From 1da621456ff52c567ea644faf7a17bd0f5053297 Mon Sep 17 00:00:00 2001 From: Addison Crump Date: Sun, 14 May 2023 12:03:25 +0200 Subject: [PATCH] Add check for if mutation succeeded, else skip processing (#1265) --- libafl/src/stages/mutational.rs | 8 ++++++-- libafl/src/stages/tmin.rs | 8 ++++++-- libafl/src/stages/tuneable.rs | 8 ++++++-- 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/libafl/src/stages/mutational.rs b/libafl/src/stages/mutational.rs index 6a1a0d54c5..15061fd1a0 100644 --- a/libafl/src/stages/mutational.rs +++ b/libafl/src/stages/mutational.rs @@ -11,7 +11,7 @@ use crate::{ fuzzer::Evaluator, inputs::Input, mark_feature_time, - mutators::Mutator, + mutators::{MutationResult, Mutator}, stages::Stage, start_timer, state::{HasClientPerfMonitor, HasCorpus, HasRand, UsesState}, @@ -127,9 +127,13 @@ where let mut input = input.clone(); start_timer!(state); - self.mutator_mut().mutate(state, &mut input, i as i32)?; + let mutated = self.mutator_mut().mutate(state, &mut input, i as i32)?; mark_feature_time!(state, PerfFeature::Mutate); + if mutated == MutationResult::Skipped { + continue; + } + // Time is measured directly the `evaluate_input` function let (untransformed, post) = input.try_transform_into(state)?; let (_, corpus_idx) = fuzzer.evaluate_input(state, executor, manager, untransformed)?; diff --git a/libafl/src/stages/tmin.rs b/libafl/src/stages/tmin.rs index 9a2ce48940..52985cb136 100644 --- a/libafl/src/stages/tmin.rs +++ b/libafl/src/stages/tmin.rs @@ -19,7 +19,7 @@ use crate::{ feedbacks::{Feedback, FeedbackFactory, HasObserverName}, inputs::UsesInput, mark_feature_time, - mutators::Mutator, + mutators::{MutationResult, Mutator}, observers::{MapObserver, ObserversTuple}, schedulers::{RemovableScheduler, Scheduler}, stages::Stage, @@ -97,9 +97,13 @@ where state.set_max_size(before_len); start_timer!(state); - self.mutator_mut().mutate(state, &mut input, i as i32)?; + let mutated = self.mutator_mut().mutate(state, &mut input, i as i32)?; mark_feature_time!(state, PerfFeature::Mutate); + if mutated == MutationResult::Skipped { + continue; + } + let corpus_idx = if input.len() < before_len { // run the input let exit_kind = fuzzer.execute_input(state, executor, manager, &input)?; diff --git a/libafl/src/stages/tuneable.rs b/libafl/src/stages/tuneable.rs index b70534204e..6ce22a1b86 100644 --- a/libafl/src/stages/tuneable.rs +++ b/libafl/src/stages/tuneable.rs @@ -10,7 +10,7 @@ use crate::{ bolts::{current_time, rands::Rand}, corpus::{Corpus, CorpusId}, impl_serdeany, mark_feature_time, - mutators::Mutator, + mutators::{MutationResult, Mutator}, stages::{ mutational::{MutatedTransform, MutatedTransformPost, DEFAULT_MUTATIONAL_MAX_ITERATIONS}, MutationalStage, Stage, @@ -142,9 +142,13 @@ where let mut input = input.clone(); start_timer!(state); - self.mutator_mut().mutate(state, &mut input, i as i32)?; + let mutated = self.mutator_mut().mutate(state, &mut input, i as i32)?; mark_feature_time!(state, PerfFeature::Mutate); + if mutated == MutationResult::Skipped { + continue; + } + // Time is measured directly the `evaluate_input` function let (untransformed, post) = input.try_transform_into(state)?; let (_, corpus_idx) = fuzzer.evaluate_input(state, executor, manager, untransformed)?;