From cd683ed2530d70c958c78395e7ee67b34c6821df Mon Sep 17 00:00:00 2001
From: Michael Rodler <michael.rodler@paluno.uni-due.de>
Date: Thu, 15 Jul 2021 11:03:20 +0200
Subject: fixed potential UAF with custom mutator havoc on realloc

---
 src/afl-fuzz-one.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c
index 76e64f2a..7274f679 100644
--- a/src/afl-fuzz-one.c
+++ b/src/afl-fuzz-one.c
@@ -2057,7 +2057,7 @@ havoc_stage:
               temp_len = new_len;
               if (out_buf != custom_havoc_buf) {
 
-                afl_realloc(AFL_BUF_PARAM(out), temp_len);
+                out_buf = afl_realloc(AFL_BUF_PARAM(out), temp_len);
                 if (unlikely(!afl->out_buf)) { PFATAL("alloc"); }
                 memcpy(out_buf, custom_havoc_buf, temp_len);
 
-- 
cgit 1.4.1