port custom mutator changes

custom_mutators/examples/example.c

@@ -349,12 +349,15 @@ uint8_t afl_custom_queue_get(my_mutator_t *data, const uint8_t *filename) {
  * @param data pointer returned in afl_custom_init for this fuzz case
  * @param filename_new_queue File name of the new queue entry
  * @param filename_orig_queue File name of the original queue entry
+ * @return if the file contents was modified return 1 (True), 0 (False)
+ *         otherwise
  */
-void afl_custom_queue_new_entry(my_mutator_t * data,
+uint8_t afl_custom_queue_new_entry(my_mutator_t * data,
-                                const uint8_t *filename_new_queue,
+                                   const uint8_t *filename_new_queue,
-                                const uint8_t *filename_orig_queue) {
+                                   const uint8_t *filename_orig_queue) {
 
   /* Additional analysis on the original or new test case */
+  return 0;
 
 }
 

custom_mutators/honggfuzz/honggfuzz.c

@@ -65,9 +65,9 @@ my_mutator_t *afl_custom_init(afl_state_t *afl, unsigned int seed) {
 /* When a new queue entry is added we check if there are new dictionary
    entries to add to honggfuzz structure */
 
-void afl_custom_queue_new_entry(my_mutator_t * data,
+uint8_t afl_custom_queue_new_entry(my_mutator_t * data,
-                                const uint8_t *filename_new_queue,
+                                   const uint8_t *filename_new_queue,
-                                const uint8_t *filename_orig_queue) {
+                                   const uint8_t *filename_orig_queue) {
 
   if (run.global->mutate.dictionaryCnt >= 1024) return;
 
@@ -97,6 +97,8 @@ void afl_custom_queue_new_entry(my_mutator_t * data,
 
   }
 
+  return 0;
+
 }
 
 /* we could set only_printable if is_ascii is set ... let's see

custom_mutators/libfuzzer/libfuzzer.cpp

@@ -78,9 +78,9 @@ extern "C" my_mutator_t *afl_custom_init(afl_state_t *afl, unsigned int seed) {
 /* When a new queue entry is added we check if there are new dictionary
    entries to add to honggfuzz structure */
 #if 0
-extern "C" void afl_custom_queue_new_entry(my_mutator_t * data,
+extern "C" uint8_t afl_custom_queue_new_entry(my_mutator_t * data,
-                                           const uint8_t *filename_new_queue,
+                                              const uint8_t *filename_new_queue,
-                                           const uint8_t *filename_orig_queue) {
+                                              const uint8_t *filename_orig_queue) {
 
   while (data->extras_cnt < afl_struct->extras_cnt) {
 
@@ -110,6 +110,8 @@ extern "C" void afl_custom_queue_new_entry(my_mutator_t * data,
 
   }
 
+  return 0;
+
 }
 
 #endif

custom_mutators/rust/custom_mutator/src/lib.rs

@@ -53,7 +53,9 @@ pub trait RawCustomMutator {
         1
     }
 
-    fn queue_new_entry(&mut self, filename_new_queue: &Path, _filename_orig_queue: Option<&Path>) {}
+    fn queue_new_entry(&mut self, filename_new_queue: &Path, _filename_orig_queue: Option<&Path>) -> bool {
+        false
+    }
 
     fn queue_get(&mut self, filename: &Path) -> bool {
         true
@@ -246,7 +248,7 @@ pub mod wrappers {
         data: *mut c_void,
         filename_new_queue: *const c_char,
         filename_orig_queue: *const c_char,
-    ) {
+    ) -> bool {
         match catch_unwind(|| {
             let mut context = FFIContext::<M>::from(data);
             if filename_new_queue.is_null() {

custom_mutators/symcc/symcc.c

@@ -101,9 +101,9 @@ my_mutator_t *afl_custom_init(afl_state_t *afl, unsigned int seed) {
 
 /* When a new queue entry is added we run this input with the symcc
    instrumented binary */
-void afl_custom_queue_new_entry(my_mutator_t * data,
+uint8_t afl_custom_queue_new_entry(my_mutator_t * data,
-                                const uint8_t *filename_new_queue,
+                                   const uint8_t *filename_new_queue,
-                                const uint8_t *filename_orig_queue) {
+                                   const uint8_t *filename_orig_queue) {
 
   int         pipefd[2];
   struct stat st;
@@ -232,6 +232,8 @@ void afl_custom_queue_new_entry(my_mutator_t * data,
 
   }
 
+  return 0;
+
 }
 
 uint32_t afl_custom_fuzz_count(my_mutator_t *data, const u8 *buf,

docs/custom_mutators.md

@@ -47,7 +47,7 @@ int afl_custom_post_trim(void *data, unsigned char success);
 size_t afl_custom_havoc_mutation(void *data, unsigned char *buf, size_t buf_size, unsigned char **out_buf, size_t max_size);
 unsigned char afl_custom_havoc_mutation_probability(void *data);
 unsigned char afl_custom_queue_get(void *data, const unsigned char *filename);
-void afl_custom_queue_new_entry(void *data, const unsigned char *filename_new_queue, const unsigned int *filename_orig_queue);
+u8 afl_custom_queue_new_entry(void *data, const unsigned char *filename_new_queue, const unsigned int *filename_orig_queue);
 const char* afl_custom_introspection(my_mutator_t *data);
 void afl_custom_deinit(void *data);
 ```
@@ -88,7 +88,7 @@ def queue_get(filename):
     return True
 
 def queue_new_entry(filename_new_queue, filename_orig_queue):
-    pass
+    return False
 
 def introspection():
     return string
@@ -156,6 +156,7 @@ def deinit():  # optional for Python
 - `queue_new_entry` (optional):
 
     This methods is called after adding a new test case to the queue.
+    If the contents of the file was changed return True, False otherwise.
 
 - `introspection` (optional):