fix and clean UID/GID modification

src/afl-forkserver.c

@@ -235,6 +235,24 @@ static void fsrv_exec_child(afl_forkserver_t *fsrv, char **argv) {
 
   }
 
+  if (fsrv->chown_needed && fsrv->out_file != NULL) {
+
+    if (access(fsrv->out_file, R_OK) == -1) {
+
+      if (errno == EACCES) {
+
+        FATAL(
+            "Access to the file to fuzz denied. Most likely the requested\n"
+            "    UID and/or GID is denied search permission ('x') for one of "
+            "the directories\n    in the path prefix of \"%s\".",
+            fsrv->out_file);
+
+      }
+
+    }
+
+  }
+
   execv(fsrv->target_path, argv);
 
   WARNF("Execv failed in forkserver: %s.", strerror(errno));

src/afl-fuzz-init.c

@@ -2273,8 +2273,6 @@ void setup_dirs_fds(afl_state_t *afl) {
 
   }
 
-  printf("out_dir = %s\n", afl->out_dir);
-
   if (mkdir(afl->out_dir, afl->dir_perm)) {
 
     if (errno != EEXIST) { PFATAL("Unable to create '%s'", afl->out_dir); }

utils/afl_network_proxy/afl-network-server.c

@@ -179,7 +179,17 @@ static void set_up_environment(afl_forkserver_t *fsrv) {
 
   unlink(out_file);
 
-  fsrv->out_fd = open(out_file, O_RDWR | O_CREAT | O_EXCL, 0600);
+  fsrv->out_fd = open(out_file, O_RDWR | O_CREAT | O_EXCL, fsrv->perm);
+
+  if (fsrv->chown_needed) {
+
+    if (fchown(fsrv->out_fd, -1, fsrv->gid) == -1) {
+
+      PFATAL("fchown() failed");
+
+    }
+
+  }
 
   if (fsrv->out_fd < 0) { PFATAL("Unable to create '%s'", out_file); }
 
@@ -526,7 +536,8 @@ int main(int argc, char **argv_orig, char **envp) {
   check_environment_vars(envp);
 
   sharedmem_t shm = {0};
-  fsrv->trace_bits = afl_shm_init(&shm, map_size, 0);
+  fsrv->trace_bits = afl_shm_init(&shm, map_size, 0, fsrv->perm,
+                                  fsrv->chown_needed ? fsrv->gid : -1);
 
   in_data = afl_realloc((void **)&in_data, 65536);
   if (unlikely(!in_data)) { PFATAL("Alloc"); }