Explore a principled static rewriting framework for position-independent code (PIC) in this IEEE conference talk. Delve into the challenges of instrumenting COTS binaries, including hardcoded relative offsets and the indistinguishability between scalars and references. Learn about RetroWrite, a solution that addresses these issues through symbolization techniques. Discover how RetroWrite enables coverage instrumentation with afl-retrowrite and memory region instrumentation with asan-retrowrite. Gain insights into the practical applications of this framework for fuzzing and sanitization of binaries.
RetroWrite- Statically Instrumenting COTS Binaries for Fuzzing and Sanitization
Overview
Syllabus
Intro
Problems
Challenges: Hardcoded Relative Offsets
Challenges: Scalar and References are Indistinguishable
RetroWrite: Principled static rewriting framework for position-independent code (PIC)
RetroWrite: Overview
RetroWrite: Symbolization
afl-retrowrite: Coverage Instrumentation
asan-retrowrite: Instrumentation
asan-retrowrite: Memory Regions
Conclusion
Taught by
IEEE Symposium on Security and Privacy
