vitalych
commented
2 years ago Could you please export the project + detailed instructions how to reproduce the problem?
Closed GATT0 closed 2 years ago
vitalych
commented
2 years ago Could you please export the project + detailed instructions how to reproduce the problem?
GATT0
commented
2 years ago To reproduce the problem you can just create a project with the flag --tools=pov and the @@ marker of the compiled file of this script, i compiled it with gcc.
GATT0
commented
2 years ago This is the exported project: project.zip.
vitalych
commented
2 years ago GDB reports that stack smashing has been detected when using the generated POVs. Note that if your binary has any mitigations compiled, the resulting POV may fail to replay. That's one reason that the pov test case is compiled without stack protection.
https://github.com/S2E/s2e/blob/master/testsuite/pov-demo0/Makefile#L30
but I'm not getting these results
Any chance you've got this? *** stack smashing detected ***: terminated
GATT0
commented
2 years ago Yes that's exactly the message I get. So I should compile it with that make file?
I'm writing some very simple scripts to see if S2E can detect the vulnerabilities I purposely left in and generate some PoVs. In particular I'm working on a script that takes files as input, so I'm trying to make S2E generate some inputs that take control of the eip register and a general purpose register. When I run the project, S2E generates 2 inputs coming from 2 different recipes and 3 other input files that just make the process crash. Since I'm more interested in the two files coming from the recipes I tried with gdb to debug the process when the program takes as input one of these two, and I would expect at the end of the process the gp register to be equals to 0xccddeeff and the eip register to be equals to 0x44556677, but I'm not getting these results. I didn't change the recipes, I left the ones that are generated by default when creating a new project. Thank you in advance.