From 092f65bbbd0db5d535bd4358754654ea875b19c3 Mon Sep 17 00:00:00 2001 From: Andrea Fioraldi Date: Mon, 15 Feb 2021 14:41:06 +0100 Subject: [PATCH] forward NewTestcase --- afl/src/events/llmp.rs | 2 +- fuzzers/libfuzzer_libpng/ccc | 200 ++++++++++++++++++++++++++++ fuzzers/libfuzzer_libpng/src/mod.rs | 2 +- 3 files changed, 202 insertions(+), 2 deletions(-) create mode 100644 fuzzers/libfuzzer_libpng/ccc diff --git a/afl/src/events/llmp.rs b/afl/src/events/llmp.rs index bc8d52dce6..e99c4e02ae 100644 --- a/afl/src/events/llmp.rs +++ b/afl/src/events/llmp.rs @@ -215,7 +215,7 @@ where client.update_corpus_size(*corpus_size as u64); client.update_executions(*executions as u64, *time); stats.display(event.name().to_string() + " #" + &sender_id.to_string()); - Ok(BrokerEventResult::Handled) + Ok(BrokerEventResult::Forward) } Event::UpdateStats { time, diff --git a/fuzzers/libfuzzer_libpng/ccc b/fuzzers/libfuzzer_libpng/ccc new file mode 100644 index 0000000000..3fa82ce3ba --- /dev/null +++ b/fuzzers/libfuzzer_libpng/ccc @@ -0,0 +1,200 @@ +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +Connected to port 1337 +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +First run. Let's set it all up +We're a client, let's fuzz :) +Loading file "./corpus/not_kitty_alpha.png" ... +Loading file "./corpus/not_kitty.png" ... +Loading file "./corpus/not_kitty_icc.png" ... +Loading file "./corpus/not_kitty_gamma.png" ... +We imported 4 inputs from disk. +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 44163 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 45491 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 46731 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 47582 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 47827 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 48092 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 49215 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 50339 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 50610 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 51319 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 51560 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 52084 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 52352 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 53343 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 55900 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 56577 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 57101 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 57367 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 58069 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 58335 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 59147 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 60457 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 60723 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 60989 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 61386 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 61643 bytes from previous instance) +We're a client, let's fuzz :) +Child crashed! +Waiting for broker... +Bye! +Workdir: "/home/andrea/Desktop/libAFLrs/fuzzers/libfuzzer_libpng" +We're a client, let's fuzz :) +Subsequent run. Let's load all data from shmem (received 62747 bytes from previous instance) +We're a client, let's fuzz :) diff --git a/fuzzers/libfuzzer_libpng/src/mod.rs b/fuzzers/libfuzzer_libpng/src/mod.rs index 0552338e1e..b40e22afb0 100644 --- a/fuzzers/libfuzzer_libpng/src/mod.rs +++ b/fuzzers/libfuzzer_libpng/src/mod.rs @@ -73,7 +73,7 @@ fn fuzz( objective_dir: PathBuf, broker_port: u16, ) -> Result<(), Error> { - let mut rand = StdRand::new(0); + let mut rand = StdRand::new(afl::utils::current_nanos()); // 'While the stats are state, they are usually used in the broker - which is likely never restarted let stats = SimpleStats::new(|s| println!("{}", s));