mirror of
https://github.com/AFLplusplus/AFLplusplus.git
synced 2025-06-21 13:51:18 +00:00
340d6aa97c
* bugfix: free a chunk with a size of 0, it will cause 1 byte oob. Malloc does not check the size. Generally, malloc(0) should return 0 but there will return two pages. Free will use is_buffer_in_chunk to check whether the address is in the chunk. At that time, the chunk.data_addr == total_size . Free pass address and "1" to is_buffer_in_chunk. So cause 1 byte out-of-bound. * typo