Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cmplog should search for unprefixed target in PATH, not PWD #1643

Merged
merged 3 commits into from Feb 12, 2023

Conversation

YSaxon
Copy link
Contributor

@YSaxon YSaxon commented Feb 10, 2023

This fixes a bug in cmplog, where, if afl-fuzz is called with an unprefixed-path target (eg -- targetapp instead of -- /path/to/targetapp), while afl-fuzz itself will correctly look for target in PATH, cmplog instead looks for it in PWD.

If the target does not happen to be in PWD, then it will fail with the confusing error message:

[-] PROGRAM ABORT : Unable to execute target application ('targetapp')
         Location : afl_fsrv_start(), src/afl-forkserver.c:1077

This bug is present in standard instrumented mode and Frida mode, but not QEMU mode.

Inasmuch as it violates the general principle and expectation that unprefixed executables should be executed by PATH rather than PWD, this bug being fixed also constitutes a security vulnerability, which could theoretically be exploited by placing a malicious executable of the same name into the user's working directory.

@vanhauser-thc
Copy link
Member

thanks for the PR, letting the CI check this ... :)

@vanhauser-thc vanhauser-thc merged commit bac8d25 into AFLplusplus:dev Feb 12, 2023
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants