ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-13 02:28:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

autotokens: print stats at exit

Browse Source
This commit is contained in:
vanhauser-thc
2023-01-17 09:52:35 +01:00
parent 4b915207c4
commit 33f41e3974
3 changed files with 18 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
custom_mutators/autotokens/README
View File

@ -1,6 +1,6 @@
# autotokens
This implements an improved autotoken idea presented in
This implements an improved autotoken grammar fuzzing idea presented in
[Token-Level Fuzzing][https://www.usenix.org/system/files/sec21-salls.pdf].
It is a grammar fuzzer without actually knowing the grammar.
@ -8,5 +8,6 @@ It is recommended to run with together in an instance with `CMPLOG`.
If you have a dictionary (`-x`) this improves this custom grammar mutator.
If **not** run with `CMPLOG`, it is possible to set `AFL_CUSTOM_MUTATOR_ONLY`,
to concentrate on grammar bug classes.
If **not** running with `CMPLOG`, it is possible to set
`AFL_CUSTOM_MUTATOR_ONLY` to concentrate on grammar bug classes.

12
custom_mutators/autotokens/autotokens.cpp
View File

@ -35,6 +35,7 @@ static u32 valid_structures;
static u32 whitespace_ids;
static u32 extras_cnt, a_extras_cnt;
static u64 all_spaces, all_tabs, all_lf, all_ws;
static u64 all_structure_items;
static unordered_map<string, vector<u32> *> file_mapping;
static unordered_map<string, u32> token_to_id;
static unordered_map<u32, string> id_to_token;
@ -519,6 +520,7 @@ extern "C" unsigned char afl_custom_queue_get(void *data,
file_mapping[fn] = structure;
s = structure;
++valid_structures;
all_structure_items += structure->size();
// we are done!
DEBUG(stderr, "DONE! We have %lu tokens in the structure\n",
@ -586,6 +588,16 @@ extern "C" my_mutator_t *afl_custom_init(afl_state *afl, unsigned int seed) {
extern "C" void afl_custom_deinit(my_mutator_t *data) {
/* we use this to print statistics at exit :-)
needs to be stderr as stdout is filtered */
fprintf(stderr,
"\n\nAutotoken mutator statistics:\n"
" Number of all seen tokens: %lu\n"
" Number of input structures: %lu\n"
" Number of all items in structures: %lu\n\n",
current_id - 1, valid_structures, all_structure_items);
free(data);
}