From c2b04bdf6c596f5d220f27caead20d09452ed42d Mon Sep 17 00:00:00 2001
From: Andrea Fioraldi <andreafioraldi@gmail.com>
Date: Thu, 16 Jul 2020 14:32:41 +0200
Subject: queue buffer and new splice havoc mutation

---
 src/afl-fuzz-queue.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/afl-fuzz-queue.c')

diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c
index 7afdd9f1..a96995e5 100644
--- a/src/afl-fuzz-queue.c
+++ b/src/afl-fuzz-queue.c
@@ -25,6 +25,8 @@
 #include "afl-fuzz.h"
 #include <limits.h>
 
+#define BUF_PARAMS(name) (void **)&afl->name##_buf, &afl->name##_size
+
 /* Mark deterministic checks as done for a particular queue entry. We use the
    .state file to avoid repeating deterministic fuzzing when resuming aborted
    scans. */
@@ -137,6 +139,9 @@ void add_to_queue(afl_state_t *afl, u8 *fname, u32 len, u8 passed_det) {
     afl->q_prev100 = q;
 
   }
+  
+  struct queue_entry** queue_buf = ck_maybe_grow(BUF_PARAMS(queue), afl->queued_paths * sizeof(struct queue_entry*));
+  queue_buf[afl->queued_paths -1] = q;
 
   afl->last_path_time = get_cur_time();
 
-- 
cgit 1.4.1