diff options
| -rw-r--r-- | src/afl-forkserver.c | 2 | ||||
| -rw-r--r-- | src/afl-fuzz-extras.c | 18 |
2 files changed, 15 insertions, 5 deletions
diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index 04195d00..d23cf6eb 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -984,7 +984,7 @@ void afl_fsrv_write_to_testcase(afl_forkserver_t *fsrv, u8 *buf, size_t len) { if (fd < 0) { PFATAL("Unable to create '%s'", fsrv->out_file); } } else if (unlikely(!fd)) { - + // We should never have stdin as fd here, 0 is likely unset. FATAL("Nowhere to write output to (neither out_fd nor out_file set)"); diff --git a/src/afl-fuzz-extras.c b/src/afl-fuzz-extras.c index 88a4fe67..4fb48860 100644 --- a/src/afl-fuzz-extras.c +++ b/src/afl-fuzz-extras.c @@ -423,8 +423,8 @@ void dedup_extras(afl_state_t *afl) { } if (afl->extras_cnt != orig_cnt) - afl->extras = afl_realloc((void **)&afl->extras, - afl->extras_cnt * sizeof(struct extra_data)); + afl->extras = ck_realloc((void **)&afl->extras, + afl->extras_cnt * sizeof(struct extra_data)); } @@ -462,8 +462,18 @@ void add_extra(afl_state_t *afl, u8 *mem, u32 len) { } - afl->extras = afl_realloc((void **)&afl->extras, - (afl->extras_cnt + 1) * sizeof(struct extra_data)); + if (afl->extra) { + + afl->extras = ck_realloc((void **)&afl->extras, + (afl->extras_cnt + 1) * sizeof(struct extra_data)); + + } else { + + afl->extras = ck_alloc((void **)&afl->extras, + (afl->extras_cnt + 1) * sizeof(struct extra_data)); + + } + if (unlikely(!afl->extras)) { PFATAL("alloc"); } afl->extras[afl->extras_cnt].data = ck_alloc(len); |