diff options
| author | vanhauser-thc <vh@thc.org> | 2022-07-07 09:03:46 +0200 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2022-07-07 09:03:46 +0200 |
| commit | 1759859ae2795ac5538b3a8e682d807d394c663e (patch) | |
| tree | 2d966fc6becd411c0e8744837a8c8ecf3041dab5 /src | |
| parent | e6f27c2645bd3e4d4a8163b7432818e26dedfeef (diff) | |
| download | afl++-1759859ae2795ac5538b3a8e682d807d394c663e.tar.gz | |
fix double free on exit for -c 0 on src cmplog
Diffstat (limited to 'src')
| -rw-r--r-- | src/afl-cc.c | 33 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 2 |
2 files changed, 18 insertions, 17 deletions
diff --git a/src/afl-cc.c b/src/afl-cc.c index 96342659..246e01cd 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -424,21 +424,21 @@ static void edit_params(u32 argc, char **argv, char **envp) { char *fplugin_arg; - if (cmplog_mode) - { - fplugin_arg = alloc_printf("-fplugin=%s/afl-gcc-cmplog-pass.so", - obj_path); - cc_params[cc_par_cnt++] = fplugin_arg; - fplugin_arg = alloc_printf("-fplugin=%s/afl-gcc-cmptrs-pass.so", - obj_path); - cc_params[cc_par_cnt++] = fplugin_arg; - } - else - { - fplugin_arg = alloc_printf("-fplugin=%s/afl-gcc-pass.so", - obj_path); - cc_params[cc_par_cnt++] = fplugin_arg; - } + if (cmplog_mode) { + + fplugin_arg = + alloc_printf("-fplugin=%s/afl-gcc-cmplog-pass.so", obj_path); + cc_params[cc_par_cnt++] = fplugin_arg; + fplugin_arg = + alloc_printf("-fplugin=%s/afl-gcc-cmptrs-pass.so", obj_path); + cc_params[cc_par_cnt++] = fplugin_arg; + + } else { + + fplugin_arg = alloc_printf("-fplugin=%s/afl-gcc-pass.so", obj_path); + cc_params[cc_par_cnt++] = fplugin_arg; + + } cc_params[cc_par_cnt++] = "-fno-if-conversion"; cc_params[cc_par_cnt++] = "-fno-if-conversion2"; @@ -2166,7 +2166,8 @@ int main(int argc, char **argv, char **envp) { } - cmplog_mode = getenv("AFL_CMPLOG") || getenv("AFL_LLVM_CMPLOG") || getenv("AFL_GCC_CMPLOG"); + cmplog_mode = getenv("AFL_CMPLOG") || getenv("AFL_LLVM_CMPLOG") || + getenv("AFL_GCC_CMPLOG"); #if !defined(__ANDROID__) && !defined(ANDROID) ptr = find_object("afl-compiler-rt.o", argv[0]); diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index b23cef37..18367cf2 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -1469,7 +1469,7 @@ int main(int argc, char **argv_orig, char **envp) { if (afl->shm.cmplog_mode && (!strcmp("-", afl->cmplog_binary) || !strcmp("0", afl->cmplog_binary))) { - afl->cmplog_binary = argv[optind]; + afl->cmplog_binary = strdup(argv[optind]); } |