diff options
Diffstat (limited to 'src/afl-fuzz-cmplog.c')
-rw-r--r-- | src/afl-fuzz-cmplog.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/src/afl-fuzz-cmplog.c b/src/afl-fuzz-cmplog.c index 258d9ea7..21f34e12 100644 --- a/src/afl-fuzz-cmplog.c +++ b/src/afl-fuzz-cmplog.c @@ -11,7 +11,7 @@ Andrea Fioraldi <andreafioraldi@gmail.com> Copyright 2016, 2017 Google Inc. All rights reserved. - Copyright 2019-2022 AFLplusplus Project. All rights reserved. + Copyright 2019-2024 AFLplusplus Project. All rights reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -33,23 +33,36 @@ void cmplog_exec_child(afl_forkserver_t *fsrv, char **argv) { setenv("___AFL_EINS_ZWEI_POLIZEI___", "1", 1); - if (fsrv->qemu_mode) { setenv("AFL_DISABLE_LLVM_INSTRUMENTATION", "1", 0); } + if (fsrv->qemu_mode || fsrv->cs_mode) { + + setenv("AFL_DISABLE_LLVM_INSTRUMENTATION", "1", 0); + + } if (!fsrv->qemu_mode && !fsrv->frida_mode && argv[0] != fsrv->cmplog_binary) { - argv[0] = fsrv->cmplog_binary; + fsrv->target_path = argv[0] = fsrv->cmplog_binary; } - execv(argv[0], argv); + execv(fsrv->target_path, argv); } u8 common_fuzz_cmplog_stuff(afl_state_t *afl, u8 *out_buf, u32 len) { - u8 fault; + u8 fault; + u32 tmp_len = write_to_testcase(afl, (void **)&out_buf, len, 0); + + if (likely(tmp_len)) { + + len = tmp_len; - write_to_testcase(afl, (void **)&out_buf, len, 0); + } else { + + len = write_to_testcase(afl, (void **)&out_buf, len, 1); + + } fault = fuzz_run_target(afl, &afl->cmplog_fsrv, afl->fsrv.exec_tmout); |