Closed hos3in-sh closed 4 years ago
I haven't tried to understand your code, but I anticipate that the issue is that without instrumentation the crash doesn't happen because your program doesn't attempt to access invalid memory. For example, if you try to access ret[100]
element, most likely the program won't crash without the instrumentation, as the underlying memory allocation contains some number of bytes after the first 100 chars allocated for the ret
array.
I'd suggest compiling your program with clang -g -fsanitize=fuzzer
and reproducing the issue again. AddressSanitizer should give you a readable and actionable report. Alternatively, try reproducing the crash under the debugger and inspecting program memory layout.
hi i found an issue in AFL. i compiled a simple c++ code with afl-g++ and found some crashes. the crash file make Segmentation fault in compiled code (afl-g++) but there is no Segmentation fault in normal compiled code (gcc).
code :
include
include
const char uridecode(const char s) { static char ret[100]; for(auto p=ret;s;++s) { if (s=='%') { auto const a = ++s; auto const b = ++s; p++ = (a<='9' ? a-'0' : a-'a') 16 + (b<='9' ? b-'0' : b-'a'); } else if (s=='+') { p++ = ' '; } else { p++ = *s; } } return ret; } int main() { auto const uri = std::string( std::istreambuf_iterator(std::cin),
std::istreambuf_iterator()
);
std::cout << uridecode(uri.c_str());
}