FoRTE-Research/UnTracer-AFL

Illegal pointer to buffer in Dyninst

ChijinZ opened this issue · 2 comments

ChijinZ commented

An illegal pointer error message occurs, when I compile openssl-1.1.0c in Google Fuzzer-test-suite (link). Is it Dyninst bug?

UnTracer-AFL | FoRTE-Research @ Virginia Tech | based on AFL by <lcamtuf@google.com>
[+] You have 80 CPU cores and 2 runnable tasks (utilization: 2%).
[+] Try parallel jobs - see docs/parallel_fuzzing.txt.
[*] Checking CPU core loadout...
[+] Found a free CPU core, binding to #0.
[*] Checking core_pattern...
[*] Checking CPU scaling governor...
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Scanning 'in'...
[+] No auto-generated dictionary tokens to reuse.
[*] Creating hard links for all input files...
[*] Validating target binary...
[*] Setting up oracle binaries...
[*] Setting up tracer binary...
Error: illegal pointer to buffer!
Target of 49a460 from addr 437323 in insn call 63138 + RIP + 5
UnTracerDyninst: /path/to/untracer/dyninst-9.3.2/dyninstAPI/src/Relocation/Transformers/Movement-adhoc.C:402: bool Dyninst::Relocation::adhocMovementTransformer::isGetPC(Dyninst::Relocation::Widget::Ptr, Dyninst::Relocation::adhocMovementTransformer::InsnPtr, Dyninst::Absloc&, Dyninst::Address&): Assertion `0' failed.
Error: illegal pointer to buffer!
Target of 49a460 from addr 437323 in insn call 63138 + RIP + 5
UnTracerDyninst: /path/to/untracer/dyninst-9.3.2/dyninstAPI/src/Relocation/Transformers/Movement-adhoc.C:402: bool Dyninst::Relocation::adhocMovementTransformer::isGetPC(Dyninst::Relocation::Widget::Ptr, Dyninst::Relocation::adhocMovementTransformer::InsnPtr, Dyninst::Absloc&, Dyninst::Address&): Assertion `0' failed.
[*] Setting up basic block array...
stevenagy commented

Yeah that unfortunately looks like a Dyninst bug. I haven't gotten the chance to play around with Dyninst 10 - I'll likely have to update some of the UnTracerDyninst code as they change some API stuff in between releases.

vanhauser-thc commented

The API stuff is not much that changed, it is rather different how to build it. take a look at the afl-dyninst commit to added support for dyninst 10.