No crash found in Corpus Minimization mode

19 views

Skip to first unread message

wehann

unread,

Aug 4, 2021, 7:56:39 AM8/4/21

to honggfuzz

Hi honggfuzz team,

I'm using honggfuzz's Corpus Minimization mode to reduce the size of my test cases set on Ubuntu 18.04. It worked well, and does prevent me from analyzing every test case. But for some projects, for example potrace-1.3(http://potrace.sourceforge.net/), the number of corpus minimization's result is:

------------------------[ 0 days 00 hrs 00 mins 06 secs ]----------------------
Iterations : 5,075 [5.07k]
Mode [3/3] : Corpus Minimization
Target : /home/user/potrace-1.3/src/potrace ___FILE___
Threads : 1, CPUs: 2, CPU%: 82% [41%/CPU]
Speed : 823/sec [avg: 845]
Crashes : 0 [unique: 0, blacklist: 0, verified: 0]
Timeouts : 0 [1 sec]
Corpus Size : 0, max: 60,644 bytes, init: 565 files
Cov Update : 0 days 00 hrs 00 mins 06 secs ago
Coverage : edge: 0/0 [0%] pc: 0 cmp: 0
---------------------------------- [ LOGS ] ------------------/ honggfuzz 2.3 /-

Entering phase 1/3: Dry Run
Launched new fuzzing thread, no. #0
Entering phase 2/3: Switching to the Feedback Driven Mode
Entering phase 3/3: Corpus Minimization
Minimized files were copied to '.'
Terminating thread no. #0, left: 0
Summary iterations:5075 time:6 speed:845 crashes_count:0 timeout_count:0 new_units_added:0 slowest_unit_ms:18 guard_nb:0 branch_coverage_percent:0 peak_rss_mb:4

The instruction I used is:

honggfuzz -i ../honggfuzz_inputs/ --output . -M -- /home/user/potrace-1.3/src/potrace ___FILE___

I've used Corpus Minimization mode for a lot of other projects, so I guess that there's no problem with my environment and configuration. And I've run the program potrace directly with several test cases in my input folder (instruction: /home/user/potrace-1.3/src/potrace ___FILE___), and got the output of:

potrace: warning: ../honggfuzz_inputs/id:000000,sig:11,src:000000,op:havoc,rep:16: premature end of file
Segmentation fault (core dumped)

That means my inputs are able to crash the program.

However, when I used honggfuzz to minimize my corpus, I got the result that no input caused crash. I'm not sure which step I took wrong, and I'd appreciate it you could help me with the problem. I'll attach my test cases below, which are generated by AFL.

Thank you!

wehann

potrace_inputs.zip

Reply all

Reply to author

Forward

0 new messages