queue buffer and new splice havoc mutation

2025-06-14 11:08:06 +00:00 · 2020-07-16 14:32:41 +02:00
parent 6513bca07e
commit c2b04bdf6c
4 changed files with 104 additions and 17 deletions
--- a/src/afl-fuzz-queue.c
+++ b/src/afl-fuzz-queue.c
@ -25,6 +25,8 @@
 #include "afl-fuzz.h"
 #include <limits.h>

+#define BUF_PARAMS(name) (void **)&afl->name##_buf, &afl->name##_size
+
 /* Mark deterministic checks as done for a particular queue entry. We use the
   .state file to avoid repeating deterministic fuzzing when resuming aborted
   scans. */
@ -137,6 +139,9 @@ void add_to_queue(afl_state_t *afl, u8 *fname, u32 len, u8 passed_det) {
    afl->q_prev100 = q;

  }
+  
+  struct queue_entry** queue_buf = ck_maybe_grow(BUF_PARAMS(queue), afl->queued_paths * sizeof(struct queue_entry*));
+  queue_buf[afl->queued_paths -1] = q;

  afl->last_path_time = get_cur_time();