alwin.berger/FRET-LibAFL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
FRET-LibAFL/fuzzers/inprocess/libfuzzer_windows_asan/README.md
Romain Malmain c944a70056
Linux kernel fuzzing example (#2496) 
* linux kernel (x509_cert) and process fuzzing example

* rework filters

* update to latest qemu

* working for process and kernel fuzzing

* new i2s mutator for binary only fuzzers

* refactoring modules with new filtering interface

* add state as parameter of harness

* hide unused global in usermode

* Script for stub bindings generation

* do not try to check whether it is worth generating the bindings, always
  generate when the env variable is on.

* add taplo to fmt_all.sh

* Moved fuzzers (again) in a target-centric way.

* fix rust 2024 warnings.

* new libafl_qemu harness structure.

* rename qemu_systemmode into qemu_baremetal

* fix qemu baremetal makefile

* fix formatter

---------

Co-authored-by: Toka <tokazerkje@outlook.com>
2024-09-26 14:29:33 +02:00

50 lines
1.8 KiB
Markdown
Raw Permalink Blame History

# LibFuzzer Example for Windows with ASAN
This folder contains an example fuzzer for Windows which also uses ASAN.
We are initializing LibAFL to be compatible with ASAN.
## Setup
We are currently using Clang on Windows. Make sure to install Clang through the Visual Studio installer.
We recommend using Powershell and enabling the Visual Studio environment using this script:
```powershell
Push-Location "C:\Program Files\Microsoft Visual Studio\2022\Professional\VC\Auxiliary\Build\"
& "C:\\Windows\System32\cmd.exe" /c "vcvars64.bat & set" |
ForEach-Object {
if ($_ -match "=") {
$v = $_.split("=", 2); set-item -force -path "ENV:\$($v[0])" -value "$($v[1])"
}
}
Pop-Location
Write-Host "`nVisual Studio 2022 Command Prompt variables set." -ForegroundColor Yellow
````
After that clang should be available in the PATH.
## Build
To build the fuzzer and link against the `harness.cpp` in this example run:
```
cargo make fuzzer
```
## Running
```
.\libfuzzer_windows_asan.exe
```
## Note on MSVC
The MSVC compiler (`cl.exe`) will work in the future. Currently, it is blocked because of a [bug](https://developercommunity.visualstudio.com/t/__sanitizer_cov_trace_pc_guard_init-neve/10218995) with coverage.
### Note on ASAN
Using ASAN on Windows with MSVC is not trivial as of 2022. Depending on the harness and fuzzing target, the required compilation flags differ. Most notably, the usage of `/MT` and `/MD` for the CRT is important. All compilation artifacts should use the same config for the CRT (either all `/MT` or all `/MD`). [Rust uses as of 2022](https://rust-lang.github.io/rfcs/1721-crt-static.html) `/MD` as default. So compile everything with `/MD`.
Depending on the linking mode different ASAN libraries get linked. Definitely read [this](https://devblogs.microsoft.com/cppblog/addresssanitizer-asan-for-windows-with-msvc/) blog post by Microsoft.
Reference in New Issue View Git Blame Copy Permalink