SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixed testcases

Browse Source
This commit is contained in:
Dominik Maier 2021-02-04 21:17:08 +01:00
parent beca91e3d3
commit 2440aaedfc
9 changed files with 53 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
afl/src/events/mod.rs
View File

@ -14,13 +14,13 @@ use serde::{Deserialize, Serialize};
use crate::shmem::AflShmem; use crate::shmem::AflShmem;
use crate::{ use crate::{
corpus::Corpus, corpus::Corpus,
engines::State,
feedbacks::FeedbacksTuple, feedbacks::FeedbacksTuple,
inputs::Input, inputs::Input,
llmp::{self, LlmpClient, LlmpClientDescription, Tag}, llmp::{self, LlmpClient, LlmpClientDescription, Tag},
observers::ObserversTuple, observers::ObserversTuple,
serde_anymap::Ptr, serde_anymap::Ptr,
shmem::ShMem, shmem::ShMem,
state::State,
utils::{current_time, Rand}, utils::{current_time, Rand},
AflError, AflError,
}; };

6
afl/src/executors/inmemory.rs
View File

@ -4,12 +4,12 @@ use os_signals::set_oncrash_ptrs;
use crate::{ use crate::{
corpus::Corpus, corpus::Corpus,
engines::State,
events::EventManager, events::EventManager,
executors::{Executor, ExitKind, HasObservers}, executors::{Executor, ExitKind, HasObservers},
feedbacks::FeedbacksTuple, feedbacks::FeedbacksTuple,
inputs::{HasTargetBytes, Input}, inputs::{HasTargetBytes, Input},
observers::ObserversTuple, observers::ObserversTuple,
state::State,
tuples::Named, tuples::Named,
utils::Rand, utils::Rand,
AflError, AflError,
@ -205,8 +205,8 @@ pub mod unix_signals {
}; };
use crate::{ use crate::{
corpus::Corpus, engines::State, events::EventManager, feedbacks::FeedbacksTuple, corpus::Corpus, events::EventManager, feedbacks::FeedbacksTuple, inputs::Input,
inputs::Input, observers::ObserversTuple, utils::Rand, observers::ObserversTuple, state::State, utils::Rand,
}; };
/// Pointers to values only needed on crash. As the program will not continue after a crash, /// Pointers to values only needed on crash. As the program will not continue after a crash,

2
afl/src/executors/mod.rs
View File

@ -9,11 +9,11 @@ use core::marker::PhantomData;
use crate::{ use crate::{
corpus::Corpus, corpus::Corpus,
engines::State,
events::EventManager, events::EventManager,
feedbacks::FeedbacksTuple, feedbacks::FeedbacksTuple,
inputs::{HasTargetBytes, Input}, inputs::{HasTargetBytes, Input},
observers::ObserversTuple, observers::ObserversTuple,
state::State,
tuples::{MatchNameAndType, MatchType, Named, TupleList}, tuples::{MatchNameAndType, MatchType, Named, TupleList},
utils::Rand, utils::Rand,
AflError, AflError,

2
afl/src/lib.rs
View File

@ -10,7 +10,6 @@ extern crate alloc;
extern crate static_assertions; extern crate static_assertions;
pub mod corpus; pub mod corpus;
pub mod engines;
pub mod events; pub mod events;
pub mod executors; pub mod executors;
pub mod feedbacks; pub mod feedbacks;
@ -23,6 +22,7 @@ pub mod observers;
pub mod serde_anymap; pub mod serde_anymap;
pub mod shmem; pub mod shmem;
pub mod stages; pub mod stages;
pub mod state;
pub mod tuples; pub mod tuples;
pub mod utils; pub mod utils;

33
afl/src/stages/mod.rs
View File

@ -3,12 +3,12 @@ pub use mutational::StdMutationalStage;
use crate::{ use crate::{
corpus::Corpus, corpus::Corpus,
engines::State,
events::EventManager, events::EventManager,
executors::{Executor, ExecutorsTuple, HasObservers}, executors::{Executor, HasObservers},
feedbacks::FeedbacksTuple, feedbacks::FeedbacksTuple,
inputs::Input, inputs::Input,
observers::ObserversTuple, observers::ObserversTuple,
state::State,
tuples::TupleList, tuples::TupleList,
utils::Rand, utils::Rand,
AflError, AflError,
@ -16,13 +16,12 @@ use crate::{
/// A stage is one step in the fuzzing process. /// A stage is one step in the fuzzing process.
/// Multiple stages will be scheduled one by one for each input. /// Multiple stages will be scheduled one by one for each input.
pub trait Stage<EM, E, OT, FT, ET, C, I, R> pub trait Stage<EM, E, OT, FT, C, I, R>
where where
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
@ -39,13 +38,12 @@ where
) -> Result<(), AflError>; ) -> Result<(), AflError>;
} }
pub trait StagesTuple<EM, E, OT, FT, ET, C, I, R> pub trait StagesTuple<EM, E, OT, FT, C, I, R>
where where
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
@ -59,17 +57,16 @@ where
manager: &mut EM, manager: &mut EM,
corpus_idx: usize, corpus_idx: usize,
) -> Result<(), AflError>; ) -> Result<(), AflError>;
fn for_each(&self, f: fn(&dyn Stage<EM, E, OT, FT, ET, C, I, R>)); fn for_each(&self, f: fn(&dyn Stage<EM, E, OT, FT, C, I, R>));
fn for_each_mut(&mut self, f: fn(&mut dyn Stage<EM, E, OT, FT, ET, C, I, R>)); fn for_each_mut(&mut self, f: fn(&mut dyn Stage<EM, E, OT, FT, C, I, R>));
} }
impl<EM, E, OT, FT, ET, C, I, R> StagesTuple<EM, E, OT, FT, ET, C, I, R> for () impl<EM, E, OT, FT, C, I, R> StagesTuple<EM, E, OT, FT, C, I, R> for ()
where where
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
@ -85,20 +82,18 @@ where
) -> Result<(), AflError> { ) -> Result<(), AflError> {
Ok(()) Ok(())
} }
fn for_each(&self, _f: fn(&dyn Stage<EM, E, OT, FT, ET, C, I, R>)) {} fn for_each(&self, _f: fn(&dyn Stage<EM, E, OT, FT, C, I, R>)) {}
fn for_each_mut(&mut self, _f: fn(&mut dyn Stage<EM, E, OT, FT, ET, C, I, R>)) {} fn for_each_mut(&mut self, _f: fn(&mut dyn Stage<EM, E, OT, FT, C, I, R>)) {}
} }
impl<Head, Tail, EM, E, OT, FT, ET, C, I, R> StagesTuple<EM, E, OT, FT, ET, C, I, R> impl<Head, Tail, EM, E, OT, FT, C, I, R> StagesTuple<EM, E, OT, FT, C, I, R> for (Head, Tail)
for (Head, Tail)
where where
Head: Stage<EM, E, OT, FT, ET, C, I, R>, Head: Stage<EM, E, OT, FT, C, I, R>,
Tail: StagesTuple<EM, E, OT, FT, ET, C, I, R> + TupleList, Tail: StagesTuple<EM, E, OT, FT, C, I, R> + TupleList,
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
@ -118,12 +113,12 @@ where
.perform_all(rand, executor, state, corpus, manager, corpus_idx) .perform_all(rand, executor, state, corpus, manager, corpus_idx)
} }
fn for_each(&self, f: fn(&dyn Stage<EM, E, OT, FT, ET, C, I, R>)) { fn for_each(&self, f: fn(&dyn Stage<EM, E, OT, FT, C, I, R>)) {
f(&self.0); f(&self.0);
self.1.for_each(f) self.1.for_each(f)
} }
fn for_each_mut(&mut self, f: fn(&mut dyn Stage<EM, E, OT, FT, ET, C, I, R>)) { fn for_each_mut(&mut self, f: fn(&mut dyn Stage<EM, E, OT, FT, C, I, R>)) {
f(&mut self.0); f(&mut self.0);
self.1.for_each_mut(f) self.1.for_each_mut(f)
} }

26
afl/src/stages/mutational.rs
View File

@ -1,15 +1,15 @@
use core::marker::PhantomData; use core::marker::PhantomData;
use crate::{ use crate::{
engines::State,
events::EventManager, events::EventManager,
executors::{Executor, ExecutorsTuple, HasObservers}, executors::{Executor, HasObservers},
feedbacks::FeedbacksTuple, feedbacks::FeedbacksTuple,
inputs::Input, inputs::Input,
mutators::Mutator, mutators::Mutator,
observers::ObserversTuple, observers::ObserversTuple,
stages::Corpus, stages::Corpus,
stages::Stage, stages::Stage,
state::State,
utils::Rand, utils::Rand,
AflError, AflError,
}; };
@ -19,15 +19,13 @@ use crate::{
/// A Mutational stage is the stage in a fuzzing run that mutates inputs. /// A Mutational stage is the stage in a fuzzing run that mutates inputs.
/// Mutational stages will usually have a range of mutations that are /// Mutational stages will usually have a range of mutations that are
/// being applied to the input one by one, between executions. /// being applied to the input one by one, between executions.
pub trait MutationalStage<M, EM, E, OT, FT, ET, C, I, R>: pub trait MutationalStage<M, EM, E, OT, FT, C, I, R>: Stage<EM, E, OT, FT, C, I, R>
Stage<EM, E, OT, FT, ET, C, I, R>
where where
M: Mutator<C, I, R>, M: Mutator<C, I, R>,
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
@ -88,31 +86,29 @@ where
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
/// The default mutational stage /// The default mutational stage
pub struct StdMutationalStage<M, EM, E, OT, FT, ET, C, I, R> pub struct StdMutationalStage<M, EM, E, OT, FT, C, I, R>
where where
M: Mutator<C, I, R>, M: Mutator<C, I, R>,
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
{ {
mutator: M, mutator: M,
phantom: PhantomData<(EM, E, OT, FT, ET, C, I, R)>, phantom: PhantomData<(EM, E, OT, FT, C, I, R)>,
} }
impl<M, EM, E, OT, FT, ET, C, I, R> MutationalStage<M, EM, E, OT, FT, ET, C, I, R> impl<M, EM, E, OT, FT, C, I, R> MutationalStage<M, EM, E, OT, FT, C, I, R>
for StdMutationalStage<M, EM, E, OT, FT, ET, C, I, R> for StdMutationalStage<M, EM, E, OT, FT, C, I, R>
where where
M: Mutator<C, I, R>, M: Mutator<C, I, R>,
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
@ -130,15 +126,14 @@ where
} }
} }
impl<M, EM, E, OT, FT, ET, C, I, R> Stage<EM, E, OT, FT, ET, C, I, R> impl<M, EM, E, OT, FT, C, I, R> Stage<EM, E, OT, FT, C, I, R>
for StdMutationalStage<M, EM, E, OT, FT, ET, C, I, R> for StdMutationalStage<M, EM, E, OT, FT, C, I, R>
where where
M: Mutator<C, I, R>, M: Mutator<C, I, R>,
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
@ -157,14 +152,13 @@ where
} }
} }
impl<M, EM, E, OT, FT, ET, C, I, R> StdMutationalStage<M, EM, E, OT, FT, ET, C, I, R> impl<M, EM, E, OT, FT, C, I, R> StdMutationalStage<M, EM, E, OT, FT, C, I, R>
where where
M: Mutator<C, I, R>, M: Mutator<C, I, R>,
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,

37
afl/src/engines/mod.rs → afl/src/state/mod.rs
View File

@ -1,4 +1,4 @@
//! The engine is the core piece of every good fuzzer //! The fuzzer, and state are the core pieces of every good fuzzer
use core::{fmt::Debug, marker::PhantomData}; use core::{fmt::Debug, marker::PhantomData};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
@ -11,7 +11,7 @@ use std::{
use crate::{ use crate::{
corpus::{Corpus, Testcase}, corpus::{Corpus, Testcase},
events::EventManager, events::EventManager,
executors::{Executor, ExecutorsTuple, HasObservers}, executors::{Executor, HasObservers},
feedbacks::FeedbacksTuple, feedbacks::FeedbacksTuple,
generators::Generator, generators::Generator,
inputs::Input, inputs::Input,
@ -288,7 +288,7 @@ where
} }
} }
pub fn generate_initial_inputs<G, C, E, OT, ET, EM>( pub fn generate_initial_inputs<G, C, E, OT, EM>(
&mut self, &mut self,
rand: &mut R, rand: &mut R,
executor: &mut E, executor: &mut E,
@ -302,7 +302,6 @@ where
C: Corpus<I, R>, C: Corpus<I, R>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
ET: ExecutorsTuple<I>,
EM: EventManager<I>, EM: EventManager<I>,
{ {
let mut added = 0; let mut added = 0;
@ -332,14 +331,13 @@ where
} }
} }
pub trait Fuzzer<ST, EM, E, OT, FT, ET, C, I, R> pub trait Fuzzer<ST, EM, E, OT, FT, C, I, R>
where where
ST: StagesTuple<EM, E, OT, FT, ET, C, I, R>, ST: StagesTuple<EM, E, OT, FT, C, I, R>,
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
@ -386,31 +384,29 @@ where
} }
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
pub struct StdFuzzer<ST, EM, E, OT, FT, ET, C, I, R> pub struct StdFuzzer<ST, EM, E, OT, FT, C, I, R>
where where
ST: StagesTuple<EM, E, OT, FT, ET, C, I, R>, ST: StagesTuple<EM, E, OT, FT, C, I, R>,
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
{ {
stages: ST, stages: ST,
phantom: PhantomData<(EM, E, OT, FT, ET, C, I, R)>, phantom: PhantomData<(EM, E, OT, FT, C, I, R)>,
} }
impl<ST, EM, E, OT, FT, ET, C, I, R> Fuzzer<ST, EM, E, OT, FT, ET, C, I, R> impl<ST, EM, E, OT, FT, C, I, R> Fuzzer<ST, EM, E, OT, FT, C, I, R>
for StdFuzzer<ST, EM, E, OT, FT, ET, C, I, R> for StdFuzzer<ST, EM, E, OT, FT, C, I, R>
where where
ST: StagesTuple<EM, E, OT, FT, ET, C, I, R>, ST: StagesTuple<EM, E, OT, FT, C, I, R>,
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
@ -424,14 +420,13 @@ where
} }
} }
impl<ST, EM, E, OT, FT, ET, C, I, R> StdFuzzer<ST, EM, E, OT, FT, ET, C, I, R> impl<ST, EM, E, OT, FT, C, I, R> StdFuzzer<ST, EM, E, OT, FT, C, I, R>
where where
ST: StagesTuple<EM, E, OT, FT, ET, C, I, R>, ST: StagesTuple<EM, E, OT, FT, C, I, R>,
EM: EventManager<I>, EM: EventManager<I>,
E: Executor<I> + HasObservers<OT>, E: Executor<I> + HasObservers<OT>,
OT: ObserversTuple, OT: ObserversTuple,
FT: FeedbacksTuple<I>, FT: FeedbacksTuple<I>,
ET: ExecutorsTuple<I>,
C: Corpus<I, R>, C: Corpus<I, R>,
I: Input, I: Input,
R: Rand, R: Rand,
@ -451,11 +446,11 @@ mod tests {
use crate::{ use crate::{
corpus::{Corpus, InMemoryCorpus, Testcase}, corpus::{Corpus, InMemoryCorpus, Testcase},
engines::{Fuzzer, State, StdFuzzer},
executors::{Executor, ExitKind, InMemoryExecutor}, executors::{Executor, ExitKind, InMemoryExecutor},
inputs::{BytesInput, Input}, inputs::{BytesInput, Input},
mutators::{mutation_bitflip, ComposedByMutations, StdScheduledMutator}, mutators::{mutation_bitflip, ComposedByMutations, StdScheduledMutator},
stages::StdMutationalStage, stages::StdMutationalStage,
state::{Fuzzer, State, StdFuzzer},
tuples::tuple_list, tuples::tuple_list,
utils::StdRand, utils::StdRand,
}; };
@ -468,7 +463,7 @@ mod tests {
} }
#[test] #[test]
fn test_engine() { fn test_fuzzer() {
let mut rand = StdRand::new(0); let mut rand = StdRand::new(0);
let mut corpus = InMemoryCorpus::<BytesInput, StdRand>::new(); let mut corpus = InMemoryCorpus::<BytesInput, StdRand>::new();
@ -481,7 +476,7 @@ mod tests {
println!("{}", s); println!("{}", s);
})); }));
let executor = InMemoryExecutor::new( let mut executor = InMemoryExecutor::new(
"main", "main",
harness, harness,
tuple_list!(), tuple_list!(),

2
afl/src/utils.rs
View File

@ -11,11 +11,11 @@ use std::time::{SystemTime, UNIX_EPOCH};
use crate::{ use crate::{
corpus::Corpus, corpus::Corpus,
engines::State,
events::{LlmpEventManager, Stats}, events::{LlmpEventManager, Stats},
feedbacks::FeedbacksTuple, feedbacks::FeedbacksTuple,
inputs::Input, inputs::Input,
shmem::ShMem, shmem::ShMem,
state::State,
AflError, AflError,
}; };

14
fuzzers/libfuzzer_libpng/src/mod.rs
View File

@ -1,12 +1,11 @@
#[macro_use] #[macro_use]
extern crate clap; extern crate clap;
use clap::{App, Arg};
use std::{env, path::PathBuf, process::Command}; use std::{env, path::PathBuf, process::Command};
use afl::{ use afl::{
corpus::{Corpus, InMemoryCorpus}, corpus::{Corpus, InMemoryCorpus},
engines::{Engine, Fuzzer, State, StdFuzzer},
events::{LlmpEventManager, SimpleStats}, events::{LlmpEventManager, SimpleStats},
executors::{inmemory::InMemoryExecutor, Executor, ExitKind}, executors::{inmemory::InMemoryExecutor, Executor, ExitKind},
feedbacks::MaxMapFeedback, feedbacks::MaxMapFeedback,
@ -17,6 +16,7 @@ use afl::{
observers::StdMapObserver, observers::StdMapObserver,
shmem::{AflShmem, ShMem}, shmem::{AflShmem, ShMem},
stages::mutational::StdMutationalStage, stages::mutational::StdMutationalStage,
state::{Fuzzer, State, StdFuzzer},
tuples::tuple_list, tuples::tuple_list,
utils::{deserialize_state_corpus_mgr, StdRand}, utils::{deserialize_state_corpus_mgr, StdRand},
AflError, AflError,
@ -229,7 +229,7 @@ fn fuzz(input: Option<Vec<PathBuf>>, broker_port: u16) -> Result<(), AflError> {
*/ */
// Create the engine // Create the engine
let executor = InMemoryExecutor::new( let mut executor = InMemoryExecutor::new(
"Libfuzzer", "Libfuzzer",
harness, harness,
tuple_list!(edges_observer), tuple_list!(edges_observer),
@ -238,13 +238,11 @@ fn fuzz(input: Option<Vec<PathBuf>>, broker_port: u16) -> Result<(), AflError> {
&mut mgr, &mut mgr,
); );
let mut engine = Engine::new(executor);
// in case the corpus is empty (on first run), reset // in case the corpus is empty (on first run), reset
if corpus.count() < 1 { if corpus.count() < 1 {
match input { match input {
Some(x) => state Some(x) => state
.load_initial_inputs(&mut corpus, &mut generator, &mut engine, &mut mgr, &x) .load_initial_inputs(&mut executor, &mut corpus, &mut generator, &mut mgr, &x)
.expect(&format!("Failed to load initial corpus at {:?}", &x)), .expect(&format!("Failed to load initial corpus at {:?}", &x)),
None => (), None => (),
} }
@ -255,9 +253,9 @@ fn fuzz(input: Option<Vec<PathBuf>>, broker_port: u16) -> Result<(), AflError> {
state state
.generate_initial_inputs( .generate_initial_inputs(
&mut rand, &mut rand,
&mut executor,
&mut corpus, &mut corpus,
&mut generator, &mut generator,
&mut engine,
&mut mgr, &mut mgr,
4, 4,
) )
@ -271,5 +269,5 @@ fn fuzz(input: Option<Vec<PathBuf>>, broker_port: u16) -> Result<(), AflError> {
let stage = StdMutationalStage::new(mutator); let stage = StdMutationalStage::new(mutator);
let mut fuzzer = StdFuzzer::new(tuple_list!(stage)); let mut fuzzer = StdFuzzer::new(tuple_list!(stage));
fuzzer.fuzz_loop(&mut rand, &mut state, &mut corpus, &mut engine, &mut mgr) fuzzer.fuzz_loop(&mut rand, &mut executor, &mut state, &mut corpus, &mut mgr)
} }