INSU YUN
INSU YUN
Hi, all. If we use DieHarder for allocating a large memory, it will hang due to deadlock. Here is poc. ```c #include #include int main() { size_t xlsz = 1LL
I used same code of [this issue](https://github.com/angr/angr/issues/466) ```c #include #include float fn(float a){ if(a == 0.1){ return 0.1; }else{ return 0.0; } } int main(int argc, char* argv[]){ fn(4.2); return...
QSYM can solve multi-byte comparisons such as strcmp or memcmp gradually. But unfortunately, these functions are usually. not instrumented by AFL. Even though they are instrumented, AFL will consider intermediate...
https://github.com/jakkdu/poc/blob/master/000011-audiofile-heapovfl-FilePOSIX_read ``` ./sfconvert $FILE out.mp3 format aiff ================================================================= ==9146==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000ebf1 at pc 0x7f0d4c7d4e55 bp 0x7ffffdd041a0 sp 0x7ffffdd03948 WRITE of size 156 at 0x60200000ebf1 thread T0 #0...
https://github.com/jakkdu/poc/blob/master/000010-audiofile-leak-AUpvnew ./sfconvert $FILE out.mp3 format aiff Audio File Library: invalid chunk length -9008290176433921 for chunk type [error 62] Audio File Library: invalid chunk length -1095221091282 for chunk type [error 62]...
https://github.com/jakkdu/poc/blob/master/000008-audiofile-heapovfl-ulaw2linear_buf ``` ./sfconvert $FILE out.mp3 format aiff ================================================================= ==46598==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000ec31 at pc 0x00000040fe03 bp 0x7ffdd71ea8d0 sp 0x7ffdd71ea8c0 READ of size 1 at 0x60200000ec31 thread T0 #0...
Hi, all. I would like to introduce my recent work, ArcHeap: https://arxiv.org/pdf/1903.00503.pdf and also found techniques by this one. I already reported unsorted_bin_into_stack, and [this repo](https://github.com/sslab-gatech/ArcHeap/tree/master/techniques) contains other techniques (all...
Hi, all. I want to test the driller with a program that reads a file, like djpeg. First, I want to test a very simple example, ```c #include #include #include...
Hi, all. For testing, I created a simple Dockerfile to build vuzzer. If you have interested in, please include this in your repo. Thanks. Dockerfile ``` FROM i386/ubuntu:trusty ENTRYPOINT ["linux32",...
Hi, I used `./launch-s2e.sh debug`, and run inside gdb, but it gives me ``` s2e-block: dirty sectors on close:0 s2e-block: dirty after restore: 640 (ro=0) s2e-block: wasted sectors: 1792 KVM:...