4 files changed, 54 insertions, 42 deletions
diff --git a/afl-cmin b/afl-cmin
index 9fa63ec6..e71873d3 100755
--- a/afl-cmin
+++ b/afl-cmin
@@ -296,13 +296,13 @@ BEGIN {
     exit 1
   }
 
-  if (0 == system( "test -d "in_dir"/default" )) {
-    in_dir = in_dir "/default"
-  }
-
-  if (0 == system( "test -d "in_dir"/queue" )) {
-    in_dir = in_dir "/queue"
-  }
+  #if (0 == system( "test -d "in_dir"/default" )) {
+  #  in_dir = in_dir "/default"
+  #}
+  #
+  #if (0 == system( "test -d "in_dir"/queue" )) {
+  #  in_dir = in_dir "/queue"
+  #}
 
   system("rm -rf "trace_dir" 2>/dev/null");
   system("rm "out_dir"/id[:_]* 2>/dev/null")
@@ -355,30 +355,35 @@ BEGIN {
   } else {
     stat_format = "-f '%z %N'" # *BSD, MacOS
   }
-  cmdline = "(cd "in_dir" && find . \\( ! -name . -a -type d -prune \\) -o -type f -exec stat "stat_format" \\{\\} + | sort -k1n -k2r)"
+  cmdline = "(cd "in_dir" && find . \\( ! -name \".*\" -a -type d \\) -o -type f -exec stat "stat_format" \\{\\} + | sort -k1n -k2r)"
   #cmdline = "ls "in_dir" | (cd "in_dir" && xargs stat "stat_format" 2>/dev/null) | sort -k1n -k2r"
   #cmdline = "(cd "in_dir" && stat "stat_format" *) | sort -k1n -k2r"
   #cmdline = "(cd "in_dir" && ls | xargs stat "stat_format" ) | sort -k1n -k2r"
   while (cmdline | getline) {
     sub(/^[0-9]+ (\.\/)?/,"",$0)
-    infilesSmallToBig[i++] = $0
+    infilesSmallToBigFull[i] = $0
+    sub(/.*\//, "", $0)
+    infilesSmallToBig[i] = $0
+    infilesSmallToBigMap[infilesSmallToBig[i]] = infilesSmallToBigFull[i]
+    infilesSmallToBigFullMap[infilesSmallToBigFull[i]] = infilesSmallToBig[i]
+    i++
   }
   in_count = i
 
-  first_file = infilesSmallToBig[0]
+  first_file = infilesSmallToBigFull[0]
   
-  # Make sure that we're not dealing with a directory.
-
-  if (0 == system("test -d ""\""in_dir"/"first_file"\"")) {
-    print "[-] Error: The input directory is empty or contains subdirectories - please fix." > "/dev/stderr"
-    exit 1
-  }
+  #if (0 == system("test -d ""\""in_dir"/"first_file"\"")) {
+  #  print "[-] Error: The input directory is empty or contains subdirectories - please fix." > "/dev/stderr"
+  #  exit 1
+  #}
 
-  if (0 == system("ln \""in_dir"/"first_file"\" "trace_dir"/.link_test")) {
+  system(">\""in_dir"/.afl-cmin.test\"")
+  if (0 == system("ln \""in_dir"/.afl-cmin.test\" "trace_dir"/.link_test")) {
     cp_tool = "ln"
   } else {
     cp_tool = "cp"
   }
+  system("rm -f \""in_dir"/.afl-cmin.test\"")
 
   if (!ENVIRON["AFL_SKIP_BIN_CHECK"]) {
     # Make sure that we can actually get anything out of afl-showmap before we
@@ -511,7 +516,8 @@ BEGIN {
 
     # copy file unless already done
     if (! (fn in file_already_copied)) {
-      system(cp_tool" \""in_dir"/"fn"\" \""out_dir"/"fn"\"")
+      realfile = infilesSmallToBigMap[fn]
+      system(cp_tool" \""in_dir"/"realfile"\" \""out_dir"/"fn"\"")
       file_already_copied[fn] = ""
       ++out_count
       #printf "tuple nr %d (%d cnt=%d) -> %s\n",tcnt,key,key_count[key],fn > trace_dir"/.log"
diff --git a/docs/Changelog.md b/docs/Changelog.md
index 530dd941..9fd2a1a9 100644
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@@ -31,8 +31,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
   - afl_analyze:
     - fix timeout handling
     - add forkserver support for better performance
-  - afl-cmin, afl-cmin.bash and afl-showmap -i do now descend into
-    subdirectories (like afl-fuzz does)
+  - afl-cmin and afl-showmap -i do now descend into subdirectories
+    (like afl-fuzz does) - note that afl-cmin.bash does not!
   - ensure afl-compiler-rt is built for gcc_module
 
 ### Version ++3.13c (release)
diff --git a/instrumentation/afl-compiler-rt.o.c b/instrumentation/afl-compiler-rt.o.c
index 50117012..404b761f 100644
--- a/instrumentation/afl-compiler-rt.o.c
+++ b/instrumentation/afl-compiler-rt.o.c
@@ -1019,7 +1019,7 @@ static void __afl_start_forkserver(void) {
 
       if (read(FORKSRV_FD, &was_killed, 4) != 4) {
 
-        write_error("read from afl-fuzz");
+        //write_error("read from afl-fuzz");
         _exit(1);
 
       }
diff --git a/src/afl-showmap.c b/src/afl-showmap.c
index 03050d91..646396ad 100644
--- a/src/afl-showmap.c
+++ b/src/afl-showmap.c
@@ -233,7 +233,11 @@ static u32 write_results_to_file(afl_forkserver_t *fsrv, u8 *outfile) {
   u8 cco = !!getenv("AFL_CMIN_CRASHES_ONLY"),
      caa = !!getenv("AFL_CMIN_ALLOW_ANY");
 
-  if (!outfile) { FATAL("Output filename not set (Bug in AFL++?)"); }
+  if (!outfile || !*outfile) {
+
+    FATAL("Output filename not set (Bug in AFL++?)");
+
+  }
 
   if (cmin_mode &&
       (fsrv->last_run_timed_out || (!caa && child_crashed != cco))) {
@@ -753,7 +757,9 @@ u32 execute_testcases(u8 *dir) {
 
     }
 
-    // DO
+    if (!collect_coverage)
+      snprintf(outfile, sizeof(outfile), "%s/%s", out_file, nl[i]->d_name);
+
     if (read_file(fn2)) {
 
       if (wait_for_gdb) {
@@ -800,31 +806,31 @@ static void usage(u8 *argv0) {
       "\n%s [ options ] -- /path/to/target_app [ ... ]\n\n"
 
       "Required parameters:\n"
-      "  -o file       - file to write the trace data to\n\n"
+      "  -o file    - file to write the trace data to\n\n"
 
       "Execution control settings:\n"
-      "  -t msec       - timeout for each run (none)\n"
-      "  -m megs       - memory limit for child process (%u MB)\n"
-      "  -O            - use binary-only instrumentation (FRIDA mode)\n"
-      "  -Q            - use binary-only instrumentation (QEMU mode)\n"
-      "  -U            - use Unicorn-based instrumentation (Unicorn mode)\n"
-      "  -W            - use qemu-based instrumentation with Wine (Wine mode)\n"
-      "                  (Not necessary, here for consistency with other afl-* "
+      "  -t msec    - timeout for each run (none)\n"
+      "  -m megs    - memory limit for child process (%u MB)\n"
+      "  -O         - use binary-only instrumentation (FRIDA mode)\n"
+      "  -Q         - use binary-only instrumentation (QEMU mode)\n"
+      "  -U         - use Unicorn-based instrumentation (Unicorn mode)\n"
+      "  -W         - use qemu-based instrumentation with Wine (Wine mode)\n"
+      "               (Not necessary, here for consistency with other afl-* "
       "tools)\n\n"
       "Other settings:\n"
-      "  -i dir        - process all files in this directory, must be combined "
+      "  -i dir     - process all files below this directory, must be combined "
       "with -o.\n"
-      "                  With -C, -o is a file, without -C it must be a "
+      "               With -C, -o is a file, without -C it must be a "
       "directory\n"
-      "                  and each bitmap will be written there individually.\n"
-      "  -C            - collect coverage, writes all edges to -o and gives a "
+      "               and each bitmap will be written there individually.\n"
+      "  -C         - collect coverage, writes all edges to -o and gives a "
       "summary\n"
-      "                  Must be combined with -i.\n"
-      "  -q            - sink program's output and don't show messages\n"
-      "  -e            - show edge coverage only, ignore hit counts\n"
-      "  -r            - show real tuple values instead of AFL filter values\n"
-      "  -s            - do not classify the map\n"
-      "  -c            - allow core dumps\n\n"
+      "               Must be combined with -i.\n"
+      "  -q         - sink program's output and don't show messages\n"
+      "  -e         - show edge coverage only, ignore hit counts\n"
+      "  -r         - show real tuple values instead of AFL filter values\n"
+      "  -s         - do not classify the map\n"
+      "  -c         - allow core dumps\n\n"
 
       "This tool displays raw tuple data captured by AFL instrumentation.\n"
       "For additional help, consult %s/README.md.\n\n"
@@ -1259,7 +1265,7 @@ int main(int argc, char **argv_orig, char **envp) {
 
     } else {
 
-      if ((coverage_map = (u8 *)malloc(map_size)) == NULL)
+      if ((coverage_map = (u8 *)malloc(map_size + 64)) == NULL)
         FATAL("coult not grab memory");
       edges_only = false;
       raw_instr_output = true;