gpt4 book ai didi

c - American Fuzzy Lop 以一个简单的例子失败

转载 作者:太空宇宙 更新时间:2023-11-04 06:20:29 33 4
gpt4 key购买 nike

我一直在尝试使用 American Fuzzy Lop,但我无法使用像这样的简单示例来实现它:

#include <stdio.h>
#include <string.h>

int main(int argc, char * argv[]){
char name[10];

if ( argc > 1 ){
strcpy(name, argv[1]);

printf("HELLO %s\n", name);
}

return 0;
}

我使用常规 gcc 编译此代码的一个版本,使用 afl-clang 编译另一个版本。然后将 gcc 版本放在输入文件夹中,我这样调用模糊器:

afl-fuzz -i input/ -o output/ -m 2G ./a.out @@

但它不起作用。

[*] Attempting dry run with 'id:000000,orig:a.out'...
[*] Spinning up the fork server...

[-] Whoops, the target binary crashed suddenly, before receiving any input
from the fuzzer! There are several probable explanations:

- The current memory limit (2.00 GB) is too restrictive, causing the
target to hit an OOM condition in the dynamic linker. Try bumping up
the limit with the -m setting in the command line. A simple way confirm
this diagnosis would be:

( ulimit -Sv $[2047 << 10]; /path/to/fuzzed_app )

Tip: you can use http://jwilk.net/software/recidivm to quickly
estimate the required amount of virtual memory for the binary.

- The binary is just buggy and explodes entirely on its own. If so, you
need to fix the underlying problem or find a better replacement.

- Less likely, there is a horrible bug in the fuzzer. If other options
fail, poke <lcamtuf@coredump.cx> for troubleshooting tips.

[-] PROGRAM ABORT : Fork server crashed with signal 6
Location : init_forkserver(), afl-fuzz.c:2056

我做错了什么?

最佳答案

第一个问题是,当程序采用命令行参数时,您使用“@@”命令将输入​​作为文件传递给 afl-fuzz。 afl 接受来自标准输入或文件的输入。 http://lcamtuf.coredump.cx/afl/README.txt

导致启动时崩溃的第二个问题是 afl 给测试用例文件名的自动名称:

[*] Attempting dry run with 'id:000000,orig:a.out'...

这足以溢出您的缓冲区并导致段错误。

关于c - American Fuzzy Lop 以一个简单的例子失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35962013/

33 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com