ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-17 04:18:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixed potential double free in custom trim (#881)

Browse Source
This commit is contained in:
Dominik Maier
2021-04-30 13:35:24 +02:00
parent 758bc770a8
commit e9d2f72382
4 changed files with 29 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/afl-fuzz-one.c
View File

@ -508,7 +508,7 @@ u8 fuzz_one_original(afl_state_t *afl) {
u32 old_len = afl->queue_cur->len;
u8 res = trim_case(afl, afl->queue_cur, in_buf);
u8 res = trim_case(afl, afl->queue_cur, &in_buf);
orig_in = in_buf = queue_testcase_get(afl, afl->queue_cur);
if (unlikely(res == FSRV_RUN_ERROR)) {
@ -3007,16 +3007,16 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {
u32 old_len = afl->queue_cur->len;
u8 res = trim_case(afl, afl->queue_cur, in_buf);
u8 res = trim_case(afl, afl->queue_cur, &in_buf);
orig_in = in_buf = queue_testcase_get(afl, afl->queue_cur);
if (res == FSRV_RUN_ERROR) {
if (unlikely(res == FSRV_RUN_ERROR)) {
FATAL("Unable to execute target application");
}
if (afl->stop_soon) {
if (unlikely(afl->stop_soon)) {
++afl->cur_skipped_paths;
goto abandon_entry;