Right now, the mutate function in the fuzzer takes a HANDLE that corresponds to the buffer being mutated. It then uses that HANDLE in the ReadFile case to determine the abstract resource (filename, network resource, registry key) behind the buffer and sends a string for that resource to the server, to be recorded in the FKT.
Since calls like MapViewOfFile don't have a direct handle, we should really be detecting this resource string earlier and passing it into mutate directly. This will make analyzing the FKTs slightly easier.
Right now, the
mutatefunction in the fuzzer takes aHANDLEthat corresponds to the buffer being mutated. It then uses thatHANDLEin theReadFilecase to determine the abstract resource (filename, network resource, registry key) behind the buffer and sends a string for that resource to the server, to be recorded in the FKT.Since calls like
MapViewOfFiledon't have a direct handle, we should really be detecting this resource string earlier and passing it intomutatedirectly. This will make analyzing the FKTs slightly easier.