diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | qemu_mode/patches/afl-qemu-cpu-inl.h | 4 | ||||
| -rw-r--r-- | src/afl-fuzz-redqueen.c | 4 |
3 files changed, 8 insertions, 2 deletions
@@ -57,7 +57,7 @@ ifneq "$(shell uname -m)" "x86_64" endif CFLAGS ?= -O3 -funroll-loops $(CFLAGS_OPT) -CFLAGS += -Wall -g -Wno-pointer-sign -I include/ \ +override CFLAGS += -Wall -g -Wno-pointer-sign -I include/ \ -DAFL_PATH=\"$(HELPER_PATH)\" -DBIN_PATH=\"$(BIN_PATH)\" \ -DDOC_PATH=\"$(DOC_PATH)\" -Wno-unused-function diff --git a/qemu_mode/patches/afl-qemu-cpu-inl.h b/qemu_mode/patches/afl-qemu-cpu-inl.h index 0ae6364b..9a98fde3 100644 --- a/qemu_mode/patches/afl-qemu-cpu-inl.h +++ b/qemu_mode/patches/afl-qemu-cpu-inl.h @@ -368,8 +368,10 @@ static void afl_forkserver(CPUState *cpu) { if (WIFSTOPPED(status)) child_stopped = 1; - else if (unlikely(first_run && is_persistent)) + else if (unlikely(first_run && is_persistent)) { + fprintf(stderr, "[AFL] ERROR: no persistent iteration executed\n"); exit(12); // Persistent is wrong + } first_run = 0; if (write(FORKSRV_FD + 1, &status, 4) != 4) exit(7); diff --git a/src/afl-fuzz-redqueen.c b/src/afl-fuzz-redqueen.c index d46d2b19..bac7357e 100644 --- a/src/afl-fuzz-redqueen.c +++ b/src/afl-fuzz-redqueen.c @@ -122,6 +122,9 @@ u8 colorization(u8* buf, u32 len, u32 exec_cksum) { while ((rng = pop_biggest_range(&ranges)) != NULL && stage_cur) { u32 s = rng->end - rng->start; + if (s == 0) + goto empty_range; + memcpy(backup, buf + rng->start, s); rand_replace(buf + rng->start, s); @@ -136,6 +139,7 @@ u8 colorization(u8* buf, u32 len, u32 exec_cksum) { } else needs_write = 1; +empty_range: ck_free(rng); --stage_cur; |