Comment #7 on issue 40330 by da...@
adalogics.com: binutils:fuzz_as: Stack-use-after-return in as_bad_internal
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40330#c7Thanks for the info!
The reason by and large is that OSS-Fuzz does not support fork-based fuzzing. It would be ideal if we could simply write our targets to do a fork of the process at the beginning of each fuzz iteration, as a way of not carrying over the global state. If we could do that, then a lot of the binutils applications would be much easier to fuzz.
I am unaware of any particularly reason for why this is the case, and I assume it is because libFuzzer does not support this type of fuzzing out of the box. However, there was work this year at a conference presenting a proof-of-concept implementation for the idea:
https://www.ndss-symposium.org/wp-content/uploads/bar2021_23013_paper.pdf and I may try to suggest supporting this in OSS-Fuzz.
--
You received this message because:
1. You were specifically CC'd on the issue
You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settingsReply to this email to add a comment.