3 files changed, 11 insertions, 5 deletions

diff --git a/qemu_taint/README.md b/qemu_taint/README.md
index e78e918d..c842da0e 100644
--- a/qemu_taint/README.md
+++ b/qemu_taint/README.md
@@ -1,9 +1,11 @@
 # qemu_taint
+
 First level taint implementation with qemu for linux user mode
 
 **THIS IS NOT WORKING YET** **WIP**
 
 ## What is this for
+
 On new queue entries (newly discovered paths into the target) this tainter
 is run with the new input and the data gathered which bytes in the input
 file are actually touched.
@@ -11,17 +13,21 @@ file are actually touched.
 Only touched bytes are then fuzzed by afl-fuzz
 
 ## How to build
+
 ./build_qemu_taint.sh
 
 ## How to use
+
 Add the -T flag to afl-fuzz
 
 ## Caveats
+
 For some targets this is amazing and improves fuzzing a lot, but if a target
 copies all input bytes first (e.g. for creating a crc checksum or just to
 safely work with the data), then this is not helping at all.
 
 ## Future
+
 Two fuzz modes for a queue entry which will be switched back and forth:
 
   1. fuzz all touched bytes
diff --git a/qemu_taint/build.sh b/qemu_taint/build_qemu_taint.sh
index 461ead68..b54c3e04 100755
--- a/qemu_taint/build.sh
+++ b/qemu_taint/build_qemu_taint.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 test -d qemu ||  git clone https://github.com/vanhauser-thc/qemu_taint qemu || exit 1
 cd qemu || exit 1
-test -d .git || { git stash ; git pull ; }
-cp -fv ../../include/config.h ../../include/types.h .
-./build.sh
+test -d .git && { git stash ; git pull ; }
+cp -fv ../../include/config.h ../../include/types.h . || exit 1
+./build.sh || exit 1
 cp -fv ./afl-qemu-taint ../..
diff --git a/qemu_taint/clean.sh b/qemu_taint/clean.sh
index 0046c6c0..10c44cac 100755
--- a/qemu_taint/clean.sh
+++ b/qemu_taint/clean.sh
@@ -1,3 +1,3 @@
 #!/bin/sh
-rm -f afl-qemu-taint
-test -d qemu && rm -f qemu
+rm -f afl-qemu-taint qemu/afl-qemu-taint ../afl-qemu-taint
+test -d qemu && { cd qemu ; ./clean.sh ; }