Comments (2)
SkyLined
commented on May 23, 2024
Hey, sorry for the late reply.
You are correct: knowing that the offset is variable is useful when determining the exploitability but does reduce your ability to bucketize issues using the BugId.
In order to limit the number of bug ids for the same bug, but maintain some ability to detect this variability, I've added the mBugId.uArchitectureIndependentBugIdBits option. I often set it to 32 during fuzzing, so I get the same Bug Ids for crashes with a static offset in the 32-bit and 64-bit versions of an application, but also get a limited number of different BugIds if the offset can vary by multiples of 1 byte (0, 1, 2, 3, 4n, 4n+1, 4n+2, 4n+3)
See modules\mBugId\dxConfig.py for details. You can set this option on the command line using --mBugId.uArchitectureIndependentBugIdBits=32.
If you set it to 8, you get either the id with no offset if it's 0 or +n if its larger than zero.
from bugid.
dms1lva
commented on May 23, 2024
Thanks for the answer! That definitely makes sense then.
from bugid.
Related Issues (20)
- Undefined variable sFastFailCodeDescription. HOT 1
- NameError("name 'u0NumberOfRepeats' is not defined") HOT 2
- Unrecognised instruction disassembly line HOT 10
- mDebugOutput must use `inspect.signature` instread of `inspect.getargspec` HOT 3
- Handle non-internal, non-product modules better HOT 4
- BugId fails with error: "Command output does not start with marker b'=<[{START}]>=': b'*** ERROR: Sy'" HOT 11
- Fatal exceptions.AttributeError Exception HOT 4
- BugId fails with error: "No module for cdb id 'ntdll'" HOT 6
- BugId fails with error: "Numeric expression missing" HOT 1
- Question: Why does a process need to be suspended before bugid can attach to it? HOT 1
- BugId occasionally hangs when a child process is invoked
- stat: path should be string, bytes, os.PathLike or integer, not NoneType HOT 4
- BugId as a JIT Debugger not working HOT 3
- BugId fails with error: Unrecognized !heap output HOT 3
- BugId fails with Assertion: uAddress is not a valid 32-bit pointer!
- BugId fails with error: "NoneType instance has no attribute bAllocated" HOT 1
- BugId generates error when disassembly has more than 4 tsbArguments HOT 1
- Where can I get an invoice for my license? HOT 1
- Request for Response to Commercial License Inquiry HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bugid.