diff options
| -rw-r--r-- | include/afl-fuzz.h | 3 | ||||
| -rw-r--r-- | src/afl-fuzz-queue.c | 4 |
2 files changed, 4 insertions, 3 deletions
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index f6912aea..fbf3aa2d 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -608,6 +608,9 @@ typedef struct afl_state { u8 * ex_buf; size_t ex_size; + u8 * map_tmp_buf; + size_t map_tmp_size; + } afl_state_t; /* A global pointer to all instances is needed (for now) for signals to arrive diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index 373f12d8..96711cbc 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -275,7 +275,7 @@ void cull_queue(afl_state_t *afl) { if (afl->dumb_mode || !afl->score_changed) return; - temp_v = ck_alloc(afl->fsrv.map_size >> 3); + temp_v = ck_maybe_grow((void **)&afl->map_tmp_buf, &afl->map_tmp_size, afl->fsrv.map_size >> 3); afl->score_changed = 0; @@ -324,8 +324,6 @@ void cull_queue(afl_state_t *afl) { } - ck_free(temp_v); - } /* Calculate case desirability score to adjust the length of havoc fuzzing. |