1 files changed, 24 insertions, 12 deletions

diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c
index bccd3d96..70bb4cfd 100644
--- a/src/afl-forkserver.c
+++ b/src/afl-forkserver.c
@@ -41,6 +41,7 @@
 #include <sys/time.h>
 #include <sys/wait.h>
 #include <sys/resource.h>
+#include <sys/select.h>
 
 /* Describe integer as memory size. */
 
@@ -168,10 +169,10 @@ void afl_fsrv_init(afl_forkserver_t *fsrv) {
 
 void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv) {
 
-  static struct itimerval it;
-  int                     st_pipe[2], ctl_pipe[2];
-  int                     status;
-  s32                     rlen;
+  struct timeval timeout;
+  int            st_pipe[2], ctl_pipe[2];
+  int            status;
+  s32            rlen;
 
   if (!getenv("AFL_QUIET")) ACTF("Spinning up the fork server...");
 
@@ -311,19 +312,30 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv) {
 
   if (fsrv->exec_tmout) {
 
-    it.it_value.tv_sec = ((fsrv->exec_tmout * FORK_WAIT_MULT) / 1000);
-    it.it_value.tv_usec = ((fsrv->exec_tmout * FORK_WAIT_MULT) % 1000) * 1000;
+    fd_set readfds;
 
-  }
+    FD_ZERO(&readfds);
+    FD_SET(fsrv->fsrv_st_fd, &readfds);
+    timeout.tv_sec = ((fsrv->exec_tmout * FORK_WAIT_MULT) / 1000);
+    timeout.tv_usec = ((fsrv->exec_tmout * FORK_WAIT_MULT) % 1000) * 1000;
+
+    int sret = select(fsrv->fsrv_st_fd + 1, &readfds, NULL, NULL, &timeout);
 
-  setitimer(ITIMER_REAL, &it, NULL);
+    if (sret == 0) {
 
-  rlen = read(fsrv->fsrv_st_fd, &status, 4);
+      fsrv->child_timed_out = 1;
+      kill(fsrv->child_pid, SIGKILL);
 
-  it.it_value.tv_sec = 0;
-  it.it_value.tv_usec = 0;
+    } else {
 
-  setitimer(ITIMER_REAL, &it, NULL);
+      rlen = read(fsrv->fsrv_st_fd, &status, 4);
+
+    }
+  } else {
+
+    rlen = read(fsrv->fsrv_st_fd, &status, 4);
+
+  }
 
   /* If we have a four-byte "hello" message from the server, we're all set.
      Otherwise, try to figure out what went wrong. */