1、heap over flow
代码
#include <stdio.h>
int LLVMFuzzerTestOneInput(char *data, int size)
{
printf("%sn", data);
return 0;
}
编译
clang-5.0 -o printf printf.c -g -fsanitize-coverage=trace-pc-guard -fsanitize=address ../libfuzz/libfuzzer-workshop/libFuzzer/Fuzzer/libFuzzer.a -lstdc++
2、memory leak
代码
#include <stdio.h>
int LLVMFuzzerTestOneInput(char *data, int size)
{
char *p;
p = (char *)malloc(10);
return 0;
}
编译
clang-5.0 -o malloc malloc.c -g -fsanitize-coverage=trace-pc-guard -fsanitize=address ../libfuzz/libfuzzer-workshop/libFuzzer/Fuzzer/libFuzzer.a -lstdc++
近期评论