ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-08 16:21:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed according to PR comment, moved cli flag to an env variable

Browse Source
This commit is contained in:
Amit Elkabetz 2023-03-05 20:25:39 +02:00
parent 5e7f8a51e0
commit e9e440d7f3
4 changed files with 35 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/env_variables.md
View File

@ -584,6 +584,12 @@ checks or alter some of the more exotic semantics of the tool:
- Set `AFL_PIZZA_MODE` to 1 to enable the April 1st stats menu, set to 0
to disable although it is 1st of April.
- If you need a specific interval to update fuzzer_stats file, you can
set `AFL_FUZZER_STATS_UPDATE_INTERVAL` to the interval in seconds you'd
the file to be updated.
Note that will not be exact and with slow targets it can take seconds
until there is a slice for the time test.
## 5) Settings for afl-qemu-trace
The QEMU wrapper used to instrument binary-only code supports several settings:

1
include/envs.h
View File

@ -91,6 +91,7 @@ static char *afl_environment_variables[] = {
"AFL_FRIDA_TRACEABLE",
"AFL_FRIDA_VERBOSE",
"AFL_FUZZER_ARGS", // oss-fuzz
"AFL_FUZZER_STATS_UPDATE_INTERVAL",
"AFL_GDB",
"AFL_GCC_ALLOWLIST",
"AFL_GCC_DENYLIST",

20
src/afl-fuzz-state.c
View File

@ -24,6 +24,7 @@
*/
#include <signal.h>
#include <limits.h>
#include "afl-fuzz.h"
#include "envs.h"
@ -566,6 +567,25 @@ void read_afl_environment(afl_state_t *afl, char **envp) {
}
} else if (!strncmp(env, "AFL_FUZZER_STATS_UPDATE_INTERVAL",
afl_environment_variable_len)) {
u64 stats_update_freq_sec =
strtoull(get_afl_env(afl_environment_variables[i]), NULL, 0);
if (ULLONG_MAX == stats_update_freq_sec ||
0 == stats_update_freq_sec) {
WARNF(
"Incorrect value given to AFL_FUZZER_STATS_UPDATE_INTERVAL, "
"using default of 60 seconds\n");
} else {
afl->stats_file_update_freq_msecs = stats_update_freq_sec * 1000;
}
}
} else {

26
src/afl-fuzz.c
View File

@ -211,8 +211,6 @@ static void usage(u8 *argv0, int more_help) {
"(0-...)\n"
" -e ext - file extension for the fuzz test input file (if "
"needed)\n"
" -u - interval to update fuzzer_stats file in seconds, "
"defaults to 60 sec, minimum interval: 1 sec\n"
"\n",
argv0, EXEC_TIMEOUT, MEM_LIMIT, MAX_FILE, FOREIGN_SYNCS_MAX);
@ -315,6 +313,8 @@ static void usage(u8 *argv0, int more_help) {
" afl-clang-lto/afl-gcc-fast target\n"
"AFL_PERSISTENT: enforce persistent mode (if __AFL_LOOP is in a shared lib\n"
"AFL_DEFER_FORKSRV: enforced deferred forkserver (__AFL_INIT is in a .so)\n"
"AFL_FUZZER_STATS_UPDATE_INTERVAL: interval to update fuzzer_stats file in seconds, "
"(default: 60, minimum: 1)\n"
"\n"
);
@ -504,7 +504,7 @@ fail:
int main(int argc, char **argv_orig, char **envp) {
s32 opt, auto_sync = 0 /*, user_set_cache = 0*/;
u64 prev_queued = 0, stats_update_freq_sec = 0;
u64 prev_queued = 0;
u32 sync_interval_cnt = 0, seek_to = 0, show_help = 0, default_output = 1,
map_size = get_map_size();
u8 *extras_dir[4];
@ -553,9 +553,11 @@ int main(int argc, char **argv_orig, char **envp) {
afl->shmem_testcase_mode = 1; // we always try to perform shmem fuzzing
while ((opt = getopt(argc, argv,
"+Ab:B:c:CdDe:E:hi:I:f:F:g:G:l:L:m:M:nNOo:p:RQs:S:t:T:u:"
"UV:WXx:YZ")) > 0) {
while (
(opt = getopt(
argc, argv,
"+Ab:B:c:CdDe:E:hi:I:f:F:g:G:l:L:m:M:nNOo:p:RQs:S:t:T:UV:WXx:YZ")) >
0) {
switch (opt) {
@ -666,18 +668,6 @@ int main(int argc, char **argv_orig, char **envp) {
break;
case 'u':
if (sscanf(optarg, "%llu", &stats_update_freq_sec) < 1) {
FATAL("Bad syntax used for -u");
}
if (stats_update_freq_sec < 1) { FATAL("-u interval must be >= 1"); }
afl->stats_file_update_freq_msecs = stats_update_freq_sec * 1000;
break;
case 'i': /* input dir */
if (afl->in_dir) { FATAL("Multiple -i options not supported"); }