aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/afl-fuzz-redqueen.c16
-rw-r--r--src/afl-gcc.c12
2 files changed, 19 insertions, 9 deletions
diff --git a/src/afl-fuzz-redqueen.c b/src/afl-fuzz-redqueen.c
index 296fcd98..4f5d69f7 100644
--- a/src/afl-fuzz-redqueen.c
+++ b/src/afl-fuzz-redqueen.c
@@ -128,7 +128,7 @@ u8 colorization(u8* buf, u32 len, u32 exec_cksum) {
rand_replace(buf + rng->start, s);
u32 cksum;
- if (unlikely(get_exec_checksum(buf, len, &cksum))) return 1;
+ if (unlikely(get_exec_checksum(buf, len, &cksum))) goto checksum_fail;
if (cksum != exec_cksum) {
@@ -149,6 +149,7 @@ u8 colorization(u8* buf, u32 len, u32 exec_cksum) {
new_hit_cnt = queued_paths + unique_crashes;
stage_finds[STAGE_COLORIZATION] += new_hit_cnt - orig_hit_cnt;
stage_cycles[STAGE_COLORIZATION] += stage_max - stage_cur;
+ ck_free(backup);
while (ranges) {
@@ -186,6 +187,19 @@ u8 colorization(u8* buf, u32 len, u32 exec_cksum) {
return 0;
+checksum_fail:
+ ck_free(backup);
+
+ while (ranges) {
+
+ rng = ranges;
+ ranges = ranges->next;
+ ck_free(rng);
+
+ }
+
+ return 1;
+
}
///// Input to State replacement
diff --git a/src/afl-gcc.c b/src/afl-gcc.c
index 5ead32fb..03468d3d 100644
--- a/src/afl-gcc.c
+++ b/src/afl-gcc.c
@@ -282,15 +282,11 @@ static void edit_params(u32 argc, char** argv) {
}
- if (!asan_set) {
+ if (getenv("AFL_USE_UBSAN")) {
- if (getenv("AFL_USE_UBSAN")) {
-
- cc_params[cc_par_cnt++] = "-fsanitize=undefined";
- cc_params[cc_par_cnt++] = "-fsanitize-undefined-trap-on-error";
- cc_params[cc_par_cnt++] = "-fno-sanitize-recover=all";
-
- }
+ cc_params[cc_par_cnt++] = "-fsanitize=undefined";
+ cc_params[cc_par_cnt++] = "-fsanitize-undefined-trap-on-error";
+ cc_params[cc_par_cnt++] = "-fno-sanitize-recover=all";
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-14 14:54:49 +0000