Lines Matching +full:0 +full:- +full:2024 +full:- +full:01 +full:- +full:07 +full:- +full:lin
2 american fuzzy lop++ - fuzzer header
3 ------------------------------------
7 Now maintained by Marc Heuse <mh@mh-sec.de>,
13 Copyright 2019-2024 AFLplusplus Project. All rights reserved.
19 https://www.apache.org/licenses/LICENSE-2.0
43 #include "alloc-inl.h"
129 // Little helper to access the ptr to afl->##name_buf - for use in afl_realloc.
130 #define AFL_BUF_PARAM(name) ((void **)&afl->name##_buf)
273 /* 01 */ STAGE_FLIP2,
279 /* 07 */ STAGE_ARITH16,
306 /* 01 */ STAGE_VAL_LE,
332 /* 00 */ EXPLORE, /* AFL default, Exploration-based constant schedule */
333 /* 01 */ MMOPT, /* Modified MOPT schedule */
334 /* 02 */ EXPLOIT, /* AFL's exploitation-based const. */
336 /* 04 */ COE, /* Cut-Off Exponential schedule */
337 /* 05 */ LIN, /* Linear schedule */ enumerator
339 /* 07 */ RARE, /* Rare edges */
377 /* 01 */ PY_FUNC_DEINIT,
385 /* 07 */ PY_FUNC_TRIM,
561 non_instrumented_mode, /* Run in non-instrumented mode? */
569 in_place_resume, /* Attempt in-place resume? */
570 autoresume, /* Resume if afl->out_dir exists? */
571 auto_changed, /* Auto-generated tokens changed? */
604 volatile u8 stop_soon, /* Ctrl-C pressed? */
611 queued_imported, /* Items imported via -S */
709 /* afl_postprocess API - Now supported via custom mutators */
831 /* Global Profile Data for deterministic/havoc-splice stage */
867 * When afl-fuzz was compiled with INTROSPECTION=1 then custom mutators can
880 * A value of 0 means no fuzzing of this queue entry.
889 * @return The amount of fuzzes to perform on this queue entry, 0 = skip
894 * Opt-out of a splicing input for the fuzz mutator
896 * Empty dummy function. It's presence tells afl-fuzz not to pass a
935 * @return A valid ptr to a 0-terminated string.
941 * A post-processing function to use right before AFL writes the test case to
946 * PERFORMANCE: If you can modify the data in-place you will have a better
957 * It can chose to alter buf in-place, if the space is large enough.
972 * return 1 here and always return 0 in post_trim until you are finished and
1015 * @return The next trim iteration index (from 0 to the maximum amount of
1046 * @return The probability (0-100).
1058 * False(0) otherwise.
1065 * that you start the target with afl-fuzz.
1077 * AFL++ executes the target with afl-fuzz.
1295 /* Generate a random number (from 0 to limit - 1). This may
1300 if (unlikely(limit <= 1)) return 0; in rand_below()
1304 if (unlikely(!afl->rand_cnt--) && likely(!afl->fixed_seed)) { in rand_below()
1306 ck_read(afl->fsrv.dev_urandom_fd, &afl->rand_seed, sizeof(afl->rand_seed), in rand_below()
1308 // srandom(afl->rand_seed[0]); in rand_below()
1309 afl->rand_cnt = (RESEED_RNG / 2) + (afl->rand_seed[1] % RESEED_RNG); in rand_below()
1313 /* Modulo is biased - we don't want our fuzzing to be biased so let's do it in rand_below()
1315 …ps://stackoverflow.com/questions/10984974/why-do-people-say-there-is-modulo-bias-when-using-a-rand… in rand_below()
1322 } while (unlikely(unbiased_rnd >= (UINT64_MAX - (UINT64_MAX % limit)))); in rand_below()
1333 if (unlikely(limit <= 1)) return 0; in rand_below_datalen()
1338 return (rand_below(afl, limit) % (1 + rand_below(afl, limit - 1))) % in rand_below_datalen()
1339 (1 + rand_below(afl, limit - 1)); in rand_below_datalen()
1342 return rand_below(afl, limit) % (1 + rand_below(afl, limit - 1)); in rand_below_datalen()
1344 case 0: in rand_below_datalen()
1356 if (unlikely(afl->fixed_seed)) { return afl->init_seed; } in rand_get_seed()
1357 return afl->rand_seed[0]; in rand_get_seed()