Skip to content
Snippets Groups Projects
Unverified Commit 2e8a459d authored by van Hauser's avatar van Hauser Committed by GitHub
Browse files

Merge pull request #1523 from lszekeres/stable 

Fix null pointers.
parents 05b1e49b 02db8685
Branches
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
utils/aflpp_driver/aflpp_driver.c
+ 7
6
View file @ 2e8a459d
...@@ -198,7 +198,8 @@ size_t LLVMFuzzerMutate(uint8_t *Data, size_t Size, size_t MaxSize) { ...@@ -198,7 +198,8 @@ size_t LLVMFuzzerMutate(uint8_t *Data, size_t Size, size_t MaxSize) {
} }
// Execute any files provided as parameters. // Execute any files provided as parameters.
static int ExecuteFilesOnyByOne(int argc, char **argv) { static int ExecuteFilesOnyByOne(int argc, char **argv,
int (*callback)(const uint8_t *data, size_t size)) {
unsigned char *buf = (unsigned char *)malloc(MAX_FILE); unsigned char *buf = (unsigned char *)malloc(MAX_FILE);
...@@ -234,7 +235,7 @@ static int ExecuteFilesOnyByOne(int argc, char **argv) { ...@@ -234,7 +235,7 @@ static int ExecuteFilesOnyByOne(int argc, char **argv) {
prev_length = length; prev_length = length;
printf("Reading %zu bytes from %s\n", length, argv[i]); printf("Reading %zu bytes from %s\n", length, argv[i]);
LLVMFuzzerTestOneInput(buf, length); callback(buf, length);
printf("Execution successful.\n"); printf("Execution successful.\n");
} }
...@@ -312,7 +313,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp, ...@@ -312,7 +313,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp,
__afl_sharedmem_fuzzing = 0; __afl_sharedmem_fuzzing = 0;
__afl_manual_init(); __afl_manual_init();
return ExecuteFilesOnyByOne(argc, argv); return ExecuteFilesOnyByOne(argc, argv, callback);
} else if (argc == 2 && argv[1][0] == '-') { } else if (argc == 2 && argv[1][0] == '-') {
...@@ -328,7 +329,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp, ...@@ -328,7 +329,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp,
if (argc == 2) { __afl_manual_init(); } if (argc == 2) { __afl_manual_init(); }
return ExecuteFilesOnyByOne(argc, argv); return ExecuteFilesOnyByOne(argc, argv, callback);
} }
...@@ -338,7 +339,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp, ...@@ -338,7 +339,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp,
// Call LLVMFuzzerTestOneInput here so that coverage caused by initialization // Call LLVMFuzzerTestOneInput here so that coverage caused by initialization
// on the first execution of LLVMFuzzerTestOneInput is ignored. // on the first execution of LLVMFuzzerTestOneInput is ignored.
LLVMFuzzerTestOneInput(dummy_input, 4); callback(dummy_input, 4);
__asan_poison_memory_region(__afl_fuzz_ptr, MAX_FILE); __asan_poison_memory_region(__afl_fuzz_ptr, MAX_FILE);
size_t prev_length = 0; size_t prev_length = 0;
...@@ -375,7 +376,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp, ...@@ -375,7 +376,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp,
while (__afl_persistent_loop(N)) { while (__afl_persistent_loop(N)) {
LLVMFuzzerTestOneInput(__afl_fuzz_ptr, *__afl_fuzz_len); callback(__afl_fuzz_ptr, *__afl_fuzz_len);
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment