Comments (4)
Is it possible to give the fuzzing targets a custom corpus (Own corpus data)?
looks like you can do this: https://google.github.io/clusterfuzz/setting-up-fuzzing/libfuzzer-and-afl/#seed-corpus
I'm not sure about your afl error, can you confirm that running your fuzzer locally works as expected?
from clusterfuzz.
looks like you can do this: https://google.github.io/clusterfuzz/setting-up-fuzzing/libfuzzer-and-afl/#seed-corpus
Thanks. Totally overlooked
I'm not sure about your afl error, can you confirm that running your fuzzer locally works as expected?
I executed the file with afl-fuzz locally and it did run the fuzzer.
from clusterfuzz.
So I have tried it with 5 different harness.cc functions, but it didn't work.
Here are my details:
I run the server locally in my WSL (Ubuntu 20.04).
I run the bot locally in my WSL (Ubuntu 20.04).
DATA:
harness.cc:
`
#include <stddef.h>
#include <stdint.h>
int vuln(const uint8_t *data){
if(data[0]=='a'){
if(data[1]=='f'){
char *p=0;
*p=0x12;
}
if(data[1]=='l'){
int x=3;
x=x/0;
}
if(data[1]=='c'){
char d[10];
d[20]=0x34;
}
}
return 0;
}
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
vuln(data);
return 0;
}
`
-> Compile:
clang++ -fsanitize-coverage=trace-pc-guard -fsanitize=address -o demo demo_target.cc ~/AFLplusplus/libAFLDriver.a ~/AFLplusplus/afl-compiler-rt-64.o
OR (tried both)
clang++ -fsanitize=address -fsanitize-coverage=trace-pc-guard demo_target.cc FuzzingEngine.a -o demo
=> Works in the local fuzzer (afl-fuzz -i input -o ouput -m none ./demo):
UPLOAD:
- Put in zip with afl-fuzz and afl-showmap ( + Corpus zip) (tried it with and without corpus seed)
- Upload as described in documentation
ERROR:
2024-03-01 12:38:42,356 - run_bot - ERROR - Afl exited with a non-zero exitcode: 1. Cannot recover.
NoneType: None
2024-03-01 12:38:42,358 - run_bot - ERROR - afl: engine encountered an error (target=pdftotext)
NoneType: None
I don't see why this should throw any errors. Has anyone seen something similar or can reproduce this?
from clusterfuzz.
I started to debug the bot and the execution and found the error.
I was stupid, so my bad.
ERROR:
The Error was that i was running my bot in my WSL (Ubuntu 20.04) and it didn't have Permission to execute the fuzz-target / afl-fuzz / afl-showmap
It didn't have the right permissions for the bot folder so a solution is: (Might be overkill because they have all rights to read and wright and so on)
chmod -R 777 /directory/to/my/bot
from clusterfuzz.
Related Issues (20)
- Allow custom builds in nonprivileged execution HOT 1
- Ensure that impact tasks aren't run on non-chrome projects
- Fix issues with zero size thread pools. HOT 1
- clusterfuzz service crashing on fuzzbots HOT 2
- Investigate queue backlog HOT 8
- Rate limit task retries.
- Get rid of unwanted lines stat
- Fix uploading of custom builds.
- Unable to access clusterfuzz HOT 2
- Fix issue where global variables are causing tests to pass when they should fail HOT 1
- Figure out the future of peach in CF HOT 2
- Remove cap on weight based on fuzz targets HOT 1
- Add a retry for batch failures
- Decide if we want to keep email feature
- Investigate if chromium-tests-syncer works
- Lint src/python and src/scripts more often
- Fix linting errors in src/local/butler/scripts/setup.py HOT 2
- Deployment broken by python package upgrade
- Upgrade to python3.11 HOT 3
- Fix firebase login HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from clusterfuzz.