Did anybody solve the questions 3
For these next two questions, download the attached welcome.c.zip and implement a libFuzzer harness for the program. What vulnerability does ASan identify in the welcome.c code?
and 4
Copy the full libFuzzer harness output (the printf output from the program in otherwords) that crashed the program, for example “Hello, User!, Your room …”
?
Edited: done. Was overthinking things…
I found this task tricky at first too.
Just a tiny hint: Don’t forget to ensure everything is in the expected format.
Hello. Stuck in the Glee with KLEE section. on the second question. Create a KLEE fuzzer for the C program attached to this question. KLEE will find 2 vulnerabilities, answer using the name of the vulnerability that is not “out of bound pointer”. My fuzzer gives only one error and it doesn’t work. Did everyone have an easy time with this question?
Easy I haven’t seen here 
You need to call “klee_make_symbolic” on “ptr”, then compile it with clang. Running klee will give you two "KLEE: ERROR"s.
Thanks for the quick response. But I don’t really understand what “klee_make_symbolic” has to do with it, after all, it’s for the first question to which I already answered. For the second question, you need to download klee_fuzz.zip and carry out the manipulations you mentioned with it. I did this but got only one error and they say there should be two.
It seems like it’s starting to get a little bit…do I need to add this function to klee_fuzz.zip?
I did it. very grateful
