enhancements

examples/aflpp_driver/aflpp_driver.c

@@ -306,10 +306,13 @@ int main(int argc, char **argv) {
   else if (argc > 1) {
 
     if (!getenv("AFL_DISABLE_LLVM_INSTRUMENTATION")) {
+
       munmap(__afl_area_ptr, MAX_DUMMY_SIZE);  // we need to free 0x10000
       __afl_area_ptr = NULL;
       __afl_manual_init();
+
     }
+
     return ExecuteFilesOnyByOne(argc, argv);
 
   }
@@ -317,11 +320,14 @@ int main(int argc, char **argv) {
   assert(N > 0);
 
   if (!getenv("AFL_DISABLE_LLVM_INSTRUMENTATION")) {
+
     munmap(__afl_area_ptr, MAX_DUMMY_SIZE);
     __afl_area_ptr = NULL;
     fprintf(stderr, "performing manual init\n");
     __afl_manual_init();
+
   }
+
   fprintf(stderr, "map is now at %p\n", __afl_area_ptr);
 
   // Call LLVMFuzzerTestOneInput here so that coverage caused by initialization
@@ -333,11 +339,7 @@ int main(int argc, char **argv) {
 
     ssize_t r = read(0, buf, sizeof(buf));
 
-    if (r > 0) {
-
-      LLVMFuzzerTestOneInput(buf, r);
-
-    }
+    if (r > 0) { LLVMFuzzerTestOneInput(buf, r); }
 
   }
 

include/common.h

@@ -55,7 +55,7 @@ extern u8 *doc_path;                    /* path to documentation dir        */
    @returns the path, allocating the string */
 
 u8 *find_binary(u8 *fname);
-u8 *find_binary_own_loc(u8 *fname, u8 *own_loc);
+u8 *find_afl_binary(u8 *fname, u8 *own_loc);
 
 /* Read a bitmap from file fname to memory
    This is for the -B option again. */

llvm_mode/afl-llvm-rt.o.c

@@ -847,8 +847,7 @@ void __afl_manual_init(void) {
     init_done = 1;
     is_persistent = 0;
     __afl_sharedmem_fuzzing = 0;
-    if (__afl_area_ptr == NULL)
-      __afl_area_ptr = __afl_area_initial;
+    if (__afl_area_ptr == NULL) __afl_area_ptr = __afl_area_initial;
 
     if (getenv("AFL_DEBUG"))
       fprintf(stderr,

src/afl-common.c

@@ -138,7 +138,7 @@ void argv_cpy_free(char **argv) {
 
 }
 
-u8 *find_binary_own_loc(u8 *fname, u8 *own_loc) {
+u8 *find_afl_binary(u8 *fname, u8 *own_loc) {
 
   u8 *tmp, *rsl, *own_copy, *cp;
 
@@ -154,6 +154,8 @@ u8 *find_binary_own_loc(u8 *fname, u8 *own_loc) {
 
   }
 
+  if (own_loc) {
+
     own_copy = ck_strdup(own_loc);
     rsl = strrchr(own_copy, '/');
 
@@ -172,6 +174,8 @@ u8 *find_binary_own_loc(u8 *fname, u8 *own_loc) {
 
     }
 
+  }
+
   cp = alloc_printf("%s/%s", BIN_PATH, fname);
   if (!access(cp, X_OK)) { return cp; }
 
@@ -196,7 +200,7 @@ char **get_qemu_argv(u8 *own_loc, u8 **target_path_p, int argc, char **argv) {
 
   /* Now we need to actually find the QEMU binary to put in argv[0]. */
 
-  cp = find_binary_own_loc("afl-qemu-trace", own_loc);
+  cp = find_afl_binary("afl-qemu-trace", own_loc);
 
   if (cp) {
 
@@ -241,12 +245,12 @@ char **get_wine_argv(u8 *own_loc, u8 **target_path_p, int argc, char **argv) {
 
   /* Now we need to actually find the QEMU binary to put in argv[0]. */
 
-  cp = find_binary_own_loc("afl-qemu-trace", own_loc);
+  cp = find_afl_binary("afl-qemu-trace", own_loc);
 
   if (cp) {
 
     ck_free(cp);
-    cp = find_binary_own_loc("afl-wine-trace", own_loc);
+    cp = find_afl_binary("afl-wine-trace", own_loc);
 
     if (cp) {
 

src/afl-fuzz-one.c

@@ -2236,8 +2236,8 @@ havoc_stage:
 
             clone_to = rand_below(afl, temp_len);
 
-            new_buf = ck_maybe_grow(BUF_PARAMS(out_scratch),
-                                    temp_len + clone_len);
+            new_buf =
+                ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + clone_len);
 
             /* Head */
 
@@ -2403,8 +2403,7 @@ havoc_stage:
 
               if (temp_len + extra_len >= MAX_FILE) { break; }
 
-              out_buf =
-                  ck_maybe_grow(BUF_PARAMS(out), temp_len + extra_len);
+              out_buf = ck_maybe_grow(BUF_PARAMS(out), temp_len + extra_len);
 
               /* Tail */
               memmove(out_buf + insert_at + extra_len, out_buf + insert_at,
@@ -2499,8 +2498,8 @@ havoc_stage:
 
               clone_to = rand_below(afl, temp_len);
 
-              u8 *temp_buf = ck_maybe_grow(BUF_PARAMS(out_scratch),
-                                           temp_len + clone_len);
+              u8 *temp_buf =
+                  ck_maybe_grow(BUF_PARAMS(out_scratch), temp_len + clone_len);
 
               /* Head */
 

src/afl-fuzz.c

@@ -1274,9 +1274,8 @@ int main(int argc, char **argv_orig, char **envp) {
 
     ck_free(afl->taint_fsrv.target_path);
     afl->argv_taint = ck_alloc(sizeof(char *) * (argc + 4 - optind));
-    afl->taint_fsrv.target_path =
-        find_binary_own_loc("afl-qemu-taint", argv[0]);
-    afl->argv_taint[0] = find_binary_own_loc("afl-qemu-taint", argv[0]);
+    afl->taint_fsrv.target_path = find_afl_binary("afl-qemu-taint", argv[0]);
+    afl->argv_taint[0] = find_afl_binary("afl-qemu-taint", argv[0]);
     if (!afl->argv_taint[0])
       FATAL(
           "Cannot find 'afl-qemu-taint', read qemu_taint/README.md on how to "
@@ -1314,13 +1313,13 @@ int main(int argc, char **argv_orig, char **envp) {
     if (getrlimit(RLIMIT_STACK, &rl) != 0)
       WARNF("Setting a higher stack size failed!");
 
-#define BUF_PARAMS(name) (void **)&afl->name##_buf, &afl->name##_size
+  #define BUF_PARAMS(name) (void **)&afl->name##_buf, &afl->name##_size
     u8 *tmp1 = ck_maybe_grow(BUF_PARAMS(eff), MAX_FILE + 4096);
     u8 *tmp2 = ck_maybe_grow(BUF_PARAMS(ex), MAX_FILE + 4096);
     u8 *tmp3 = ck_maybe_grow(BUF_PARAMS(in_scratch), MAX_FILE + 4096);
     u8 *tmp4 = ck_maybe_grow(BUF_PARAMS(out), MAX_FILE + 4096);
     u8 *tmp5 = ck_maybe_grow(BUF_PARAMS(out_scratch), MAX_FILE + 4096);
-#undef BUF_PARAMS
+  #undef BUF_PARAMS
     if (!tmp1 || !tmp2 || !tmp3 || !tmp4 || !tmp5)
       FATAL("memory issues. me hungry, feed me!");