add AFL_TARGET_ENV to afl-fuzz

2025-06-13 02:28:09 +00:00 · 2021-03-17 01:51:40 +03:00
parent 65b90001f6
commit d7e121e2c9
7 changed files with 119 additions and 0 deletions
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@ -9,6 +9,9 @@ Want to stay in the loop on major new features? Join our mailing list by
 sending a mail to <afl-users+subscribe@googlegroups.com>.

 ### Version ++3.12a (dev)
+  - afl-fuzz:
+    - added AFL_TARGET_ENV variable to pass extra env vars to the target
+      (for things like LD_LIBRARY_PATH)
  - afl-cc:
    - fix cmplog rtn (rare crash and not being able to gather ptr data)
    - link runtime not to shared libs
--- a/docs/env_variables.md
+++ b/docs/env_variables.md
@ -408,6 +408,12 @@ checks or alter some of the more exotic semantics of the tool:
    without disrupting the afl-fuzz process itself. This is useful, among other
    things, for bootstrapping libdislocator.so.

+  - Setting `AFL_TARGET_ENV` causes AFL++ to set extra environment variables
+    for the target binary. Example: `AFL_TARGET_ENV="VAR1=1 VAR2='a b c'" afl-fuzz ... `
+    This exists mostly for things like `LD_LIBRARY_PATH` but it would theoretically
+    allow fuzzing of AFL++ itself (with 'target' AFL++ using some AFL_ vars that
+    would disrupt work of 'fuzzer' AFL++).
+
  - Setting `AFL_NO_UI` inhibits the UI altogether, and just periodically prints
    some basic stats. This behavior is also automatically triggered when the
    output from afl-fuzz is redirected to a file or to a pipe.