diff options
Diffstat (limited to 'qemu_mode/patches/afl-qemu-cpu-inl.h')
| -rw-r--r-- | qemu_mode/patches/afl-qemu-cpu-inl.h | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/qemu_mode/patches/afl-qemu-cpu-inl.h b/qemu_mode/patches/afl-qemu-cpu-inl.h index 7836e2cf..78f607aa 100644 --- a/qemu_mode/patches/afl-qemu-cpu-inl.h +++ b/qemu_mode/patches/afl-qemu-cpu-inl.h @@ -83,9 +83,9 @@ unsigned char persistent_save_gpr; uint64_t persistent_saved_gpr[AFL_REGS_NUM]; int persisent_retaddr_offset; -u8 *shared_buf; -u32 shared_buf_len; -u8 sharedmem_fuzzing; +u8 * shared_buf; +u32 *shared_buf_len; +u8 sharedmem_fuzzing; afl_persistent_hook_fn afl_persistent_hook_ptr; @@ -148,6 +148,7 @@ static void afl_map_shm_fuzz(void) { u32 shm_id = atoi(id_str); shared_buf = shmat(shm_id, NULL, 0); + shared_buf_len = (u32 *)(shared_buf + MAX_FILE); /* Whooooops. */ @@ -377,9 +378,6 @@ void afl_forkserver(CPUState *cpu) { if (read(FORKSRV_FD, &was_killed, 4) != 4) exit(2); - shared_buf_len = (was_killed >> 8); - was_killed = (was_killed & 0xff); - /* If we stopped the child in persistent mode, but there was a race condition and afl-fuzz already issued SIGKILL, write off the old process. */ |