diff options
| author | Dominik Maier <domenukk@gmail.com> | 2020-11-18 02:33:47 +0100 |
|---|---|---|
| committer | Dominik Maier <domenukk@gmail.com> | 2020-11-18 02:33:47 +0100 |
| commit | 23f37ff5054d77abf7baf7b6d01d660b435d81cd (patch) | |
| tree | 0412df3e83e34fdf27d5fa9498ddfb95a43bfa7f /src | |
| parent | 54fdec0e51d17ac47582ca23c32ce10da5591aa2 (diff) | |
| download | afl++-23f37ff5054d77abf7baf7b6d01d660b435d81cd.tar.gz | |
fixed alloc errors, code format
Diffstat (limited to 'src')
| -rw-r--r-- | src/afl-cc.c | 6 | ||||
| -rw-r--r-- | src/afl-fuzz-python.c | 6 | ||||
| -rw-r--r-- | src/afl-fuzz-queue.c | 7 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 2 |
4 files changed, 15 insertions, 6 deletions
diff --git a/src/afl-cc.c b/src/afl-cc.c index ef4d2c74..9c23c18b 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -1327,9 +1327,11 @@ int main(int argc, char **argv, char **envp) { "filename\n"); #if LLVM_MAJOR < 9 -#define COUNTER_BEHAVIOUR " AFL_LLVM_NOT_ZERO: use cycling trace counters that skip zero\n" + #define COUNTER_BEHAVIOUR \ + " AFL_LLVM_NOT_ZERO: use cycling trace counters that skip zero\n" #else -#define COUNTER_BEHAVIOUR " AFL_LLVM_SKIP_NEVERZERO: do not skip zero on trace counters\n" + #define COUNTER_BEHAVIOUR \ + " AFL_LLVM_SKIP_NEVERZERO: do not skip zero on trace counters\n" #endif if (have_llvm) SAYF( diff --git a/src/afl-fuzz-python.c b/src/afl-fuzz-python.c index cfaf055d..80532774 100644 --- a/src/afl-fuzz-python.c +++ b/src/afl-fuzz-python.c @@ -96,7 +96,7 @@ static size_t fuzz_py(void *py_mutator, u8 *buf, size_t buf_size, u8 **out_buf, mutated_size = PyByteArray_Size(py_value); *out_buf = afl_realloc(BUF_PARAMS(fuzz), mutated_size); - if (unlikely(!out_buf)) { PFATAL("alloc"); } + if (unlikely(!*out_buf)) { PFATAL("alloc"); } memcpy(*out_buf, PyByteArray_AsString(py_value), mutated_size); Py_DECREF(py_value); @@ -579,7 +579,7 @@ size_t trim_py(void *py_mutator, u8 **out_buf) { ret = PyByteArray_Size(py_value); *out_buf = afl_realloc(BUF_PARAMS(trim), ret); - if (unlikely(!out_buf)) { PFATAL("alloc"); } + if (unlikely(!*out_buf)) { PFATAL("alloc"); } memcpy(*out_buf, PyByteArray_AsString(py_value), ret); Py_DECREF(py_value); @@ -645,7 +645,7 @@ size_t havoc_mutation_py(void *py_mutator, u8 *buf, size_t buf_size, /* A new buf is needed... */ *out_buf = afl_realloc(BUF_PARAMS(havoc), mutated_size); - if (unlikely(!out_buf)) { PFATAL("alloc"); } + if (unlikely(!*out_buf)) { PFATAL("alloc"); } } diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index c78df8be..32bed06f 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -56,7 +56,12 @@ void create_alias_table(afl_state_t *afl) { int * S = (u32 *)afl_realloc(AFL_BUF_PARAM(out_scratch), n * sizeof(u32)); int * L = (u32 *)afl_realloc(AFL_BUF_PARAM(in_scratch), n * sizeof(u32)); - if (!P || !S || !L) { FATAL("could not aquire memory for alias table"); } + if (!P || !S || !L || !afl->alias_table || !afl->alias_probability) { + + FATAL("could not aquire memory for alias table"); + + } + memset((void *)afl->alias_table, 0, n * sizeof(u32)); memset((void *)afl->alias_probability, 0, n * sizeof(double)); diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index cedfdf8f..ac77bb1f 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -350,6 +350,7 @@ int main(int argc, char **argv_orig, char **envp) { case 's': { + if (optarg == NULL) { FATAL("No valid seed provided. Got NULL."); } rand_set_seed(afl, strtoul(optarg, 0L, 10)); afl->fixed_seed = 1; break; @@ -419,6 +420,7 @@ int main(int argc, char **argv_orig, char **envp) { case 'i': /* input dir */ if (afl->in_dir) { FATAL("Multiple -i options not supported"); } + if (afl->in_dir == NULL) { FATAL("Invalid -i option (got NULL)."); } afl->in_dir = optarg; if (!strcmp(afl->in_dir, "-")) { afl->in_place_resume = 1; } |