGE_ITS]), @@ -1023,7 +1023,7 @@ void show_stats(afl_state_t *afl) { } else { - strcat(tmp, "unused, unused "); + sprintf(tmp, "%s unused, unused", tmp2); } -- cgit 1.4.1 From b815c32f0ef789dd6d33f5de4d0b524664d41195 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 15 Apr 2021 12:22:05 +0200 Subject: fix ui --- src/afl-fuzz-stats.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/afl-fuzz-stats.c') diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index d1e5e9f8..a1559eac 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -1003,13 +1003,13 @@ void show_stats(afl_state_t *afl) { if (unlikely(afl->afl_env.afl_custom_mutator_library)) { - sprintf(tmp2, " %s%s/%s,", tmp, + sprintf(tmp2, "%s %s/%s,", tmp, u_stringify_int(IB(2), afl->stage_finds[STAGE_PYTHON]), u_stringify_int(IB(3), afl->stage_cycles[STAGE_PYTHON])); } else { - strcat(tmp2, " unused,"); + sprintf(tmp2, "%s unused,", tmp); } -- cgit 1.4.1 From e41d1183cca02fb4d6398df4fc3e028dfd9c5f72 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Fri, 16 Apr 2021 00:41:32 +0200 Subject: fix nits --- GNUmakefile | 2 +- docs/env_variables.md | 4 ++-- qemu_mode/build_qemu_support.sh | 2 ++ src/afl-fuzz-stats.c | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) (limited to 'src/afl-fuzz-stats.c') diff --git a/GNUmakefile b/GNUmakefile index a87b2f7b..804bfe08 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -550,7 +550,7 @@ all_done: test_build @test -e SanitizerCoverageLTO.so && echo "[+] LLVM LTO mode for 'afl-cc' successfully built!" || echo "[-] LLVM LTO mode for 'afl-cc' failed to build, this would need LLVM 11+, see instrumentation/README.lto.md how to build it" @test -e afl-gcc-pass.so && echo "[+] gcc_plugin for 'afl-cc' successfully built!" || echo "[-] gcc_plugin for 'afl-cc' failed to build, unless you really need it that is fine - or read instrumentation/README.gcc_plugin.md how to build it" @echo "[+] All done! Be sure to review the README.md - it's pretty short and useful." - @if [ "`uname`" = "Darwin" ]; then printf "\nWARNING: Fuzzing on MacOS X is slow because of the unusually high overhead of\nfork() on this OS. Consider using Linux or *BSD for fuzzing software not\nspecific for MacOs.\n\n"; fi + @if [ "`uname`" = "Darwin" ]; then printf "\nWARNING: Fuzzing on MacOS X is slow because of the unusually high overhead of\nfork() on this OS. Consider using Linux or *BSD for fuzzing software not\nspecifically for MacOS.\n\n"; fi @! tty <&1 >/dev/null || printf "\033[0;30mNOTE: If you can read this, your terminal probably uses white background.\nThis will make the UI hard to read. See docs/status_screen.md for advice.\033[0m\n" 2>/dev/null .NOTPARALLEL: clean all diff --git a/docs/env_variables.md b/docs/env_variables.md index 1f4dfef9..0100ffac 100644 --- a/docs/env_variables.md +++ b/docs/env_variables.md @@ -382,8 +382,8 @@ checks or alter some of the more exotic semantics of the tool: may complain of high load prematurely, especially on systems with low core counts. To avoid the alarming red color, you can set `AFL_NO_CPU_RED`. - - In QEMU mode (-Q), Unicorn mode (-U) and Frida mode (-O), `AFL_PATH` will - be searched for afl-qemu-trace. + - In QEMU mode (-Q) and Frida mode (-O), `AFL_PATH` will + be searched for afl-qemu-trace and afl-frida-trace.so. - In QEMU mode (-Q), setting `AFL_QEMU_CUSTOM_BIN` cause afl-fuzz to skip prepending `afl-qemu-trace` to your command line. Use this if you wish to use a diff --git a/qemu_mode/build_qemu_support.sh b/qemu_mode/build_qemu_support.sh index 38085389..6436d43a 100755 --- a/qemu_mode/build_qemu_support.sh +++ b/qemu_mode/build_qemu_support.sh @@ -360,6 +360,8 @@ if ! command -v "$CROSS" > /dev/null ; then make -C unsigaction && echo "[+] unsigaction ready" echo "[+] Building libqasan ..." make -C libqasan && echo "[+] unsigaction ready" + echo "[+] Building qemu libfuzzer helpers ..." + make -C ../utils/aflpp_driver else echo "[!] Cross compiler $CROSS could not be found, cannot compile libcompcov libqasan and unsigaction" fi diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index a1559eac..52d9de87 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -866,7 +866,7 @@ void show_stats(afl_state_t *afl) { if (unlikely(afl->custom_only)) { - strcpy(tmp, "disabled (custom mutator only mode)"); + strcpy(tmp, "disabled (custom-mutator-only mode)"); } else if (likely(afl->skip_deterministic)) { -- cgit 1.4.1 From 495cbd42b7e4e9d873178a09b7183be893fffb1d Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Fri, 16 Apr 2021 21:57:44 +0200 Subject: reworked formatting in order to avoid gcc 8.3.0 warnings --- src/afl-fuzz-stats.c | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) (limited to 'src/afl-fuzz-stats.c') diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index 52d9de87..22c0cbd2 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -427,7 +427,7 @@ void show_stats(afl_state_t *afl) { u32 t_bytes, t_bits; u32 banner_len, banner_pad; - u8 tmp[256], tmp2[256]; + u8 tmp[256]; u8 time_tmp[64]; u8 val_buf[8][STRINGIFY_VAL_SIZE_MAX]; @@ -1003,27 +1003,32 @@ void show_stats(afl_state_t *afl) { if (unlikely(afl->afl_env.afl_custom_mutator_library)) { - sprintf(tmp2, "%s %s/%s,", tmp, - u_stringify_int(IB(2), afl->stage_finds[STAGE_PYTHON]), - u_stringify_int(IB(3), afl->stage_cycles[STAGE_PYTHON])); + strcat(tmp, " "); + strcat(tmp, u_stringify_int(IB(2), afl->stage_finds[STAGE_PYTHON])); + strcat(tmp, "/"); + strcat(tmp, u_stringify_int(IB(3), afl->stage_cycles[STAGE_PYTHON])); + strcat(tmp, ","); } else { - sprintf(tmp2, "%s unused,", tmp); + strcat(tmp, " unused,"); } if (unlikely(afl->shm.cmplog_mode)) { - sprintf(tmp, "%s %s/%s, %s/%s", tmp2, - u_stringify_int(IB(4), afl->stage_finds[STAGE_COLORIZATION]), - u_stringify_int(IB(5), afl->stage_cycles[STAGE_COLORIZATION]), - u_stringify_int(IB(6), afl->stage_finds[STAGE_ITS]), - u_stringify_int(IB(7), afl->stage_cycles[STAGE_ITS])); + strcat(tmp, " "); + strcat(tmp, u_stringify_int(IB(4), afl->stage_finds[STAGE_COLORIZATION])); + strcat(tmp, "/"); + strcat(tmp, u_stringify_int(IB(5), afl->stage_cycles[STAGE_COLORIZATION])); + strcat(tmp, ", "); + strcat(tmp, u_stringify_int(IB(6), afl->stage_finds[STAGE_ITS])); + strcat(tmp, "/"); + strcat(tmp, u_stringify_int(IB(7), afl->stage_cycles[STAGE_ITS])); } else { - sprintf(tmp, "%s unused, unused", tmp2); + strcat(tmp, " unused, unused"); } -- cgit 1.4.1