search

stephenfewer / grinder

Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes.
BSD 3-Clause "New" or "Revised" License
415 stars 131 forks source link

grinder.rb not working - Fatal error 'undefined method `<' for nil:NilClass', quitting. #32

Closed flycrane closed 10 years ago

flycrane commented 10 years ago

c:\grinder\node>grinder.rb --browser=IE --fuzzer=fuzzer\IE\nduja11.html

                   ______     _           __
                  / ____/____(_)___  ____/ /__  _____
                 / / __/ ___/ / __ \/ __  / _ \/ ___/
                / /_/ / /  / / / / / /_/ /  __/ /
                \____/_/  /_/_/ /_/\__,_/\___/_/

    By Stephen Fewer of Harmony Security (www.harmonysecurity.com)
                                         GRINDER - Version 0.6-Dev

[+G+] Starting at 2014-03-21 02:55:21 [+G+] Using the config file 'config'... [+G+] Bringing up Grinder node 'G1' with ruby 1.9.3 (32-bit)... [+G+] Started the Grinder continue process 4020 [+S+] Starting at 2014-03-21 02:55:21 [+S+] Testcase server running on 127.0.0.1:8080 [+G+] Started the Grinder server process 3620 [+G+] Started the Grinder debugger process 692 [+D+] Starting at 2014-03-21 02:55:24 [+D+] Using the symbol path 'SRV_C:\Symbols_http://msdl.microsoft.com/download/ symbols'. [+D+] Running 'C:\Program Files\Internet Explorer\iexplore.exe' [+D+] Attached debugger to new 32-bit process 4064. [+D+] Attached debugger to new 32-bit process 4064. [-D-] Fatal error 'undefined method <' for nil:NilClass', quitting. [+D+] Finished at 2014-03-21 02:55:26 [+G+] Started the Grinder debugger process 3836 [+D+] Starting at 2014-03-21 02:55:27 [+D+] Using the symbol path 'SRV*C:\Symbols\*http://msdl.microsoft.com/download/ symbols'. [+D+] Running 'C:\Program Files\Internet Explorer\iexplore.exe' [+D+] Attached debugger to new 32-bit process 3000. [+D+] Attached debugger to new 32-bit process 3000. [-D-] Fatal error 'undefined method<' for nil:NilClass', quitting. [+D+] Finished at 2014-03-21 02:55:31 [+G+] Started the Grinder debugger process 3540

Windows 8.1 32 bit + IE 11, and I read the heaphook.rb code and found that "grinder_heaphook.dll" doesn't exist. please take a look. thanks

acrognale commented 10 years ago 
[-D-] Fatal error 'undefined method `<' for nil:NilClass', quitting.
C:/grinder/node/lib/metasm/metasm/os/main.rb:89:in `[]'
C:/grinder/node/core/debug/debugger.rb:52:in `block in initialize'
C:/grinder/node/lib/metasm/metasm/debug.rb:850:in `[]'
C:/grinder/node/lib/metasm/metasm/debug.rb:850:in `evt_loadlibrary'
C:/grinder/node/lib/metasm/metasm/os/windows.rb:1991:in `update_dbgev'
C:/grinder/node/lib/metasm/metasm/os/windows.rb:2052:in `do_waitfordebug'
C:/grinder/node/lib/metasm/metasm/os/windows.rb:2046:in `do_wait_target'
C:/grinder/node/lib/metasm/metasm/debug.rb:913:in `wait_target'
C:/grinder/node/lib/metasm/metasm/debug.rb:935:in `continue_wait'
C:/grinder/node/lib/metasm/metasm/debug.rb:1010:in `run_forever' 
C:/grinder/node/core/debug/debugger.rb:649:in `monitor'
C:/grinder/node/core/debug/debugger.rb:766:in `main'
./browser/firefox.rb:256:in `<main>'
[+D+] Finished at 2014-03-23 12:48:21

Version of ruby used is 2.0.0p451 (x64).

Here is a backtrace of the issue. Can also confirm that it works on Windows 8.1 x64 using Firefox.

UPDATE: This does not occur when run under ruby 1.9.3. Appears to be an issue with 2.0.0+.

stephenfewer commented 10 years ago

@flycrane The heaphook code is not public yet, but it is disabled by default to shouldn't be causing a problem.

@acrognale Yes I have seen this crash too on Ruby 2.0.0 but not on Ruby 1.9.3,

I will leave this ticket open to track the issue further, thanks for the report!

Aodrulez commented 10 years ago

Am facing the same issue. My VM is running Win 8.1 32-bit. I've tried Ruby 2.0.0 as well as all 1.9.3 revisions I could get my hands on from here: http://rubyinstaller.org/downloads/archives. I must admit though that yesterday, I got it working on Win 8 64-bit using the 1.9.3 version of ruby.

Error Log: [+D+] Running 'C:\Program Files\Internet Explorer\iexplore.exe' [+D+] Attached debugger to new 32-bit process 3416. [-D-] Fatal error 'undefined method <' for nil:NilClass', quitting. c:/grinder/node/lib/metasm/metasm/os/main.rb:89:in[]' c:/grinder/node/core/debug/debugger.rb:52:in block in initialize' c:/grinder/node/lib/metasm/metasm/debug.rb:850:in[]' c:/grinder/node/lib/metasm/metasm/debug.rb:850:in evt_loadlibrary' c:/grinder/node/lib/metasm/metasm/os/windows.rb:1991:inupdate_dbgev' c:/grinder/node/lib/metasm/metasm/os/windows.rb:2052:in do_waitfordebug' c:/grinder/node/lib/metasm/metasm/os/windows.rb:2046:indo_wait_target' c:/grinder/node/lib/metasm/metasm/debug.rb:913:in wait_target' c:/grinder/node/lib/metasm/metasm/debug.rb:935:incontinue_wait' c:/grinder/node/lib/metasm/metasm/debug.rb:1010:in run_forever' c:/grinder/node/core/debug/debugger.rb:650:inmonitor' c:/grinder/node/core/debug/debugger.rb:767:in main' ./browser/internetexplorer.rb:308:in

' [+D+] Finished at 2014-07-11 20:02:54 [+G+] Started the Grinder debugger process 3424

Aodrulez commented 10 years ago

Alrighty, found the issue & got it fixed :)

Changing the code on line 50~52 of node/core/debug/debugger.db from "return if info[:st].lpimagename == 0" to "return if not info[:st].lpimagename"

solved the issue. Hope this helps!

stephenfewer commented 10 years ago

Thanks @Aodrulez, great catch! :)