about summary refs log tree commit diff
path: root/src/afl-fuzz.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/afl-fuzz.c')
-rw-r--r--src/afl-fuzz.c16
1 files changed, 11 insertions, 5 deletions
diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c
index 0c73ca2c..0609061c 100644
--- a/src/afl-fuzz.c
+++ b/src/afl-fuzz.c
@@ -655,11 +655,17 @@ int main(int argc, char** argv, char** envp) {
 
   if ((tmp_dir = getenv("AFL_TMPDIR")) != NULL) {
 
-    char tmpfile[strlen(tmp_dir + 16)];
-    sprintf(tmpfile, "%s/%s", tmp_dir, ".cur_input");
+    char tmpfile[file_extension 
+         ? strlen(tmp_dir) + 1 + 10 + 1 + strlen(file_extension) + 1
+         : strlen(tmp_dir) + 1 + 10 + 1];
+    if (file_extension) {
+      sprintf(tmpfile, "%s/.cur_input.%s", tmp_dir, file_extension);
+    } else {
+      sprintf(tmpfile, "%s/.cur_input", tmp_dir);
+    }
     if (access(tmpfile, F_OK) !=
         -1)  // there is still a race condition here, but well ...
-      FATAL("TMP_DIR already has an existing temporary input file: %s",
+      FATAL("AFL_TMPDIR already has an existing temporary input file: %s",
             tmpfile);
 
   } else
@@ -854,11 +860,11 @@ int main(int argc, char** argv, char** envp) {
 
         if (file_extension) {
 
-          out_file = alloc_printf("%s/.cur_input.%s", out_dir, file_extension);
+          out_file = alloc_printf("%s/.cur_input.%s", tmp_dir, file_extension);
 
         } else {
 
-          out_file = alloc_printf("%s/.cur_input", out_dir);
+          out_file = alloc_printf("%s/.cur_input", tmp_dir);
 
         }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-18 12:58:53 +0000