litefuzz
litefuzz copied to clipboard
sec-tools
fuzz file is not used as stdin for local run
Looks like fuzz file is not used as stdin for local run.
Test command:
./litefuzz.py -l -c "test/linux/b" -i input/test -o output/test -n 5 --debug
Test log:
I'm running on linux with python 3.10.12
mode is 1
[INFO] run dir: /tmp/litefuzz/8207/
[INFO] tmp dir: /tmp/litefuzz
No malloc debuggers enabled
--========================--
--======| litefuzz |======--
--========================--
entering fuzz.main()
entering checkForExe() with name=gdb
len(cmdline) = 1
entering checkForExe() with name=test/linux/b
cmdline: ['test/linux/b']
config.target = b
[STATS]
pid: 1213546
run id: 8207
cmdline: test/linux/b
crash dir: output/test
input dir: input/test
inputs: 1
iterations: 5
mutator: random(mutators)
-------------------------------- start iteration 1 --------------------------------
input: test.txt
entering readBytes() with path=/home/wrsadmin/Workspace/projects/litefuzz/input/test/test.txt
entering setupNewIteration()
ext=txt
current arg: test/linux/b
writing data to fuzz file @ /tmp/litefuzz/8207/fuzz_kjrhthkc.txt
[MUTATOR] carve
len(data): 3
mutant=3
i=1, o=0
entering writeBytes() with path=/tmp/litefuzz/8207/fuzz_kjrhthkc.txt
current_input: /home/wrsadmin/Workspace/projects/litefuzz/input/test/test.txt
cmdline: ['test/linux/b']
killing any running processes named b before running a new one
entering killProcessByName() with name=b
[INFO] unix.run() @ starting target process: ['test/linux/b']
unix.run() ['test/linux/b'] started @ pid=1213565
entering checkForCrash()
@ 1/5 (0 crashes, 0 duplicates, ~0:00:00 remaining)
copying /tmp/litefuzz/8207/fuzz_kjrhthkc.out to /tmp/litefuzz/out
entering killProcess() with pid=1213565
[INFO] failed to terminate pid=1213565: [Errno 3] No such process
-------------------------------- end iteration 1 --------------------------------
-------------------------------- start iteration 2 --------------------------------
input: test.txt
entering readBytes() with path=/home/wrsadmin/Workspace/projects/litefuzz/input/test/test.txt
entering setupNewIteration()
ext=txt
current arg: test/linux/b
fuzz_file_prev: /tmp/litefuzz/8207/fuzz_kjrhthkc.txt
writing data to fuzz file @ /tmp/litefuzz/8207/fuzz_ngyydcgy.txt
[MUTATOR] remove
len(data): 3
i=1 @ x=2
entering writeBytes() with path=/tmp/litefuzz/8207/fuzz_ngyydcgy.txt
current_input: /home/wrsadmin/Workspace/projects/litefuzz/input/test/test.txt
cmdline: ['test/linux/b']
killing any running processes named b before running a new one
entering killProcessByName() with name=b
[INFO] unix.run() @ starting target process: ['test/linux/b']
unix.run() ['test/linux/b'] started @ pid=1213567
entering checkForCrash()
@ 2/5 (0 crashes, 0 duplicates, ~0:00:00 remaining)
copying /tmp/litefuzz/8207/fuzz_ngyydcgy.out to /tmp/litefuzz/out
entering killProcess() with pid=1213567
[INFO] failed to terminate pid=1213567: [Errno 3] No such process
-------------------------------- end iteration 2 --------------------------------
The debug log shows current_input (which is used as stdin in run.py) is always the input file instead of the fuzz file for each iteration.
Looks like we should either set config.current_input = settings.FUZZ_FILE in fuzz.py, or use settings.FUZZ_FILE as stdin in run.py.
