about summary refs log tree commit diff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/afl-fuzz-redqueen.c16
-rw-r--r--src/afl-gcc.c12
2 files changed, 19 insertions, 9 deletions
diff --git a/src/afl-fuzz-redqueen.c b/src/afl-fuzz-redqueen.c
index 296fcd98..4f5d69f7 100644
--- a/src/afl-fuzz-redqueen.c
+++ b/src/afl-fuzz-redqueen.c
@@ -128,7 +128,7 @@ u8 colorization(u8* buf, u32 len, u32 exec_cksum) {
     rand_replace(buf + rng->start, s);
 
     u32 cksum;
-    if (unlikely(get_exec_checksum(buf, len, &cksum))) return 1;
+    if (unlikely(get_exec_checksum(buf, len, &cksum))) goto checksum_fail;
 
     if (cksum != exec_cksum) {
 
@@ -149,6 +149,7 @@ u8 colorization(u8* buf, u32 len, u32 exec_cksum) {
   new_hit_cnt = queued_paths + unique_crashes;
   stage_finds[STAGE_COLORIZATION] += new_hit_cnt - orig_hit_cnt;
   stage_cycles[STAGE_COLORIZATION] += stage_max - stage_cur;
+  ck_free(backup);
 
   while (ranges) {
 
@@ -186,6 +187,19 @@ u8 colorization(u8* buf, u32 len, u32 exec_cksum) {
 
   return 0;
 
+checksum_fail:
+  ck_free(backup);
+
+  while (ranges) {
+
+    rng = ranges;
+    ranges = ranges->next;
+    ck_free(rng);
+
+  }
+
+  return 1;
+
 }
 
 ///// Input to State replacement
diff --git a/src/afl-gcc.c b/src/afl-gcc.c
index 5ead32fb..03468d3d 100644
--- a/src/afl-gcc.c
+++ b/src/afl-gcc.c
@@ -282,15 +282,11 @@ static void edit_params(u32 argc, char** argv) {
 
   }
 
-  if (!asan_set) {
+  if (getenv("AFL_USE_UBSAN")) {
 
-    if (getenv("AFL_USE_UBSAN")) {
-
-      cc_params[cc_par_cnt++] = "-fsanitize=undefined";
-      cc_params[cc_par_cnt++] = "-fsanitize-undefined-trap-on-error";
-      cc_params[cc_par_cnt++] = "-fno-sanitize-recover=all";
-
-    }
+    cc_params[cc_par_cnt++] = "-fsanitize=undefined";
+    cc_params[cc_par_cnt++] = "-fsanitize-undefined-trap-on-error";
+    cc_params[cc_par_cnt++] = "-fno-sanitize-recover=all";
 
   }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-18 13:20:47 +0000