fix short write

2025-06-14 11:08:06 +00:00 · 2020-08-05 11:17:15 +02:00
parent 0712d44cbc
commit f30ca1476c
4 changed files with 24 additions and 9 deletions
--- a/llvm_mode/afl-clang-fast.c
+++ b/llvm_mode/afl-clang-fast.c
@ -161,8 +161,8 @@ static void find_obj(u8 *argv0) {

 static void edit_params(u32 argc, char **argv, char **envp) {

-  u8  fortify_set = 0, asan_set = 0, x_set = 0, bit_mode = 0,
-      preprocessor_only = 0;
+  u8 fortify_set = 0, asan_set = 0, x_set = 0, bit_mode = 0,
+     preprocessor_only = 0;
  u8  have_pic = 0;
  u8 *name;

@ -568,6 +568,7 @@ static void edit_params(u32 argc, char **argv, char **envp) {
  }

  if (preprocessor_only) {
+
    /* In the preprocessor_only case (-E), we are not actually compiling at
       all but requesting the compiler to output preprocessed sources only.
       We must not add the runtime in this case because the compiler will
@ -575,6 +576,7 @@ static void edit_params(u32 argc, char **argv, char **envp) {
       systems that rely on a separate source preprocessing step. */
    cc_params[cc_par_cnt] = NULL;
    return;
+
  }

 #ifndef __ANDROID__
--- a/src/afl-fuzz-queue.c
+++ b/src/afl-fuzz-queue.c
@ -112,8 +112,10 @@ static u8 check_if_text(struct queue_entry *q) {
  u8  buf[MAX_FILE];
  s32 fd, len = q->len, offset = 0, ascii = 0, utf8 = 0, comp;

+  if (len >= MAX_FILE) len = MAX_FILE - 1;
  if ((fd = open(q->fname, O_RDONLY)) < 0) return 0;
  if ((comp = read(fd, buf, len)) != len) return 0;
+  buf[len] = 0;
  close(fd);

  while (offset < len) {
--- a/src/afl-fuzz-run.c
+++ b/src/afl-fuzz-run.c
@ -819,16 +819,27 @@ u8 trim_case(afl_state_t *afl, struct queue_entry *q, u8 *in_buf) {

      fd = open(q->fname, O_WRONLY | O_CREAT | O_TRUNC, 0600);

+      if (fd < 0) { PFATAL("Unable to create '%s'", q->fname); }
+
+      u32 written = 0;
+      while (written < q->len) {
+
+        ssize_t result = write(fd, in_buf, q->len - written);
+        if (result > 0) written += result;
+
+      }
+
    } else {

      unlink(q->fname);                                    /* ignore errors */
      fd = open(q->fname, O_WRONLY | O_CREAT | O_EXCL, 0600);

+      if (fd < 0) { PFATAL("Unable to create '%s'", q->fname); }
+
+      ck_write(fd, in_buf, q->len, q->fname);
+
    }

-    if (fd < 0) { PFATAL("Unable to create '%s'", q->fname); }
-
-    ck_write(fd, in_buf, q->len, q->fname);
    close(fd);

    memcpy(afl->fsrv.trace_bits, afl->clean_trace, afl->fsrv.map_size);