AFL "(odd, check syntax!) "
I am trying to fuzz pngquant using AFL and noticed that I am seeing the odd, check syntax! warning. A previous answer says that AFL is probably not reading the input file I specified. I am able to invoke pngquant by providing the png file located in the same input sample directory I used while fuzzing with AFL.
The AFL command I executed is:
afl-fuzz -i ./in-filtered -o ./out -x ./dictionary/png.dict -- pngquant @@
The AFL documentation mentions that the odd, check syntax! warning may pop up when AFL is not able to find new paths.
Additionally, I notice that the warning pops up as soon as AFL begins using the havoc fuzzing strategy, the images below show that the cycle counts start incrementing as soon as the fuzzer begins using havoc.
This is because of incorrect usage of pngquant.
When using pngquant, it produces an output file with your results, when you do it twice you will encounter an error:
➜ pngquant git:(master) ✗ ./pngquant ./test/img/metadata.png
➜ pngquant git:(master) ✗ ./pngquant ./test/img/metadata.png
error: './test/img/metadata-fs8.png' exists; not overwriting
AFL has no chance to explore the target, since it gets blocked every time.
After a quick look, the easiest fix is like this:
afl-fuzz -i ./in -o ./out -- ./pngquant -f -- @@
This forces pngquant to overwrite the resultfile and therefore enables afl-fuzz. However, be aware that this produces a lot of IO. So try to circumvent this using /dev/null or similar tricks.
Happy fuzzing!
- How portable is code with #pragma optimize?
- Make warn_unused_result applied to all function with GCC
- Multiple threads and CPU cache
- Linking error vs. compilation error
- how to compile multiple instances of a source file linking to it different files.o
- Background compile in VS2010 and C/C++
- What Turing complete macro languages are available for C/C++
- How to use Cython to compile Python 3 into C
- Are forward declarations needed when the typedef declaration is done?
- How to assign real and imaginary parts of complex variables in C
- Strict aliasing between Complex numbers and real numbers in C
- How to CORRECTLY install gsl library in Linux?
- Using = operator on atomic variable?
- Unknown conversion types in this program I'm meant to compile
- Iterator in C language
- Treating __func__ as a string literal instead of a predefined identifier
- c - strcpy with struct string returning error
- Segmentation fault when executing a Python script in a C program?
- Questions about C Function Prototypes and Compilation
- What is the purpose of "-Wa,option" in GCC?
- Do we have c99 subflags
- netcat gcc compile option so that IDA pro can show function name
- What is the correct way to free output buffer after call to openssl::i2d_X509?
- How can I link C++ files to a C program?
- Why doesn't this program in C compile? Error: undefined reference to `i2c_smbus_read_byte_data'
- integer promotion isn't taken into account
- Why do I get a SEGFAULT when I try to sort an array of integers using K & R code examples?
- Are C preprocessor statements a part of the C language?
- FFMPEG Api conversion from YUV420P to RGB produces strange output
- Why is the tree constructed this way incorrect?