take care of uninstrumented mode for fuzz state and mode

2025-06-08 08:11:34 +00:00 · 2023-07-18 09:56:28 +02:00 · 2023-07-18 09:56:28 +02:00 · 4113b6ccad
commit 4113b6ccad
parent 2b8e528a3b
4 changed files with 12 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -15,6 +15,7 @@ AFL++ is maintained by:
 * Andrea Fioraldi <andreafioraldi@gmail.com>
 * Dominik Maier <mail@dmnk.co>
 * Heiko "hexcoder-" Eißfeldt <heiko.eissfeldt@hexco.de>
+* frida_mode is maintained by @Worksbutnottested
 * Documentation: Jana Aydinbas <jana.aydinbas@gmail.com>

 Originally developed by Michał "lcamtuf" Zalewski.
--- a/src/afl-fuzz-bitmap.c
+++ b/src/afl-fuzz-bitmap.c
@ -533,7 +533,8 @@ save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
    close(fd);
    add_to_queue(afl, queue_fn, len, 0);

-    if (unlikely(afl->fuzz_mode) && likely(afl->switch_fuzz_mode)) {
+    if (unlikely(afl->fuzz_mode) &&
+        likely(afl->switch_fuzz_mode && !afl->non_instrumented_mode)) {

      if (afl->afl_env.afl_no_ui) {

--- a/src/afl-fuzz-stats.c
+++ b/src/afl-fuzz-stats.c
@ -37,7 +37,12 @@ char *get_fuzzing_state(afl_state_t *afl) {
  u64 cur_run_time = cur_ms - afl->start_time;
  u64 cur_total_run_time = afl->prev_run_time + cur_run_time;

-  if (unlikely(cur_run_time < 60 * 3 * 1000 ||
+  if (unlikely(afl->non_instrumented_mode)) {
+
+    return fuzzing_state[1];
+
+  } else if (unlikely(cur_run_time < 60 * 3 * 1000 ||
+
                      cur_total_run_time < 60 * 5 * 1000)) {

    return fuzzing_state[0];
--- a/src/afl-fuzz.c
+++ b/src/afl-fuzz.c
@ -2755,7 +2755,8 @@ int main(int argc, char **argv_orig, char **envp) {

    u64 cur_time = get_cur_time();

-    if (likely(afl->switch_fuzz_mode && afl->fuzz_mode == 0) &&
+    if (likely(afl->switch_fuzz_mode && afl->fuzz_mode == 0 &&
+               !afl->non_instrumented_mode) &&
        unlikely(cur_time > afl->last_find_time + afl->switch_fuzz_mode)) {

      if (afl->afl_env.afl_no_ui) {