
Recently I have been looking at some PHP security testing issues and I needed a fuzzer. I found a PHP fuzzer called PFF available via the Digital Dwarf Society. The original author’s webpage doesn’t seem to be up anymore, but the Digital Dwarf folks had a cached version of the actual code available.
The build instructions that come with the tool are:
The problem with that was that on my OS X laptop (version 10.5.6) I got the following build messages and errors:
“_BIO_f_base64”, referenced from:
_encode_base64 in cc2Np5yM.o
“_BIO_ctrl”, referenced from:
_encode_base64 in cc2Np5yM.o
_encode_base64 in cc2Np5yM.o
“_BIO_new”, referenced from:
_encode_base64 in cc2Np5yM.o
_encode_base64 in cc2Np5yM.o
“_BIO_s_mem”, referenced from:
_encode_base64 in cc2Np5yM.o
“_BIO_write”, referenced from:
_encode_base64 in cc2Np5yM.o
“_BIO_push”, referenced from:
_encode_base64 in cc2Np5yM.o
“_BIO_free_all”, referenced from:
_encode_base64 in cc2Np5yM.o
ld: symbol(s) not found
collect2: ld returned 1 exit status
Part of these issues seemed to stem from OpenSSL include/library issues, so I Googled around a bit and updated my build command to:
That helped … a bit. At that point my error messages had dwindled to:
pff.c:346: warning: assignment makes pointer from integer without a cast
Undefined symbols:
“_strndup”, referenced from:
_genfilename in ccQlatXg.o
ld: symbol(s) not found
collect2: ld returned 1 exit status
Progress! After a bit of searching, I found out that, apparently, Mac OS X doesn’t support the “strndup” function as it is a GNU-specific extension to the standard library (reference is here). Who would have thought?
So, in the spirit of getting this to work, I updated the source code to replace the “strndup” function call with a call to “strdup.” Then I re-ran:
Now the build runs properly. Success! Also, the pff binary runs as it should so I can start fuzzing away on PHP functions.
The diff for the pff.c file is:
< if((name = strdup(filename)) == NULL) {
—
> if((name = strndup(filename,strlen(filename))) == NULL) {
I am about to mail this along to the Digital Dwarf (info@digitaldwarf.de) and SETEC/calcite (calcite@setec.org) folks but I also wanted to post the info publicly as well. Happy PHP fuzzing!
More info on strdup, strndup and associated functions can be found here.
–Dan
dan _at_ denimgroup.com
PS – Photo is of my dog, Cody. He’s a good boy. (c) Dan Cornell 2008.
I know this website provides quality based content and other material, is there any other web site which gives these information in quality?