ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-10 09:11:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixed example

Browse Source
This commit is contained in:
Dominik Maier 2020-03-30 16:38:51 +02:00
parent e910c224da
commit c36c34cf9e
2 changed files with 14 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
examples/custom_mutators/example.c
View File

@ -142,34 +142,25 @@ size_t afl_custom_fuzz(my_mutator_t *data, uint8_t *buf, size_t buf_size,
size_t afl_custom_pre_save(my_mutator_t *data, uint8_t *buf, size_t buf_size,
uint8_t **out_buf) {
if (data->pre_save_size < buf_size + 5) {
uint8_t *pre_save_buf = maybe_grow(BUF_PARAMS(data, pre_save), buf_size + 5);
if (!pre_save_buf) {
data->pre_save_buf = maybe_grow(BUF_PARAMS(data, pre_save), buf_size + 5);
if (!data->pre_save_buf) {
perror("custom mutator realloc failed.");
*out_buf = NULL;
return 0;
}
data->pre_save_size = buf_size + 5;
perror("custom mutator realloc failed.");
*out_buf = NULL;
return 0;
}
uint8_t *pre_save_buf = data->pre_save_buf;
memcpy(pre_save_buf, buf, buf_size);
size_t out_buf_size = buf_size + 5;
pre_save_buf[buf_size + 0] = 'A';
pre_save_buf[buf_size + 1] = 'F';
pre_save_buf[buf_size + 2] = 'L';
pre_save_buf[buf_size + 3] = '+';
pre_save_buf[buf_size + 4] = '+';
memcpy(pre_save_buf + 5, buf, buf_size);
pre_save_buf[0] = 'A';
pre_save_buf[1] = 'F';
pre_save_buf[2] = 'L';
pre_save_buf[3] = '+';
pre_save_buf[4] = '+';
*out_buf = pre_save_buf;
return out_buf_size;
return buf_size + 5;
}

6
src/afl-fuzz-one.c
View File

@ -1647,10 +1647,8 @@ custom_mutator_stage:
}
/* `afl->out_buf` is actually not changed in the loop. Since `ck_maybe_grow`
is cheap, we still keep the following line but remove `memcpy`. */
out_buf = ck_maybe_grow(BUF_PARAMS(out), len);
// memcpy(out_buf, in_buf, len);
/* `(afl->)out_buf` may have been changed by the call to custom_fuzz */
memcpy(out_buf, in_buf, len);
}