about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--examples/aflpp_driver/aflpp_qemu_driver.c2
-rw-r--r--examples/qemu_persistent_hook/read_into_rdi.c1
-rw-r--r--qemu_mode/patches/afl-qemu-cpu-inl.h2
-rw-r--r--src/afl-forkserver.c16
4 files changed, 12 insertions, 9 deletions
diff --git a/examples/aflpp_driver/aflpp_qemu_driver.c b/examples/aflpp_driver/aflpp_qemu_driver.c
index ee7dde10..4f3e5f71 100644
--- a/examples/aflpp_driver/aflpp_qemu_driver.c
+++ b/examples/aflpp_driver/aflpp_qemu_driver.c
@@ -6,7 +6,7 @@
 int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);
 __attribute__((weak)) int LLVMFuzzerInitialize(int *argc, char ***argv);
 
-static const size_t kMaxAflInputSize = 1 << 20;
+static const size_t kMaxAflInputSize = 1 * 1024 * 1024;
 static uint8_t      AflInputBuf[kMaxAflInputSize];
 
 void __attribute__((noinline)) afl_qemu_driver_stdin_input(void) {
diff --git a/examples/qemu_persistent_hook/read_into_rdi.c b/examples/qemu_persistent_hook/read_into_rdi.c
index 180d9f00..bd6d3f45 100644
--- a/examples/qemu_persistent_hook/read_into_rdi.c
+++ b/examples/qemu_persistent_hook/read_into_rdi.c
@@ -1,6 +1,7 @@
 #include <stdint.h>
 #include <stdio.h>
 #include <unistd.h>
+#include <string.h>
 
 #define g2h(x) ((void *)((unsigned long)(x) + guest_base))
 #define h2g(x) ((uint64_t)(x)-guest_base)
diff --git a/qemu_mode/patches/afl-qemu-cpu-inl.h b/qemu_mode/patches/afl-qemu-cpu-inl.h
index d3893066..8feb7613 100644
--- a/qemu_mode/patches/afl-qemu-cpu-inl.h
+++ b/qemu_mode/patches/afl-qemu-cpu-inl.h
@@ -341,6 +341,8 @@ void afl_forkserver(CPUState *cpu) {
     status |= (FS_OPT_SET_MAPSIZE(MAP_SIZE) | FS_OPT_MAPSIZE);
   if (sharedmem_fuzzing != 0) status |= FS_OPT_SHDMEM_FUZZ;
   if (status) status |= (FS_OPT_ENABLED);
+  if (getenv("AFL_DEBUG"))
+    fprintf(stderr, "Debug: Sending status %08x\n", status);
   memcpy(tmp, &status, 4);
 
   /* Tell the parent that we're alive. If the parent doesn't want
diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c
index 7f89f0dc..505fb7a3 100644
--- a/src/afl-forkserver.c
+++ b/src/afl-forkserver.c
@@ -277,8 +277,8 @@ static void report_error_and_exit(int error) {
       break;
     case FS_ERROR_MMAP:
       FATAL(
-          "the fuzzing target reports that the mmap() call to the shared memory "
-          "failed.");
+          "the fuzzing target reports that the mmap() call to the shared "
+          "memory failed.");
       break;
     default:
       FATAL("unknown error code %u from fuzzing target!", error);
@@ -488,16 +488,16 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv,
 
     if (!be_quiet) { OKF("All right - fork server is up."); }
 
-    if ((status & FS_OPT_ERROR) == FS_OPT_ERROR)
-      report_error_and_exit(FS_OPT_GET_ERROR(status));
+    if (getenv("AFL_DEBUG")) {
 
-    if ((status & FS_OPT_ENABLED) == FS_OPT_ENABLED) {
+      ACTF("Extended forkserver functions received (%08x).", status);
 
-      if (getenv("AFL_DEBUG")) {
+    }
 
-        ACTF("Extended forkserver functions received (%08x).", status);
+    if ((status & FS_OPT_ERROR) == FS_OPT_ERROR)
+      report_error_and_exit(FS_OPT_GET_ERROR(status));
 
-      }
+    if ((status & FS_OPT_ENABLED) == FS_OPT_ENABLED) {
 
       if ((status & FS_OPT_SNAPSHOT) == FS_OPT_SNAPSHOT) {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-15 18:43:49 +0000