Fuzzer Crash Root Cause Analysis With ASAN (AddressSanitizer)

2021-07-02

[public] 12.1K views, 1.51K likes, 12.0 dislikes audio only

Now that we found a crash and got a minimal testcase last episode, we can now try to find the true location of the overflow. ASan is an invaluable tool for that.

Fuzzing Project: https://fuzzing-project.org/tutorial2.html

Grab the files: https://github.com/LiveOverflow/pwnedit

Full Playlist: https://www.youtube.com/playlist?list=PLhixgUqwRTjy0gMuT4C3bmjeZjuNQyqdx

Episode 06:

00:00 - Intro

00:47 - Create sudo ASan build

01:47 - Investigating weird issue

04:14 - Accidentally solving the problem

05:10 - Improve AddressSanitizer Debug Output

06:49 - Interpreting AddressSanitizer Output

07:23 - Triaging More Unique Crashes

08:25 - Plan For Next Steps

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow

→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/

→ Website: https://liveoverflow.com/

→ Subreddit: https://www.reddit.com/r/LiveOverflow/

→ Facebook: https://www.facebook.com/LiveOverflow/