Comments (2)
DavidKorczynski
commented on June 5, 2024
Handling of VTable calls is now supported to an extend by Inspector::extractVTableIndirectCall
However, there is a limitation here which is we may not get the exact right class when extracting the target class, but rather a parent class. For example, the callgraph for: https://github.com/ossf/fuzz-introspector/blob/main/examples/cpp-simple-example-1/fuzzer.cpp
looks as follows:
0 LLVMFuzzerTestOneInput
1 operator new(unsigned long)
1 C::C()
2 B::B()
1 B::bar()
whereas the true callgraph is:
0 LLVMFuzzerTestOneInput
1 operator new(unsigned long)
1 C::C()
2 B::B()
1 C::bar()
from fuzz-introspector.
DavidKorczynski
commented on June 5, 2024
This is not a trivial problem to solve at the IR level.
One way of potentially identifying this is backtracking on the LLVM IR to identify the constructor used to create a given object. We should be able to do this by looking at calls to new.
from fuzz-introspector.
Related Issues (20)
- Incorrect return type HOT 2
- java frontend does not allow parallel execution HOT 3
- Incorrect coverage indication in Lua HOT 1
- Create a GitHub badge
- question about local build HOT 3
- Add links to source code on https://introspector.oss-fuzz.com/ HOT 6
- REST-API interface is very inconsistent HOT 9
- Extend project-summary API endpoint to include project wide summary HOT 6
- web_api: Consider Semver
- Incorrect `fuzzer_name`s in some projects
- using fuzz introspector with other fuzzers (AFL-Like) HOT 3
- Add rust support for introspector HOT 4
- Missing timestamps for projects on introspector.oss-fuzz.com HOT 1
- web app: on project profile page add graphs for historical progression of coverage per-fuzzer
- Improve cross-referencing data
- expat: showing 0.0% code coverage even if the static inline function is reached HOT 2
- missing type definitions for ndpi functions
- Showing FI compatibility with a project in the `far-reach-but-low-coverage` API HOT 2
- web: Add further APIs
- Proposed legal & governance improvements for the OpenSSF
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fuzz-introspector.