ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-16 03:48:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

update afl-fuzz-run

Browse Source
This commit is contained in:
yangzao
2023-11-24 22:47:50 -07:00
parent 770e868d04
commit 8af74bcaee
3 changed files with 22 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
custom_mutators/examples/custom_post_run.c
View File

@ -2,10 +2,10 @@
// This is an example on how to use afl_custom_post_run // This is an example on how to use afl_custom_post_run
// It executes custom code each time after AFL++ executes the target // It executes custom code each time after AFL++ executes the target
// //
// cc -O3 -fPIC -shared -g -o custom_send.so -I../../include custom_send.c /////////////////////to_be_edited // cc -O3 -fPIC -shared -g -o custom_post_run.so -I../../include custom_post_run.c
// cd ../.. // cd ../..
// afl-cc -o test-instr test-instr.c // afl-cc -o test-instr test-instr.c
// AFL_CUSTOM_MUTATOR_LIBRARY=custom_mutators/examples/custom_send.so \ // AFL_CUSTOM_MUTATOR_LIBRARY=custom_mutators/examples/custom_post_run.so \
// afl-fuzz -i in -o out -- ./test-instr -f /tmp/foo // afl-fuzz -i in -o out -- ./test-instr -f /tmp/foo
// //
@ -39,7 +39,7 @@ my_mutator_t *afl_custom_init(afl_state_t *afl, unsigned int seed) {
} }
void afl_custom_post_run(my_mutator_t *data, uint8_t *buf, size_t buf_size) { void afl_custom_post_run(my_mutator_t *data) {
printf("hello from afl_custom_post_run\n"); printf("hello from afl_custom_post_run\n");
return; return;

4
include/afl-fuzz.h
View File

@ -1027,10 +1027,8 @@ struct custom_mutator {
* (Optional) * (Optional)
* *
* @param data pointer returned in afl_custom_init by this custom mutator * @param data pointer returned in afl_custom_init by this custom mutator
* @param buf Buffer containing the test case
* @param buf_size Size of the test case
*/ */
void (*afl_custom_post_run)(void *data, const u8 *buf, size_t buf_size); void (*afl_custom_post_run)(void *data);
/** /**
* Allow for additional analysis (e.g. calling a different tool that does a * Allow for additional analysis (e.g. calling a different tool that does a

19
src/afl-fuzz-run.c
View File

@ -60,7 +60,7 @@ fuzz_run_target(afl_state_t *afl, afl_forkserver_t *fsrv, u32 timeout) {
fsrv_run_result_t res = afl_fsrv_run_target(fsrv, timeout, &afl->stop_soon); fsrv_run_result_t res = afl_fsrv_run_target(fsrv, timeout, &afl->stop_soon);
post_run(afl);
#ifdef PROFILING #ifdef PROFILING
clock_gettime(CLOCK_REALTIME, &spec); clock_gettime(CLOCK_REALTIME, &spec);
@ -1113,3 +1113,20 @@ common_fuzz_stuff(afl_state_t *afl, u8 *out_buf, u32 len) {
} }
/* Run some code each time scripts each time AFL++ executes the target
with afl-fuzz. */
void post_run(afl_state_t *afl) {
if (unlikely(afl->custom_mutators_count)) {
LIST_FOREACH(&afl->custom_mutator_list, struct custom_mutator, {
if (el->afl_custom_post_run) {
el->afl_custom_post_run(el->data);
}
});
}
}