search

richo / afl-ruby

A minimal ruby gem to allow fuzzing native ruby code with afl.
Other
37 stars 5 forks source link

Getting error: Target binary is not instrumented #1

Open tinaq opened 5 years ago

tinaq commented 5 years ago

Hello, I am following the steps to set up afl-ruby but when I run the example I get

Looks like the target binary is not instrumented! The fuzzer depends on compile-time instrumentation to isolate interesting test cases while mutating the input data. For more information, and for tips on how to instrument binaries, please see /usr/local/share/doc/afl/README.

When source code is not available, you may be able to leverage QEMU
mode support. Consult the README for tips on how to enable this.
(It is also possible to use afl-fuzz as a traditional, "dumb" fuzzer.
For that, you can use the -n option - but expect much worse results.)

[] Attempting dry run with 'id:000000,orig:1'... [] Spinning up the fork server...

[-] Hmm, looks like the target binary terminated before we could complete a handshake with the injected code. There are two probable explanations:

- The current memory limit (50.0 MB) is too restrictive, causing an OOM
  fault in the dynamic linker. This can be fixed with the -m option. A
  simple way to confirm the diagnosis may be:

  ( ulimit -Sv $[49 << 10]; /path/to/fuzzed_app )

  Tip: you can use http://jwilk.net/software/recidivm to quickly
  estimate the required amount of virtual memory for the binary.

- Less likely, there is a horrible bug in the fuzzer. If other options
  fail, poke <lcamtuf@coredump.cx> for troubleshooting tips.

[-] PROGRAM ABORT : Fork server handshake failed Location : init_forkserver(), afl-fuzz.c:2253`

I did try to apply the patch manually though, which was commenting out the FATAL line. I also re-run make in lib/afl after applying the patch

floyd-fuh commented 5 years ago

did you try what the error message says? For example use the argument "-m 2000" to afl-fuzz?

You could also try to run afl fuzz with AFL_SKIP_BIN_CHECK=1 afl-fuzz -m 2000 ... which will instruct AFL to ignore the fact that the binary is not instrumented.

oneyue610 commented 3 years ago

I try execute AFL_SKIP_BIN_CHECK=1 afl-fuzz -m 2000 -i incjpeg -o outcjpeg /usr/local/bin/cjpeg @@. but it reports an error as follows: [-] PROGRAM ABORT : Fork server handshake failed Location : init_forkserver(), afl-fuzz.c:2253