From 8330e0e8baa9debdaabc7a09278b938c325b18a9 Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Mon, 17 Feb 2020 22:29:17 +0100 Subject: fix issue #198 AFL_TMPDIR is ignored for file .cur_input --- src/afl-fuzz.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'src/afl-fuzz.c') diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 0c73ca2c..0609061c 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -655,11 +655,17 @@ int main(int argc, char** argv, char** envp) { if ((tmp_dir = getenv("AFL_TMPDIR")) != NULL) { - char tmpfile[strlen(tmp_dir + 16)]; - sprintf(tmpfile, "%s/%s", tmp_dir, ".cur_input"); + char tmpfile[file_extension + ? strlen(tmp_dir) + 1 + 10 + 1 + strlen(file_extension) + 1 + : strlen(tmp_dir) + 1 + 10 + 1]; + if (file_extension) { + sprintf(tmpfile, "%s/.cur_input.%s", tmp_dir, file_extension); + } else { + sprintf(tmpfile, "%s/.cur_input", tmp_dir); + } if (access(tmpfile, F_OK) != -1) // there is still a race condition here, but well ... - FATAL("TMP_DIR already has an existing temporary input file: %s", + FATAL("AFL_TMPDIR already has an existing temporary input file: %s", tmpfile); } else @@ -854,11 +860,11 @@ int main(int argc, char** argv, char** envp) { if (file_extension) { - out_file = alloc_printf("%s/.cur_input.%s", out_dir, file_extension); + out_file = alloc_printf("%s/.cur_input.%s", tmp_dir, file_extension); } else { - out_file = alloc_printf("%s/.cur_input", out_dir); + out_file = alloc_printf("%s/.cur_input", tmp_dir); } -- cgit 1.4.1