-
Notifications
You must be signed in to change notification settings - Fork 42
/
afl-ijon-min.c
83 lines (74 loc) · 2.35 KB
/
afl-ijon-min.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#include <string.h>
#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
#include <assert.h>
#include <time.h>
#include "afl-ijon-min.h"
ijon_input_info* new_ijon_input_info(char* max_dir, int i){
ijon_input_info* self = malloc(sizeof(ijon_input_info));
assert(asprintf(&self->filename,"%s/%d", max_dir, i)>0);
self->slot_id = i;
self->len = 0;
return self;
}
ijon_min_state* new_ijon_min_state(char* max_dir) {
ijon_min_state* self = malloc(sizeof(ijon_min_state));
self->max_dir = max_dir;
self->num_entries = 0;
self->num_updates = 0;
for(int i = 0; i< MAXMAP_SIZE; i++){
self->max_map[i] = 0;
self->infos[i]=new_ijon_input_info(max_dir, i);
}
return self;
}
u8 ijon_should_schedule(ijon_min_state* self){
if(self->num_entries > 0){
return random()%100 > 20;
}
return 0;
}
ijon_input_info* ijon_get_input(ijon_min_state* self){
uint32_t rnd = random()%self->num_entries;
for(int i = 0; i<MAXMAP_SIZE; i++){
if(self->max_map[i]>0){
if(rnd==0){
printf("schedule: %i %s\n",i, self->infos[i]->filename);
return self->infos[i];
}
rnd-=1;
}
}
return 0;
}
void ijon_store_max_input(ijon_min_state* self, int i, uint8_t* data, size_t len){
ijon_input_info* inf = self->infos[i];
inf->len = len;
int fd = open(inf->filename, O_CREAT|O_TRUNC|O_WRONLY,0600);
assert(write(fd,data,len) == len);
close(fd);
char* filename = NULL;
assert(asprintf(&filename, "%s/finding_%lu_%lu", self->max_dir, self->num_updates, time(0)) > 0);
self->num_updates+=1;
fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY,0600);
assert(write(fd,data,len) == len);
close(fd);
free(filename);
}
void ijon_update_max(ijon_min_state* self, shared_data_t* shared, uint8_t* data, size_t len){
int should_min = (len>512) ;
for(int i=0; i<MAXMAP_SIZE; i++){
if(shared->afl_max[i] > self->max_map[i]){
if(self->max_map[i]==0){ // found an input that triggers a new slot
self->num_entries++;
}
self->max_map[i] = shared->afl_max[i];
printf("updated maxmap %d: %lx (len: %ld)\n", i, self->max_map[i], len);
ijon_store_max_input(self, i, data, len);
}else if(should_min && (shared->afl_max[i] == self->max_map[i] ) && ( len < self->infos[i]->len) ){
printf("minimized maxmap %d: %lx (len: %ld)\n", i, self->max_map[i], len);
ijon_store_max_input(self,i,data,len);
}
}
}