From 2107ece114e66952f16d2dbc888d46a1061e6faf Mon Sep 17 00:00:00 2001
From: van Hauser <vh@thc.org>
Date: Fri, 7 Oct 2022 15:40:04 +0200
Subject: auto shmem fuzzing (#1541)

* auto shmem fuzzing

* print warning when forcing shmem fuzzing

* typos

* Shmem always

* typo fix

* fixes

Co-authored-by: Dominik Maier <dmnk@google.com>
---
 src/afl-cc.c      |  2 +-
 src/afl-fuzz.c    | 14 ++++++++++++++
 src/afl-showmap.c |  2 +-
 src/afl-tmin.c    |  2 +-
 4 files changed, 17 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/afl-cc.c b/src/afl-cc.c
index 53fba1e7..469aa825 100644
--- a/src/afl-cc.c
+++ b/src/afl-cc.c
@@ -317,7 +317,7 @@ void parse_fsanitize(char *string) {
   char *tmp = malloc(strlen(ptr));
   u32   count = 0, len, ende = 0;
 
-  if (!new || !tmp) { FATAL("could not aquire memory"); }
+  if (!new || !tmp) { FATAL("could not acquire memory"); }
   strcpy(new, "-fsanitize=");
 
   do {
diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c
index 294c42f6..84ae54ff 100644
--- a/src/afl-fuzz.c
+++ b/src/afl-fuzz.c
@@ -2132,6 +2132,20 @@ int main(int argc, char **argv_orig, char **envp) {
 
   }
 
+  if (afl->fsrv.out_file && afl->fsrv.use_shmem_fuzz) {
+
+    afl->fsrv.out_file = NULL;
+    afl->fsrv.use_stdin = 0;
+    if (!afl->unicorn_mode && !afl->fsrv.use_stdin) {
+
+      WARNF(
+          "You specified -f or @@ on the command line but the target harness "
+          "specified fuzz cases via shmem, switching to shmem!");
+
+    }
+
+  }
+
   deunicode_extras(afl);
   dedup_extras(afl);
   if (afl->extras_cnt) { OKF("Loaded a total of %u extras.", afl->extras_cnt); }
diff --git a/src/afl-showmap.c b/src/afl-showmap.c
index b0b21011..0b724758 100644
--- a/src/afl-showmap.c
+++ b/src/afl-showmap.c
@@ -1268,7 +1268,7 @@ int main(int argc, char **argv_orig, char **envp) {
           (new_map_size > map_size && new_map_size - map_size > MAP_SIZE)) {
 
         if (!be_quiet)
-          ACTF("Aquired new map size for target: %u bytes\n", new_map_size);
+          ACTF("Acquired new map size for target: %u bytes\n", new_map_size);
 
         afl_shm_deinit(&shm);
         afl_fsrv_kill(fsrv);
diff --git a/src/afl-tmin.c b/src/afl-tmin.c
index 78537f9f..694c9c21 100644
--- a/src/afl-tmin.c
+++ b/src/afl-tmin.c
@@ -1252,7 +1252,7 @@ int main(int argc, char **argv_orig, char **envp) {
           (new_map_size > map_size && new_map_size - map_size > MAP_SIZE)) {
 
         if (!be_quiet)
-          ACTF("Aquired new map size for target: %u bytes\n", new_map_size);
+          ACTF("Acquired new map size for target: %u bytes\n", new_map_size);
 
         afl_shm_deinit(&shm);
         afl_fsrv_kill(fsrv);
-- 
cgit v1.2.3


From e6e82948bf95fab90466cb2dfa78457c4d2d80a6 Mon Sep 17 00:00:00 2001
From: vanhauser-thc <vh@thc.org>
Date: Tue, 11 Oct 2022 08:53:49 +0200
Subject: fastexit + code format

---
 src/afl-fuzz.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src')

diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c
index 84ae54ff..d116822a 100644
--- a/src/afl-fuzz.c
+++ b/src/afl-fuzz.c
@@ -2570,6 +2570,7 @@ int main(int argc, char **argv_orig, char **envp) {
 stop_fuzzing:
 
   afl->force_ui_update = 1;  // ensure the screen is reprinted
+  afl->stop_soon = 1;        // ensure everything is written
   show_stats(afl);           // print the screen one last time
   write_bitmap(afl);
   save_auto(afl);
-- 
cgit v1.2.3