Trail of Bits Blog
Follow
Extending Ruzzy with LibAFL
This post details the process of integrating LibAFL into Ruzzy, a Ruby fuzzer. The author begins by highlighting LibAFL's advantages and the intention to replace libFuzzer. They build LibAFL's libFuzzer library within a Dockerfile, making slight modifications to Ruzzy's build process to accommodate LibAFL's usage via an ENV variable. An issue emerges during linking, specifically ".preinit_array section is not allowed in DSO", which necessitates using LLVM's linker (lld) instead of GNU ld to overcome the error. The author modifies the Dockerfile and extconf.rb to specify the linker. With the build issues addressed, the author then attempts to run the fuzzer. However, a "No maps available; cannot fuzz!" error emerges, indicating a problem with SanitizerCoverage initialization. The author plans to explore and address this problem. Consequently, the author plans to propose a proper fix upstream by preventing the preinit_array section with a cargo feature. Finally, the post concludes with a focus on running the fuzzer and the anticipated next steps of fixing the sanitization issue.
