sharpfuzz icon indicating copy to clipboard operation
sharpfuzz copied to clipboard

Published 20 hours ago verified publisher icon Metalnem

Windows support

Open gfarida opened this issue 2 years ago • 3 comments

Is Sharpfuzz available on windows?

gfarida avatar Jul 05 '22 10:07 gfarida

Yes! Latest SharpFuzz release (2.0.0) supports libFuzzer on Windows (https://github.com/Metalnem/sharpfuzz/pull/24).

SharpFuzz documentation for libFuzzer (https://github.com/Metalnem/sharpfuzz/blob/master/docs/libFuzzer.md) still doesn't have the necessary instructions for using it on Windows, though. I plan to fix that, but I don't know yet when it will happen.

Metalnem avatar Jul 10 '22 13:07 Metalnem

Actually, I think @ranweiler already wrote the documentation :) https://github.com/microsoft/onefuzz/blob/main/src/agent/LibFuzzerDotnetLoader/README.md

Metalnem avatar Jul 10 '22 17:07 Metalnem

Actually, I think @ranweiler already wrote the documentation :) https://github.com/microsoft/onefuzz/blob/main/src/agent/LibFuzzerDotnetLoader/README.md

☺️ Note for end users: these docs are mostly for an auxiliary project that is part of OneFuzz, and mostly describe additional features that require that project.

However, this section is still relevant, and replaces Step 4 in the main docs. The only difference when using SharpFuzz on Windows that you need to compile a different source file to get libfuzzer-dotnet.exe.

ranweiler avatar Jul 10 '22 17:07 ranweiler

Hello, @ranweiler and @Metalnem! I don't understand how the fuzzer knows that the program's status is CRUSH. When does he recieve "2" through the channel? Or how? Because there is no SIGSEGV, SIGABRT, SIGILL in Windows. Thanks for your reply!

gfarida avatar Aug 11 '22 08:08 gfarida

Fuzzer executes the user-provided function inside the try-catch block. If it catches an exception, it reports it as a crash to the fuzzing backend:

https://github.com/Metalnem/sharpfuzz/blob/master/src/SharpFuzz/Fuzzer.cs#L359

Metalnem avatar Aug 13 '22 14:08 Metalnem