change search order for afl-showmin in afl-cmin*

4 files changed, 28 insertions, 10 deletions

diff --git a/README.md b/README.md
index 8e7f99dc..dc009def 100644
--- a/README.md
+++ b/README.md
@@ -57,6 +57,8 @@ behaviours and defaults:
       `AFL_TESTCACHE_SIZE` (in MB). Good values are between 50-500 (default: 50).
   * examples/ got renamed to utils/
   * libtokencap/ libdislocator/ and qdbi_mode/ were moved to utils/
+  * afl-cmin/afl-cmin.bash now search first in PATH and last in AFL_PATH
+
 
 ## Contents
 
diff --git a/afl-cmin b/afl-cmin
index 93174b8b..292d9d9d 100755
--- a/afl-cmin
+++ b/afl-cmin
@@ -120,7 +120,7 @@ function usage() {
 "AFL_CRASH_EXITCODE: optional child exit code to be interpreted as crash\n" \
 "AFL_FORKSRV_INIT_TMOUT: time the fuzzer waits for the target to come up, initially\n" \
 "AFL_KEEP_TRACES: leave the temporary <out_dir>/.traces directory\n" \
-"AFL_PATH: path for the afl-showmap binary\n" \
+"AFL_PATH: path for the afl-showmap binary if not found anywhere else\n" \
 "AFL_SKIP_BIN_CHECK: skip check for target binary\n"
    exit 1
 }
@@ -313,14 +313,18 @@ BEGIN {
     close( stdin_file )
   }
 
-  if (!ENVIRON["AFL_PATH"]) {
-    if (0 == system("test -f afl-cmin")) {
+  # First we look in PATH
+  if (0 == system("command -v afl-showmap >/dev/null 2>&1")) {
+    "command -v afl-showmap 2>/dev/null" | getline showmap
+  } else {
+    # then we look in the current directory
+    if (0 == system("test -x ./afl-showmap")) {
       showmap = "./afl-showmap"
     } else {
-      "command -v afl-showmap 2>/dev/null" | getline showmap
+      if (ENVIRON["AFL_PATH"]) {
+        showmap = ENVIRON["AFL_PATH"] "/afl-showmap"
+      }
     }
-  } else {
-    showmap = ENVIRON["AFL_PATH"] "/afl-showmap"
   }
 
   if (!showmap || 0 != system("test -x "showmap )) {
diff --git a/afl-cmin.bash b/afl-cmin.bash
index 637949bc..fb50f1fc 100755
--- a/afl-cmin.bash
+++ b/afl-cmin.bash
@@ -132,7 +132,7 @@ For additional tips, please consult README.md.
 
 Environment variables used:
 AFL_KEEP_TRACES: leave the temporary <out_dir>\.traces directory
-AFL_PATH: path for the afl-showmap binary
+AFL_PATH: last resort location to find the afl-showmap binary
 AFL_SKIP_BIN_CHECK: skip check for target binary
 _EOF_
   exit 1
@@ -244,10 +244,21 @@ if [ ! "$STDIN_FILE" = "" ]; then
   touch "$STDIN_FILE" || exit 1
 fi
 
-if [ "$AFL_PATH" = "" ]; then
-  SHOWMAP="${0%/afl-cmin.bash}/afl-showmap"
+SHOWMAP=`command -v afl-showmap 2>/dev/null`
+
+if [ -z "$SHOWMAP" ]; then
+  TMP="${0%/afl-cmin.bash}/afl-showmap"
+  if [ -x "$TMP" ]; then
+    SHOWMAP=$TMP
+  fi
+fi
+
+if [ -z "$SHOWMAP" -a -x "./afl-showmap" ]; then
+  SHOWMAP="./afl-showmap"
 else
-  SHOWMAP="$AFL_PATH/afl-showmap"
+  if [ -n "$AFL_PATH" ]; then
+    SHOWMAP="$AFL_PATH/afl-showmap"
+  fi
 fi
 
 if [ ! -x "$SHOWMAP" ]; then
diff --git a/docs/Changelog.md b/docs/Changelog.md
index 1a47d18f..5094769d 100644
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@@ -64,6 +64,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
     - added INTROSPECTION support for custom modules
     - python fuzz function was not optional, fixed
     - some python mutator speed improvements
+  - afl-cmin/afl-cmin.bash now search first in PATH and last in AFL_PATH
   - unicornafl synced with upstream version 1.02 (fixes, better rust bindings)
   - renamed AFL_DEBUG_CHILD_OUTPUT to AFL_DEBUG_CHILD
   - added AFL_CRASH_EXITCODE env variable to treat a child exitcode as crash