On 1/24/15 3:07 PM, Guy Harris wrote:
>
> On Jan 24, 2015, at 2:43 PM, Gerald Combs <gerald@xxxxxxxxxxxxx> wrote:
>
>> These were fixes that had to be made prior to fuzzing. As far as I can
>> tell they fall into the "squelch a compiler warning" category. afl-gcc
>> generates an instrumented executable, which you can then run under
>> afl-fuzz (the actual fuzzer). According to the documentation the
>> instrumentation isn't strictly necessary but it does enable more
>> intelligent and efficient fuzzing.
>
> So on what version of GCC is the version of afl-gcc you're running based? That might either be an incomplete data flow analysis in that version of GCC, or might be AFL extending the data flow analysis but not doing a complete job of it.
$ gcc --version
gcc-4.6.real (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3
Copyright (C) 2011 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
New fuzzer, old-ish compiler.