why choose 15k as MAX_INPUT_LEN? - Githubissues

AngoraFuzzer / Angora

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

Apache License 2.0

916 stars 166 forks source link

why choose 15k as MAX_INPUT_LEN? #52

Open zjuchenyuan opened 5 years ago

zjuchenyuan commented 5 years ago

In common/src/config.rs

https://github.com/AngoraFuzzer/Angora/blob/1940eb560201f3705afcdde5f3a720addb1df528/common/src/config.rs#L41

This value is used to ignore those seed files larger than 15000 bytes. https://github.com/AngoraFuzzer/Angora/blob/1940eb560201f3705afcdde5f3a720addb1df528/fuzzer/src/depot/sync.rs#L14-L35

From Line 26, only size less than 14.64kb is executed. Larger files are silently ignored, without print any warning message.

I think 14.64kb is a rather small size, why do you choose this value?

spinpx commented 5 years ago

If the size of seed input is too large, Angora will take too much time in byte-level taint analysis. We had added some warnnings now. commit : https://github.com/AngoraFuzzer/Angora/commit/16cb61298d6a1c2134e01ac2901d8250ba655be6

I will improve this problem recently.