more flexible use of shmem persistent vars

author: van Hauser <vh@thc.org> 2020-08-01 17:58:37 +0200
committer: van Hauser <vh@thc.org> 2020-08-01 17:58:37 +0200
commit: 8e0c7761375d3c3cc7527f4aa800f31d9fcdd2e2 (patch)
tree: 24f8725392f949eddca95c61422cc6034b2bc1ba /llvm_mode
parent: 4512377fa162be7bb8360628e11655670a61491b (diff)
download: afl++-8e0c7761375d3c3cc7527f4aa800f31d9fcdd2e2.tar.gz
1 files changed, 4 insertions, 5 deletions
diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c
index bd2c5490..b819b43a 100644
--- a/llvm_mode/afl-clang-fast.c
+++ b/llvm_mode/afl-clang-fast.c
@@ -524,13 +524,12 @@ static void edit_params(u32 argc, char **argv, char **envp) {
       "int __afl_sharedmem_fuzzing = 1;"
       "extern unsigned int *__afl_fuzz_len;"
       "extern unsigned char *__afl_fuzz_ptr;"
-      "unsigned char *__afl_fuzz_alt_ptr;";
+      "unsigned char __afl_fuzz_alt[1024000];"
+      "unsigned char *__afl_fuzz_alt_ptr = __afl_fuzz_alt;";
   cc_params[cc_par_cnt++] =
-      "-D__AFL_FUZZ_TESTCASE_BUF=(__afl_fuzz_ptr ? __afl_fuzz_ptr : "
-      "(__afl_fuzz_alt_ptr = (unsigned char *) malloc(1 * 1024 * 1024)))";
+      "-D__AFL_FUZZ_TESTCASE_BUF=(__afl_fuzz_ptr ? __afl_fuzz_ptr : __afl_fuzz_alt_ptr)";
   cc_params[cc_par_cnt++] =
-      "-D__AFL_FUZZ_TESTCASE_LEN=(__afl_fuzz_ptr ? *__afl_fuzz_len : read(0, "
-      "__afl_fuzz_alt_ptr, 1 * 1024 * 1024))";
+      "-D__AFL_FUZZ_TESTCASE_LEN=(__afl_fuzz_ptr ? *__afl_fuzz_len : (*__afl_fuzz_len = read(0, __afl_fuzz_alt_ptr, 1024000)) == 0xffffffff ? 0 : *__afl_fuzz_len)";
 
   cc_params[cc_par_cnt++] =
       "-D__AFL_LOOP(_A)="
author	van Hauser <vh@thc.org>	2020-08-01 17:58:37 +0200
committer	van Hauser <vh@thc.org>	2020-08-01 17:58:37 +0200
commit	8e0c7761375d3c3cc7527f4aa800f31d9fcdd2e2 (patch)
tree	24f8725392f949eddca95c61422cc6034b2bc1ba /llvm_mode
parent	4512377fa162be7bb8360628e11655670a61491b (diff)
download	afl++-8e0c7761375d3c3cc7527f4aa800f31d9fcdd2e2.tar.gz