diff options
| author | van Hauser <vh@thc.org> | 2024-06-01 16:37:28 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-06-01 16:37:28 +0200 |
| commit | 348f980f2180a5bab745066f8c7dcd0049998626 (patch) | |
| tree | 34bb1853847ce6ee80ffe57c3ce581195be3238f /custom_mutators | |
| parent | e7d871c8bf64962a658e447b90a1a3b43aaddc28 (diff) | |
| parent | ca55858aa7ecb1a4cd420e3c325fe604a5b5c30d (diff) | |
| download | afl++-348f980f2180a5bab745066f8c7dcd0049998626.tar.gz | |
Merge pull request #2108 from AFLplusplus/dev
push to stable
Diffstat (limited to 'custom_mutators')
| -rw-r--r-- | custom_mutators/symcc/symcc.c | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/custom_mutators/symcc/symcc.c b/custom_mutators/symcc/symcc.c index 86f23343..33e11772 100644 --- a/custom_mutators/symcc/symcc.c +++ b/custom_mutators/symcc/symcc.c @@ -22,10 +22,10 @@ afl_state_t *afl_struct; typedef struct my_mutator { afl_state_t *afl; - u8 * mutator_buf; - u8 * out_dir; - u8 * tmp_dir; - u8 * target; + u8 *mutator_buf; + u8 *out_dir; + u8 *tmp_dir; + u8 *target; uint32_t seed; } my_mutator_t; @@ -101,7 +101,7 @@ my_mutator_t *afl_custom_init(afl_state_t *afl, unsigned int seed) { /* When a new queue entry is added we run this input with the symcc instrumented binary */ -uint8_t afl_custom_queue_new_entry(my_mutator_t * data, +uint8_t afl_custom_queue_new_entry(my_mutator_t *data, const uint8_t *filename_new_queue, const uint8_t *filename_orig_queue) { @@ -176,7 +176,7 @@ uint8_t afl_custom_queue_new_entry(my_mutator_t * data, struct dirent **nl; int32_t items = scandir(data->tmp_dir, &nl, NULL, NULL); - u8 * origin_name = basename(filename_new_queue); + u8 *origin_name = basename(filename_new_queue); int32_t i; if (items > 0) { @@ -187,8 +187,8 @@ uint8_t afl_custom_queue_new_entry(my_mutator_t * data, DBG("test=%s\n", fn); if (stat(source_name, &st) == 0 && S_ISREG(st.st_mode) && st.st_size) { - u8 *destination_name = - alloc_printf("%s/%s.%s", data->out_dir, origin_name, nl[i]->d_name); + u8 *destination_name = alloc_printf("%s/%s.%s", data->out_dir, + origin_name, nl[i]->d_name); rename(source_name, destination_name); ck_free(destination_name); DBG("found=%s\n", source_name); @@ -248,7 +248,7 @@ uint32_t afl_custom_fuzz_count(my_mutator_t *data, const u8 *buf, for (i = 0; i < (u32)items; ++i) { struct stat st; - u8 * fn = alloc_printf("%s/%s", data->out_dir, nl[i]->d_name); + u8 *fn = alloc_printf("%s/%s", data->out_dir, nl[i]->d_name); DBG("test=%s\n", fn); if (stat(fn, &st) == 0 && S_ISREG(st.st_mode) && st.st_size) { @@ -282,12 +282,12 @@ size_t afl_custom_fuzz(my_mutator_t *data, uint8_t *buf, size_t buf_size, if (items <= 0) return 0; - for (i = 0; i < (u32)items; ++i) { + for (i = 0; i < (s32)items; ++i) { - struct stat st; - u8 * fn = alloc_printf("%s/%s", data->out_dir, nl[i]->d_name); + if (!done) { - if (done == 0) { + struct stat st; + u8 *fn = alloc_printf("%s/%s", data->out_dir, nl[i]->d_name); if (stat(fn, &st) == 0 && S_ISREG(st.st_mode) && st.st_size) { @@ -306,10 +306,10 @@ size_t afl_custom_fuzz(my_mutator_t *data, uint8_t *buf, size_t buf_size, } unlink(fn); + ck_free(fn); } - ck_free(fn); free(nl[i]); } |