afl++ CMPLOG test (#5130)

* afl++ CMPLOG test

* fixes

2 files changed, 8 insertions, 2 deletions

diff --git a/infra/base-images/base-builder/Dockerfile b/infra/base-images/base-builder/Dockerfile
index 2c71036c..6f596d5b 100644
--- a/infra/base-images/base-builder/Dockerfile
+++ b/infra/base-images/base-builder/Dockerfile
@@ -152,7 +152,7 @@ WORKDIR $SRC
 # TODO: switch to -b stable once we can.
 RUN git clone https://github.com/AFLplusplus/AFLplusplus.git aflplusplus && \
     cd aflplusplus && \
-    git checkout a763c61d89f90330bcde7c294c57cfccda1431b8
+    git checkout aeb7d7048371cd91ab9280c3958f1c35e5d5e758
 
 RUN cd $SRC && \
     curl -L -O https://github.com/google/honggfuzz/archive/oss-fuzz.tar.gz && \
diff --git a/infra/base-images/base-runner/run_fuzzer b/infra/base-images/base-runner/run_fuzzer
index 79248711..6464ddc2 100755
--- a/infra/base-images/base-runner/run_fuzzer
+++ b/infra/base-images/base-runner/run_fuzzer
@@ -106,9 +106,15 @@ if [[ "$FUZZING_ENGINE" = afl ]]; then
   export AFL_NO_AFFINITY=1
   export AFL_FAST_CAL=1
   export AFL_MAP_SIZE=4194304
+  # If $OUT/afl_cmplog.txt is present this means the target was compiled for
+  # CMPLOG. So we have to add the proper parameters to afl-fuzz. `-l 2` is
+  # CMPLOG level 2, which will colorize larger files but not huge files and
+  # not enable transform analysis unless there have been several cycles without
+  # any finds.
+  test -e $OUT/afl_cmplog.txt && AFL_FUZZER_ARGS="$AFL_FUZZER_ARGS -l 2 -c $OUT/$FUZZER"
   # AFL expects at least 1 file in the input dir.
   echo input > ${CORPUS_DIR}/input
-  CMD_LINE="$OUT/afl-fuzz $AFL_FUZZER_ARGS -i $CORPUS_DIR -o $FUZZER_OUT $(get_dictionary) $* $OUT/$FUZZER"
+  CMD_LINE="$OUT/afl-fuzz $AFL_FUZZER_ARGS -i $CORPUS_DIR -o $FUZZER_OUT $(get_dictionary) $* -- $OUT/$FUZZER"
 
 elif [[ "$FUZZING_ENGINE" = honggfuzz ]]; then