Allow setting __afl_persistent_loop argument (support for #433) (#437)

* add AFL_FUZZER_LOOPCOUNT support * update AFL++ to support the env * error on parsing * update afl++ commit id * Update afl/src/lib.rs Co-authored-by: Samuel Moelius <[email protected]> * Update afl/src/lib.rs Co-authored-by: Samuel Moelius <[email protected]> * Format --------- Co-authored-by: Samuel Moelius <[email protected]> Co-authored-by: Samuel Moelius <[email protected]>
rust-fuzz · Dec 16, 2023 · 331cb24 · 331cb24
1 parent 4ff57cc
commit 331cb24
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 2 deletions.
diff --git a/afl/src/lib.rs b/afl/src/lib.rs
@@ -5,6 +5,7 @@
 // you may not use this file except in compliance with the License.
 // See `LICENSE` in this repository.
 
+use std::env;
 use std::io::{self, Read};
 use std::panic;
 
@@ -68,10 +69,18 @@ where
 
     let mut input = vec![];
 
+    let loop_count = if let Ok(value) = env::var("AFL_FUZZER_LOOPCOUNT") {
+        value
+            .parse()
+            .expect("Failed to parse environment variable to a number")
+    } else {
+        usize::MAX
+    };
+
     // initialize forkserver there
     unsafe { __afl_manual_init() };
 
-    while unsafe { __afl_persistent_loop(1000) } != 0 {
+    while unsafe { __afl_persistent_loop(loop_count) } != 0 {
         // get the testcase from the fuzzer
         let input_ref = if unsafe { __afl_fuzz_ptr.is_null() } {
             // in-memory testcase delivery is not enabled

diff --git a/cargo-afl/AFLplusplus b/cargo-afl/AFLplusplus
+1 −1		.custom-format.py
+2 −2		README.md
+10 −0		TODO.md
+15 −17		afl-cmin
+50 −36		afl-cmin.bash
+0 −4		benchmark/COMPARISON
+9 −0		benchmark/COMPARISON.md
+59 −0		benchmark/README.md
+420 −0		benchmark/benchmark-results.jsonl
+1,445 −0		benchmark/benchmark.ipynb
+281 −0		benchmark/benchmark.py
+0 −42		benchmark/benchmark.sh
+53 −0		custom_mutators/examples/custom_post_run.c
+5 −0		custom_mutators/examples/example.py
+16 −4		docs/Changelog.md
+1 −1		docs/INSTALL.md
+4 −0		docs/afl-fuzz_approach.md
+3 −2		docs/custom_mutators.md
+4 −1		docs/tutorials.md
+4 −4		frida_mode/src/main.c
+12 −0		include/afl-fuzz.h
+9 −9		include/afl-mutations.h
+1 −1		include/config.h
+1 −0		include/envs.h
+15 −15		include/xxhash.h
+16 −8		instrumentation/afl-compiler-rt.o.c
+6 −2		instrumentation/afl-llvm-common.cc
+21 −19		instrumentation/cmplog-instructions-pass.cc
+1 −1		instrumentation/cmplog-routines-pass.cc
+1 −1		instrumentation/cmplog-switches-pass.cc
+1 −1		instrumentation/split-switches-pass.so.cc
+1 −1		nyx_mode/LIBNYX_VERSION
+1 −1		nyx_mode/QEMU-Nyx
+1 −1		nyx_mode/QEMU_NYX_VERSION
+1 −1		nyx_mode/libnyx
+1 −1		nyx_mode/packer
+19 −19		qemu_mode/libqasan/dlmalloc.c
+2 −2		qemu_mode/libqasan/malloc.c
+1 −1		qemu_mode/qemuafl
+29 −22		src/afl-cc.c
+25 −2		src/afl-common.c
+1 −2		src/afl-forkserver.c
+11 −0		src/afl-fuzz-bitmap.c
+3 −2		src/afl-fuzz-extras.c
+12 −0		src/afl-fuzz-mutators.c
+17 −15		src/afl-fuzz-one.c
+30 −0		src/afl-fuzz-python.c
+9 −5		src/afl-fuzz-redqueen.c
+18 −1		src/afl-fuzz-run.c
+6 −7		src/afl-fuzz-stats.c
+1 −1		src/afl-ld-lto.c
+1 −1		unicorn_mode/UNICORNAFL_VERSION
+1 −1		unicorn_mode/unicornafl
+18 −1		utils/aflpp_driver/aflpp_driver.c
+3 −3		utils/libtokencap/libtokencap.so.c