fdu-sec
commented
1 month ago I think this occurs because the second parameter of fseek() is not tainted, as it is not derived from the input file.
Open Toruforx opened 1 month ago
fdu-sec
commented
1 month ago I think this occurs because the second parameter of fseek() is not tainted, as it is not derived from the input file.
Toruforx
commented
1 month ago I'm sorry I missed a line when I uploaded the code, here's the full code:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "../dfsan_rt/dfsan_interface.h"
void posix_test()
{
FILE *fd;
fd = fopen("proto.isi", "rb");
fseek(fd, 0, SEEK_END);
int fsize = ftell(fd);
fseek(fd, 0, SEEK_SET);
printf("file size %d\n", fsize);
unsigned char buffer[128];
fread(buffer, sizeof(char), 2, fd);
int offset = (int)buffer[0];
int len = (int)buffer[1];
printf("\n offset is %d, len is %d\n", offset, len);
fseek(fd, offset, SEEK_SET);
fread(buffer, sizeof(char), len, fd);
for(int i=0; i < len; i++)
{
printf("%x ", buffer[i]);
}
printf("\n");
fclose(fd);
}
int main()
{
posix_test();
return 0;
}I think there is an issue with NestFuzz's modeling of the fseek() function. We will work on addressing this problem. Thank you!
Hello, I wrote a test program and executed a function that contains an fseek operation. The 0-1 bytes of the input file should have influenced subsequent buffer array values through the offset (fseek) operation. However, the resulting track file does not contain any items of type offset. What could be causing this issue, and how can I resolve it?
Here's the code for the test program:
Here's the track file:
proto.txt