On Wed, Dec 06, 2023 at 08:43:42AM +0100, Florian Westphal wrote: > Phil Sutter <phil@xxxxxx> wrote: > > > +__AFL_FUZZ_INIT(); > > > +/* this get passed via afl-cc, declares prototypes > > > + * depending on the afl-cc flavor. > > > + */ > > > > This comment seems out of place? > > I wanted to add some explanation as to where this > macro is defined/coming from. Ah, so it relates to the preceding macro call. Maybe s/this/above macro declaraction/ ? > > > > + len = strlen(buf); > > > + > > > + rv = write(fd, buf, len); > > > > So this sets input->fname to name and writes into the opened fd, but > > what if savebuf() noticed buf fits into input->buffer and thus set > > input->use_filename = false? > > What about it? The idea is to have an on-disk copy in case afl or the > vm its running in crashes. Hmm. Probably I miss the point regarding struct nft_afl_input. IMO, if save_candidate() writes data into the file despite called savebuf() setting use_filename = false, nft_afl_run_cmd() will try to read from ->buffer when it should read from ->fname. Cheers, Phil
