From 8a217c55d18bfd43f0acd66b4526d9241c239115 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Thu, 6 May 2021 17:03:55 +0200 Subject: [PATCH] no longer quits execution at addr 0x0 --- afl.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/afl.c b/afl.c index 689801b07f..6a2c49affa 100644 --- a/afl.c +++ b/afl.c @@ -36,10 +36,14 @@ uc_afl_ret uc_afl_forkserver_start(uc_engine *uc, uint64_t *exits, size_t exit_c fprintf(stderr, "[!] Unicorn Engine passed to uc_afl_fuzz is NULL!\n"); return UC_AFL_RET_ERROR; } - if (!exit_count) { + if (!exits) { fprintf(stderr, "[!] Nullptr provided for exits.\n"); return UC_AFL_RET_ERROR; } + if (!exit_count) { + fprintf(stderr, "[!] No exits provided (exit_count was 0).\n"); + return UC_AFL_RET_ERROR; + } if (unlikely(uc->afl_area_ptr)) { #if defined(AFL_DEBUG) fprintf(stderr, "[!] forkserver_start(...) called twice. Already fuzzing!\n"); @@ -55,6 +59,8 @@ uc_afl_ret uc_afl_forkserver_start(uc_engine *uc, uint64_t *exits, size_t exit_c } memcpy(uc->exits, exits, sizeof(exits[0]) * exit_count); uc->exit_count = exit_count; + // Set addr_end to make sure unicorn will not stop at addr 0x0. + uc->addr_end = uc->exits[0]; /* Fork() :) */ return uc->afl_forkserver_start(uc);