Merge pull request #1915 from yangzao/dev

add custom mutator function for running script after target gets executed
2025-06-14 19:08:08 +00:00 · 2023-11-28 05:55:23 +01:00
parent 0547c49b2b 81b43cefdf
commit e4f3ebcebb
8 changed files with 152 additions and 25 deletions
--- a/src/afl-fuzz-stats.c
+++ b/src/afl-fuzz-stats.c
@ -138,7 +138,7 @@ void load_stats_file(afl_state_t *afl) {

  FILE *f;
  u8    buf[MAX_LINE];
-  u8 *  lptr;
+  u8   *lptr;
  u8    fn[PATH_MAX];
  u32   lineno = 0;
  snprintf(fn, PATH_MAX, "%s/fuzzer_stats", afl->out_dir);
@ -421,7 +421,7 @@ void write_stats_file(afl_state_t *afl, u32 t_bytes, double bitmap_cvg,
 void write_queue_stats(afl_state_t *afl) {

  FILE *f;
-  u8 *  fn = alloc_printf("%s/queue_data", afl->out_dir);
+  u8   *fn = alloc_printf("%s/queue_data", afl->out_dir);
  if ((f = fopen(fn, "w")) != NULL) {

    u32 id;
@ -857,8 +857,9 @@ void show_stats_normal(afl_state_t *afl) {
  /* Since `total_crashes` does not get reloaded from disk on restart,
    it indicates if we found crashes this round already -> paint red.
    If it's 0, but `saved_crashes` is set from a past run, paint in yellow. */
-  char *crash_color =
-      afl->total_crashes ? cLRD : afl->saved_crashes ? cYEL : cRST;
+  char *crash_color = afl->total_crashes   ? cLRD
+                      : afl->saved_crashes ? cYEL
+                                           : cRST;

  /* Lord, forgive me this. */

@ -881,26 +882,26 @@ void show_stats_normal(afl_state_t *afl) {

    } else

-        /* Subsequent cycles, but we're still making finds. */
-        if (afl->cycles_wo_finds < 25 || min_wo_finds < 30) {
+      /* Subsequent cycles, but we're still making finds. */
+      if (afl->cycles_wo_finds < 25 || min_wo_finds < 30) {

-      strcpy(tmp, cYEL);
+        strcpy(tmp, cYEL);

-    } else
+      } else

        /* No finds for a long time and no test cases to try. */
        if (afl->cycles_wo_finds > 100 && !afl->pending_not_fuzzed &&
            min_wo_finds > 120) {

-      strcpy(tmp, cLGN);
+          strcpy(tmp, cLGN);

-      /* Default: cautiously OK to stop? */
+          /* Default: cautiously OK to stop? */

-    } else {
+        } else {

-      strcpy(tmp, cLBL);
+          strcpy(tmp, cLBL);

-    }
+        }

  }

@ -1666,8 +1667,9 @@ void show_stats_pizza(afl_state_t *afl) {
  /* Since `total_crashes` does not get reloaded from disk on restart,
    it indicates if we found crashes this round already -> paint red.
    If it's 0, but `saved_crashes` is set from a past run, paint in yellow. */
-  char *crash_color =
-      afl->total_crashes ? cLRD : afl->saved_crashes ? cYEL : cRST;
+  char *crash_color = afl->total_crashes   ? cLRD
+                      : afl->saved_crashes ? cYEL
+                                           : cRST;

  /* Lord, forgive me this. */

@ -1690,26 +1692,26 @@ void show_stats_pizza(afl_state_t *afl) {

    } else

-        /* Subsequent cycles, but we're still making finds. */
-        if (afl->cycles_wo_finds < 25 || min_wo_finds < 30) {
+      /* Subsequent cycles, but we're still making finds. */
+      if (afl->cycles_wo_finds < 25 || min_wo_finds < 30) {

-      strcpy(tmp, cYEL);
+        strcpy(tmp, cYEL);

-    } else
+      } else

        /* No finds for a long time and no test cases to try. */
        if (afl->cycles_wo_finds > 100 && !afl->pending_not_fuzzed &&
            min_wo_finds > 120) {

-      strcpy(tmp, cLGN);
+          strcpy(tmp, cLGN);

-      /* Default: cautiously OK to stop? */
+          /* Default: cautiously OK to stop? */

-    } else {
+        } else {

-      strcpy(tmp, cLBL);
+          strcpy(tmp, cLBL);

-    }
+        }

  }