From 98be54754c5e92f171b311cc1bc0a996e85aeedc Mon Sep 17 00:00:00 2001
From: lazymio <mio@lazym.io>
Date: Thu, 17 Feb 2022 19:22:38 +0100
Subject: [PATCH 1/2] Fix fuzzing for tendaac15

---
 examples/fuzzing/tenda_ac15/fuzz_tendaac15_httpd.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/examples/fuzzing/tenda_ac15/fuzz_tendaac15_httpd.py b/examples/fuzzing/tenda_ac15/fuzz_tendaac15_httpd.py
index 35f142eac..d30d01de4 100644
--- a/examples/fuzzing/tenda_ac15/fuzz_tendaac15_httpd.py
+++ b/examples/fuzzing/tenda_ac15/fuzz_tendaac15_httpd.py
@@ -34,8 +34,8 @@ def main(input_file, enable_trace=False):
     fuzz_mem=ql.mem.search(b"CCCCAAAA")
     target_address = fuzz_mem[0]
 
-    def place_input_callback(uc, input, _, data):
-        ql.mem.write(target_address, input)
+    def place_input_callback(_ql: Qiling, input: bytes, _):
+        _ql.mem.write(target_address, input)
 
     def start_afl(_ql: Qiling):
         """

From 63b2e58817110c0bdf119baa7739650d73e2e40b Mon Sep 17 00:00:00 2001
From: lazymio <mio@lazym.io>
Date: Tue, 22 Feb 2022 19:41:24 +0100
Subject: [PATCH 2/2] Fix wrong arguments for validate_crash_callback

---
 qiling/extensions/afl/afl.py | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/qiling/extensions/afl/afl.py b/qiling/extensions/afl/afl.py
index 8693145f6..b2f0448d1 100644
--- a/qiling/extensions/afl/afl.py
+++ b/qiling/extensions/afl/afl.py
@@ -7,7 +7,7 @@ def ql_afl_fuzz(ql: Qiling,
                 input_file: str,
                 place_input_callback: Callable[["Qiling", bytes, int], bool],
                 exits: List[int],
-                validate_crash_callback: Callable[["Qiling", bytes, int], bool] = None,
+                validate_crash_callback: Callable[["Qiling", int, bytes, int], bool] = None,
                 always_validate: bool = False,
                 persistent_iters: int = 1):
         """ Fuzz a range of code with afl++.
@@ -28,13 +28,18 @@ def ql_afl_fuzz(ql: Qiling,
 
         def _ql_afl_place_input_wrapper(uc, input_bytes, iters, data):
             (ql, cb, _) = data
+            if cb:
+                return cb(ql, input_bytes, iters)
+            else:
+                return False
 
-            return cb(ql, input_bytes, iters)
-
-        def _ql_afl_validate_wrapper(uc, input_bytes, iters, data):
+        def _ql_afl_validate_wrapper(uc, result, input_bytes, iters, data):
             (ql, _, cb) = data
 
-            return cb(ql, input_bytes, iters)
+            if cb:
+                return cb(ql, result, input_bytes, iters)
+            else:
+                return False
 
         data = (ql, place_input_callback, validate_crash_callback)
         try: