oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Fuzzing objdump (PR 17512) and readelf (PR 17531)

From: Robert Święcki <robert () swiecki net>
Date: Fri, 7 Nov 2014 16:58:44 +0100
2014-11-07 11:08 GMT+01:00 Yury Gribov <y.gribov () samsung com>:

On 11/07/2014 07:43 AM, Alexander Cherepanov wrote:


Longer version: I started with the most simple approach I could get
results with and improved it only a little bit so far. There was just no
need for improvements -- until recently I was getting more crashes than
I can analyze (i.e. run through valgrind:-).



This looks rather impressive.  Have you considered automatically detecting
duplicates by e.g. analyzing stacktraces?


Feel free to take a look at honggfuzz - https://code.google.com/p/honggfuzz/

It provides a crude version of unification on the basis of offending
program counter (as well as simple disassembly of the offending
instruction). It also disables address randomization to get repeatable
crashes. Example output (from testing strings-multiarch):
http://alt.swiecki.net/.t/strings-multiarch.txt

Usage:
honggfuzz -f in/ -r 0.1 -q -- /usr/bin/strings ___FILE___

-- 
Robert Święcki
Previous By Date Next
Previous By Thread Next

Current thread: