diff options
| -rw-r--r-- | examples/custom_mutators/example.c | 12 | ||||
| -rw-r--r-- | src/afl-fuzz-one.c | 4 |
2 files changed, 8 insertions, 8 deletions
diff --git a/examples/custom_mutators/example.c b/examples/custom_mutators/example.c index 7d827029..ec47104d 100644 --- a/examples/custom_mutators/example.c +++ b/examples/custom_mutators/example.c @@ -159,13 +159,13 @@ size_t afl_custom_pre_save(my_mutator_t *data, uint8_t *buf, size_t buf_size, uint8_t *pre_save_buf = data->pre_save_buf; - memcpy(pre_save_buf + 5, buf, buf_size); + memcpy(pre_save_buf, buf, buf_size); size_t out_buf_size = buf_size + 5; - pre_save_buf[0] = 'A'; - pre_save_buf[1] = 'F'; - pre_save_buf[2] = 'L'; - pre_save_buf[3] = '+'; - pre_save_buf[4] = '+'; + pre_save_buf[buf_size + 0] = 'A'; + pre_save_buf[buf_size + 1] = 'F'; + pre_save_buf[buf_size + 2] = 'L'; + pre_save_buf[buf_size + 3] = '+'; + pre_save_buf[buf_size + 4] = '+'; *out_buf = pre_save_buf; diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c index b1bbad0a..29dd73ad 100644 --- a/src/afl-fuzz-one.c +++ b/src/afl-fuzz-one.c @@ -1621,8 +1621,6 @@ custom_mutator_stage: if (unlikely(!mutated_buf)) FATAL("Error in custom_fuzz. Size returned: %zd", mutated_size); - if (mutated_size > len) afl->out_size = mutated_size; - if (mutated_size > 0) { if (common_fuzz_stuff(afl, mutated_buf, (u32)mutated_size)) { @@ -1650,6 +1648,8 @@ custom_mutator_stage: } out_buf = ck_maybe_grow(BUF_PARAMS(out), len); + // ??? (h1994st): this line may be not necessary, as we do not modify the + // content of "out_buf". memcpy(out_buf, in_buf, len); } |