go-fuzz icon indicating copy to clipboard operation
go-fuzz copied to clipboard

Published 20 hours ago verified publisher icon dvyukov

Minimize persistent corpus

Open tmc opened this issue 9 years ago • 4 comments

currently go-fuzz minimizes the corpus in memory but this isn't reflected on disk

tmc avatar Jan 07 '16 23:01 tmc

AFL has a few tools for this: afl-cmin and afl-tmin, but of course neither can be applied directly. It would be nice to have go-fuzz equivalents.

dgryski avatar Dec 18 '17 17:12 dgryski

I think it should be done online, while go-fuzz runs, without separate tools and complex workflow.

dvyukov avatar Dec 18 '17 19:12 dvyukov

If I spent a lot of effort to construct a corpus, I would be annoyed if go-fuzz deleted some of my samples. Removing files from a corpus on disk should be an explicit step.

dgryski avatar Dec 18 '17 20:12 dgryski

fwiw I hacked this up for my own one-off use.

diff --git a/go-fuzz/hub.go b/go-fuzz/hub.go
index 9a07b16..cbdfff1 100644
--- a/go-fuzz/hub.go
+++ b/go-fuzz/hub.go
@@ -413,6 +413,7 @@ func (hub *Hub) updateScores() {
        }
        for ci, cand := range candidates {
                if cand.score == 0 {
+                       log.Printf("0 score corpus entry: %x\n", hash(corpus[cand.index].data))
                        continue
                }
                inp := &corpus[cand.index]
@@ -429,6 +430,7 @@ func (hub *Hub) updateScores() {
        for i, inp := range corpus {
                if !inp.favored {
                        inp.score = minScore
+                       log.Printf("1.0 score corpus entry: %x\n", hash(inp.data))
                }
                scoreSum += inp.score
                corpus[i].runningScoreSum = scoreSum

tmc avatar Jun 16 '18 20:06 tmc