Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No crash found in Corpus Minimization mode #410

Open
wehann opened this issue Jul 25, 2021 · 0 comments
Open

No crash found in Corpus Minimization mode #410

wehann opened this issue Jul 25, 2021 · 0 comments

Comments

@wehann
Copy link

wehann commented Jul 25, 2021

Hi team,

I'm using honggfuzz's Corpus Minimization mode to reduce the size of my test cases set on Ubuntu 18.04. It worked well, and does prevent me from analyzing every test case. But for some projects, for example potrace-1.3(http://potrace.sourceforge.net/), the number of corpus minimization's result is:

------------------------[ 0 days 00 hrs 00 mins 06 secs ]----------------------
Iterations : 5,075 [5.07k]
Mode [3/3] : Corpus Minimization
Target : /home/user/potrace-1.3/src/potrace ___FILE___
Threads : 1, CPUs: 2, CPU%: 82% [41%/CPU]
Speed : 823/sec [avg: 845]
Crashes : 0 [unique: 0, blacklist: 0, verified: 0]
Timeouts : 0 [1 sec]
Corpus Size : 0, max: 60,644 bytes, init: 565 files
Cov Update : 0 days 00 hrs 00 mins 06 secs ago
Coverage : edge: 0/0 [0%] pc: 0 cmp: 0
---------------------------------- [ LOGS ] ------------------/ honggfuzz 2.3 /-

Entering phase 1/3: Dry Run
Launched new fuzzing thread, no. #0
Entering phase 2/3: Switching to the Feedback Driven Mode
Entering phase 3/3: Corpus Minimization
Minimized files were copied to '.'
Terminating thread no. #0, left: 0
Summary iterations:5075 time:6 speed:845 crashes_count:0 timeout_count:0 new_units_added:0 slowest_unit_ms:18 guard_nb:0 branch_coverage_percent:0 peak_rss_mb:4

The instruction I used is:

honggfuzz -i ../honggfuzz_inputs/ --output . -M -- /home/user/potrace-1.3/src/potrace ___FILE___

I've used Corpus Minimization mode for a lot of other projects, so I guess that there's no problem with my environment and configuration. And I've run the program potrace directly with several test cases in my input folder (instruction: /home/user/potrace-1.3/src/potrace ___FILE___), and got the output of:

potrace: warning: ../honggfuzz_inputs/id:000000,sig:11,src:000000,op:havoc,rep:16: premature end of file
Segmentation fault (core dumped)

That means my inputs are able to crash the program.

However, when I used honggfuzz to minimize my corpus, I got the result that no input caused crash. I'm not sure which step I took wrong, and I'd appreciate it you could help me with the problem. I'll attach my test cases below, which are generated by AFL.

Thank you!
potrace_inputs.zip
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wehann