diff options
| author | h1994st <h1994st@gmail.com> | 2020-03-28 00:52:29 -0400 |
|---|---|---|
| committer | Dominik Maier <domenukk@gmail.com> | 2020-03-30 16:46:54 +0200 |
| commit | fbd5bd8f37c9285d5201c969587067586c9109bc (patch) | |
| tree | 1526ed8333ad947577f23127572931da088b1498 /examples/custom_mutators/example.c | |
| parent | 048beb752db51252f1374e1b91ee73fd9174acb6 (diff) | |
| download | afl++-fbd5bd8f37c9285d5201c969587067586c9109bc.tar.gz | |
Fix invalid memory access bug in `afl_custom_pre_save` of example.c
Diffstat (limited to 'examples/custom_mutators/example.c')
| -rw-r--r-- | examples/custom_mutators/example.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/examples/custom_mutators/example.c b/examples/custom_mutators/example.c index a9764f5b..7d827029 100644 --- a/examples/custom_mutators/example.c +++ b/examples/custom_mutators/example.c @@ -157,15 +157,17 @@ size_t afl_custom_pre_save(my_mutator_t *data, uint8_t *buf, size_t buf_size, } - *out_buf = data->pre_save_buf; + uint8_t *pre_save_buf = data->pre_save_buf; - memcpy(*out_buf + 5, buf, buf_size); + memcpy(pre_save_buf + 5, buf, buf_size); size_t out_buf_size = buf_size + 5; - *out_buf[0] = 'A'; - *out_buf[1] = 'F'; - *out_buf[2] = 'L'; - *out_buf[3] = '+'; - *out_buf[4] = '+'; + pre_save_buf[0] = 'A'; + pre_save_buf[1] = 'F'; + pre_save_buf[2] = 'L'; + pre_save_buf[3] = '+'; + pre_save_buf[4] = '+'; + + *out_buf = pre_save_buf; return out_buf_size; |