Mixed mode assemblies about sharpfuzz HOT 7 CLOSED

Here you go: Fuzzing .NET Core.

from sharpfuzz.

I see that the code special cases S.P.Corelib further down, and it's mentioned in the help output also. So perhaps I'm missing something.

dan@danmose3:~/fuzz/1/bin/Debug/netcoreapp3.0/linux-x64/publish$ sharpfuzz System.Private.CoreLib.dll System.String
Cannot instrument mixed-mode assemblies.

[edit] OK, something strange is happening as I'm getting this error for apparently all the .NET Core implementation assemblies.

from sharpfuzz.

I tried rebuilding sharpfuzz with that check removed, and with the write changed:

-                       src.Write(dst);
+                       if (src.IsILOnly)
+                       {
+                           src.Write(dst);
+                       }
+                       else
+                       {
+                           src.NativeWrite(dst);
+                       }

as suggested in the dnlib README

However that fails differently:

dan@danmose3:~/fuzz/1/bin/Debug/netcoreapp3.0/linux-x64$ dotnet exec ~/git/sharpfuzz/src/SharpFuzz.CommandLine/bin/Debug/netcoreapp2.1/linux-x64/publish/SharpFuzz.CommandLine.dll System.Runtime.dll
Failed to instrument the specified file, most likely because it's not a valid .NET assembly.
dnlib.DotNet.Writer.ModuleWriterException: Could not create header
   at dnlib.DotNet.Writer.NativeModuleWriter.CreateHeaderSection(IChunk& extraHeaderData)
   at dnlib.DotNet.Writer.NativeModuleWriter.WriteFile()
   at dnlib.DotNet.Writer.NativeModuleWriter.WriteImpl()
   at dnlib.DotNet.Writer.ModuleWriterBase.Write(Stream dest)
   at SharpFuzz.Fuzzer.Instrument(ModuleDefMD src, Stream dst, Func`2 matcher, TypeDef traceType) in /home/dan/git/sharpfuzz/src/SharpFuzz/Fuzzer.cs:line 117
   at SharpFuzz.Fuzzer.Instrument(String source, Func`2 matcher) in /home/dan/git/sharpfuzz/src/SharpFuzz/Fuzzer.cs:line 63
   at SharpFuzz.CommandLine.Program.Main(String[] args) in /home/dan/git/sharpfuzz/src/SharpFuzz.CommandLine/Program.cs:line 51

from sharpfuzz.

All .NET Core implementation assemblies are mixed mode, which is why you are getting that error. Mono.Cecil couldn't handle them, which is why I switched to dnlib. But dnlib gave me the exact same error you just encountered. That's why I developed a different approach for fuzzing .NET Core assemblies:

1. For fuzzing classes outside of System.Private.CoreLib, I'm using the MyGet feed, where assemblies are IL only. You can find my setup here.

2. For fuzzing classes in the System.Private.CoreLib, I'm using a custom CoreCLR build, where I skip generating the native images by using the skipcrossgen flag. Again, you can find my complete setup here. One important thing here is that you have to specify classes or namespaces that you want to instrument (first reason is that not everything in the CoreLib can be instrumented without breaking your program, and the second one is that instrumenting too many classes would give you a lot of noise).

If you have any additional questions, I'll be glad to assist you (I also plan to write more detailed instructions in the README file).

from sharpfuzz.

By the way, the CoreFX fuzzing project I referenced in the previous comment is currently working only with .NET Core 2.2. I will try to update it in the following days to work with .NET Core 3.0, but you can do it yourself in the meantime by changing the target framework to netcoreapp3.0 and also updating the Microsoft.Private.CoreFx.NETCoreApp version. You will also have to use the daily build of .NET Core 3.0 because of dotnet/corefx#35555.

from sharpfuzz.

@Metalnem thanks, good to know it wasn't my mistake. Of course - I should eliminate crossgen.

from sharpfuzz.

Thanks!

from sharpfuzz.