KeyError pop from empty set on favoredPaths

[tickTackHack]

On some runs against my binary, I am getting a KeyError when the program tries to pop from an empty favoredPaths set. A try except block should probably be added to exit gracefully.

pin $ ./pinCTF.py -p ./pin -l ./obj-intel64 -i -sl 21 -f /home/user/Get_The_Password.bin -r abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012345679_-@+ -sk
-t -tc 20
[~] Status:
threading : True
reverseRange : False
skipFavoredPaths : True
[+] iter 0 using 7 for 7AAAAAAAAAAAAAAAAAAAA
[+] iter 1 using F for 7FAAAAAAAAAAAAAAAAAAA
[+] iter 2 using X for 7FXAAAAAAAAAAAAAAAAAA
[..snip..]
[+] iter 16 using D for 7FXo9nATLTB0E6IsDAAAA
[-] Single unique instruction count
[~] Switching to other favored paths
Removing 7FXo9nATLTB0E6IsDAAAA
[+] Ignoring path 7FXo9nATLTB0E6IsDAAAA
Traceback (most recent call last):
  File "./pinCTF.py", line 470, in <module>
    main()
  File "./pinCTF.py", line 104, in main
    pattern = pinIter(pinLocation,libraryLocation,args.file,seed,variable_range,arg=False,start=start,threading=threading,threadCount=int(args.threadCount),reverseRange=args.reversed,skip=args.skip)
  File "./pinCTF.py", line 413, in pinIter
    return favoredPaths.pop()
KeyError: 'pop from an empty set'

[ChrisTheCoolHut]

Hi tickTackHack, I usually see this error when a binary is not vulnerable to instruction counting.

This error occurs when a previous set of iterations had no significant change in instruction counts.

Is PinCTF just missing the last couple letters of the flag?

[tickTackHack]

The letters generated seem to be a bit random on each run. So, like you said, I think this binary isn't vulnerable to instruction counting. Thanks.