search

AFLplusplus / LibAFL

Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
Other
2.02k stars 314 forks source link

Fuzz xpdf-4.04 failed #803

Closed mzs555557 closed 2 years ago

mzs555557 commented 2 years ago

when I use libfuzzer in libafl to fuzz xpdf4.04. there are some issues:( ,I have compiled xpdf ,how can i solve it? the build command is 

./target/release/libafl_cxx ./fuzz_JBIG2.cc ./xpdf-4.04/build/*/*.a -I ./xpdf-4.04/xpdf/ -I xpdf-4.04/goo -I xpdf-4.04/fofi/ -I xpdf-4.04/splash/ -I xpdf-4.04/ -I xpdf-4.04/build/ -o fuzzer_pdfload -lm -ldl -lpthread -lstdc++ -lgcc -lutil -lrt

the issue report is :

/usr/bin/ld: /usr/bin/ld: DWARF error: invalid or unhandled FORM value: 0x25
/tmp/fuzz_JBIG2-84770a.o: in function `LLVMFuzzerTestOneInput':
fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0xa7): undefined reference to `MemStream::MemStream(char*, unsigned int, unsigned int, Object*)'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0xbe): undefined reference to `GlobalParams::GlobalParams(char const*)'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0xd1): undefined reference to `globalParams'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0xe1): undefined reference to `GlobalParams::setErrQuiet(int)'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0xf7): undefined reference to `GlobalParams::setupBaseFonts(char const*)'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0x10c): undefined reference to `GlobalParams::setEnableFreeType(char*)'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0x125): undefined reference to `GlobalParams::setErrQuiet(int)'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0x139): undefined reference to `PDFDoc::PDFDoc(BaseStream*, GString*, GString*, PDFCore*)'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0x18e): undefined reference to `XRef::fetch(int, int, Object*, int)'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0x20b): undefined reference to `globalParams'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0x223): undefined reference to `Object::free()'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0x239): undefined reference to `PDFDoc::~PDFDoc()'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0x259): undefined reference to `GlobalParams::~GlobalParams()'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0x3b2): undefined reference to `PDFDoc::~PDFDoc()'
/usr/bin/ld: fuzz_JBIG2.cc:(.text.LLVMFuzzerTestOneInput[LLVMFuzzerTestOneInput]+0x3d7): undefined reference to `globalParams'
clang: error: linker command failed with exit code 1 (use -v to see invocation)
tokatoka commented 2 years ago

Can you describe how you built xpdf and what is your harness and how to reproduce? It looks like you built it wrong 🙂, and it does not seem to be our issue

epi052 has already written a fuzzing tutorial on xpdf with libafl, so you can look at that btw

domenukk commented 2 years ago

+1, it looks like you're not actually linking the correct xpdf? For the record, the xpdf example is here https://epi052.gitlab.io/notes-to-self/blog/2021-11-01-fuzzing-101-with-libafl/

mzs555557 commented 2 years ago

ok, thank you so much :)