diff options
Diffstat (limited to 'fuzzpuzz.c')
| -rw-r--r-- | fuzzpuzz.c | 27 |
1 files changed, 27 insertions, 0 deletions
@@ -16,6 +16,13 @@ * cmake --build build-afl --target fuzzpuzz * mkdir fuzz-in && ln icons/''*.sav fuzz-in * afl-fuzz -i fuzz-in -o fuzz-out -x fuzzpuzz.dict -- build-afl/fuzzpuzz + * + * Similarly with Honggfuzz: + * + * CC=hfuzz-cc cmake -B build-honggfuzz + * cmake --build build-honggfuzz --target fuzzpuzz + * mkdir fuzz-corpus && ln icons/''*.sav fuzz-corpus + * honggfuzz -s -i fuzz-corpus -w fuzzpuzz.dict -- build-honggfuzz/fuzzpuzz */ #include <stdbool.h> @@ -32,6 +39,10 @@ __AFL_FUZZ_INIT(); #endif +#ifdef HAVE_HF_ITER +extern int HF_ITER(unsigned char **, size_t *); +#endif + static const char *fuzz_one(bool (*readfn)(void *, void *, int), void *rctx, void (*rewindfn)(void *), void (*writefn)(void *, const void *, int), @@ -123,6 +134,22 @@ int main(int argc, char **argv) ret = 1; continue; } +#elif defined(HAVE_HF_ITER) + /* + * Honggfuzz persistent mode. Unlike AFL persistent mode, the + * resulting executable cannot be run outside of Honggfuzz. + */ + while (true) { + unsigned char *testcase_buf; + size_t testcase_len; + if (in != NULL) fclose(in); + HF_ITER(&testcase_buf, &testcase_len); + in = fmemopen(testcase_buf, testcase_len, "r"); + if (in == NULL) { + fprintf(stderr, "fmemopen failed"); + ret = 1; + continue; + } #else in = stdin; while (ret == -1) { |