Merge pull request #2270 from AFLplusplus/dev

fix map size difference bug
2025-06-10 09:11:34 +00:00 · 2024-12-14 08:17:46 +01:00 · 2024-12-14 08:17:46 +01:00 · 3e18b1a10c
commit 3e18b1a10c
parent 0c69d0a0d8 1d3e885441
2 changed files with 5 additions and 4 deletions
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@ -11,6 +11,8 @@
      compiling if LLVMFuzzerTestOneOnput is in an .a archive
    - added __sanitizer_weak_hook_* functions (in case that is helpful in
      weird setups)
+    - fix bug with large map sizes when multiple libraries are loaded after
+      the shared memory was obtained.


 ### Version ++4.30c (release)
--- a/instrumentation/afl-compiler-rt.o.c
+++ b/instrumentation/afl-compiler-rt.o.c
@ -11,7 +11,6 @@

     https://www.apache.org/licenses/LICENSE-2.0

-
 */

 #ifdef __AFL_CODE_COVERAGE
@ -358,7 +357,7 @@ static void __afl_map_shm(void) {

  if (__afl_final_loc) {

-    __afl_map_size = ++__afl_final_loc;  // as we count starting 0
+    __afl_map_size = __afl_final_loc + 1;  // as we count starting 0

    if (getenv("AFL_DUMP_MAP_SIZE")) {

@ -601,9 +600,9 @@ static void __afl_map_shm(void) {

    }

-    __afl_area_ptr_dummy = (u8 *)malloc(__afl_final_loc);
+    __afl_map_size = __afl_final_loc + 1;
+    __afl_area_ptr_dummy = (u8 *)malloc(__afl_map_size);
    __afl_area_ptr = __afl_area_ptr_dummy;
-    __afl_map_size = __afl_final_loc;

    if (!__afl_area_ptr_dummy) {