queue buffer and new splice havoc mutation

author: Andrea Fioraldi <andreafioraldi@gmail.com> 2020-07-16 14:32:41 +0200
committer: Andrea Fioraldi <andreafioraldi@gmail.com> 2020-07-16 14:32:41 +0200
commit: c2b04bdf6c596f5d220f27caead20d09452ed42d (patch)
tree: 602abd8c1a1929aebda3f80665ffe02b435fdd00 /src/afl-fuzz-queue.c
parent: 6513bca07e590024480a95de8c57c9547987032d (diff)
download: afl++-c2b04bdf6c596f5d220f27caead20d09452ed42d.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c
index 7afdd9f1..a96995e5 100644
--- a/src/afl-fuzz-queue.c
+++ b/src/afl-fuzz-queue.c
@@ -25,6 +25,8 @@
 #include "afl-fuzz.h"
 #include <limits.h>
 
+#define BUF_PARAMS(name) (void **)&afl->name##_buf, &afl->name##_size
+
 /* Mark deterministic checks as done for a particular queue entry. We use the
    .state file to avoid repeating deterministic fuzzing when resuming aborted
    scans. */
@@ -137,6 +139,9 @@ void add_to_queue(afl_state_t *afl, u8 *fname, u32 len, u8 passed_det) {
     afl->q_prev100 = q;
 
   }
+  
+  struct queue_entry** queue_buf = ck_maybe_grow(BUF_PARAMS(queue), afl->queued_paths * sizeof(struct queue_entry*));
+  queue_buf[afl->queued_paths -1] = q;
 
   afl->last_path_time = get_cur_time();
author	Andrea Fioraldi <andreafioraldi@gmail.com>	2020-07-16 14:32:41 +0200
committer	Andrea Fioraldi <andreafioraldi@gmail.com>	2020-07-16 14:32:41 +0200
commit	c2b04bdf6c596f5d220f27caead20d09452ed42d (patch)
tree	602abd8c1a1929aebda3f80665ffe02b435fdd00 /src/afl-fuzz-queue.c
parent	6513bca07e590024480a95de8c57c9547987032d (diff)
download	afl++-c2b04bdf6c596f5d220f27caead20d09452ed42d.tar.gz