ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-12 10:08:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

show fuzzing state

Browse Source
This commit is contained in:
vanhauser-thc
2023-06-08 12:32:51 +02:00
parent c7c6ad1a94
commit c28779adc5
3 changed files with 47 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
include/afl-fuzz.h
View File

@ -1202,6 +1202,7 @@ u8 check_if_text_buf(u8 *buf, u32 len);
#ifndef AFL_SHOWMAP #ifndef AFL_SHOWMAP
void setup_signal_handlers(void); void setup_signal_handlers(void);
#endif #endif
char *get_fuzzing_state(afl_state_t *afl);
/* CmpLog */ /* CmpLog */

5
src/afl-fuzz-one.c
View File

@ -402,11 +402,12 @@ u8 fuzz_one_original(afl_state_t *afl) {
if (unlikely(afl->not_on_tty)) { if (unlikely(afl->not_on_tty)) {
ACTF( ACTF(
"Fuzzing test case #%u (%u total, %llu crashes saved, mode=%s, " "Fuzzing test case #%u (%u total, %llu crashes saved, state: %s, "
"mode=%s, "
"perf_score=%0.0f, weight=%0.0f, favorite=%u, was_fuzzed=%u, " "perf_score=%0.0f, weight=%0.0f, favorite=%u, was_fuzzed=%u, "
"exec_us=%llu, hits=%u, map=%u, ascii=%u)...", "exec_us=%llu, hits=%u, map=%u, ascii=%u)...",
afl->current_entry, afl->queued_items, afl->saved_crashes, afl->current_entry, afl->queued_items, afl->saved_crashes,
afl->fuzz_mode ? "exploit" : "explore", get_fuzzing_state(afl), afl->fuzz_mode ? "exploit" : "explore",
afl->queue_cur->perf_score, afl->queue_cur->weight, afl->queue_cur->perf_score, afl->queue_cur->weight,
afl->queue_cur->favored, afl->queue_cur->was_fuzzed, afl->queue_cur->favored, afl->queue_cur->was_fuzzed,
afl->queue_cur->exec_us, afl->queue_cur->exec_us,

46
src/afl-fuzz-stats.c
View File

@ -27,6 +27,45 @@
#include "envs.h" #include "envs.h"
#include <limits.h> #include <limits.h>
static char fuzzing_state[4][12] = {"started :-)", "in progress", "final phase",
"finished..."};
char *get_fuzzing_state(afl_state_t *afl) {
u64 cur_ms = get_cur_time();
u64 last_find = cur_ms - afl->last_find_time;
u64 cur_run_time = cur_ms - afl->start_time;
u64 cur_total_run_time = afl->prev_run_time + cur_run_time;
if (unlikely(cur_run_time < 60 * 3 * 1000 ||
cur_total_run_time < 60 * 5 * 1000)) {
return fuzzing_state[0];
} else {
u64 last_find_100 = 100 * last_find;
u64 percent_cur = last_find_100 / cur_run_time;
u64 percent_total = last_find_100 / cur_total_run_time;
if (unlikely(percent_cur >= 90 && percent_total >= 90)) {
return fuzzing_state[3];
} else if (unlikely(percent_cur >= 75 && percent_total >= 75)) {
return fuzzing_state[2];
} else {
return fuzzing_state[1];
}
}
}
/* Write fuzzer setup file */ /* Write fuzzer setup file */
void write_setup_file(afl_state_t *afl, u32 argc, char **argv) { void write_setup_file(afl_state_t *afl, u32 argc, char **argv) {
@ -1283,9 +1322,10 @@ void show_stats_normal(afl_state_t *afl) {
/* Last line */ /* Last line */
SAYF(SET_G1 "\n" bSTG bLB bH cCYA bSTOP SAYF(SET_G1 "\n" bSTG bLB bH cCYA bSTOP " strategy:" cPIN
" strategy:%s %s " bSTG bH20 bH10 bH2 bRB bSTOP cRST RESET_G1, " %s " bSTG bH10 cCYA bSTOP " state:" cPIN
cPIN, afl->fuzz_mode == 0 ? "explore" : "exploit"); " %s " bSTG bH2 bRB bSTOP cRST RESET_G1,
afl->fuzz_mode == 0 ? "explore" : "exploit", get_fuzzing_state(afl));
#undef IB #undef IB