diff options
Diffstat (limited to 'src/afl-fuzz-queue.c')
| -rw-r--r-- | src/afl-fuzz-queue.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index 36ec0896..3ada9d98 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -118,6 +118,9 @@ void perform_taint_run(afl_state_t *afl, struct queue_entry *q, u8 *fname, if (q->fname_taint) { + u8 *save = ck_maybe_grow(BUF_PARAMS(out_scratch), afl->fsrv.map_size); + memcpy(save, afl->taint_fsrv.trace_bits, afl->fsrv.map_size); + afl->taint_fsrv.map_size = plen; // speed :) write_to_testcase(afl, mem, len); if (afl_fsrv_run_target(&afl->taint_fsrv, afl->fsrv.exec_tmout, @@ -214,6 +217,8 @@ void perform_taint_run(afl_state_t *afl, struct queue_entry *q, u8 *fname, } + memcpy(afl->taint_fsrv.trace_bits, save, afl->fsrv.map_size); + } if (!bytes) { @@ -227,11 +232,6 @@ void perform_taint_run(afl_state_t *afl, struct queue_entry *q, u8 *fname, } - } else { - - if (q->taint_bytes_all && !q->taint_bytes_new) - q->taint_bytes_new = q->taint_bytes_all; - } } |