Abstract

Exploit an out-of-bounds write vulnerability in general-purpose applications has become a current research focus. Given the large scale of code in programs, selecting appropriate memory objects for exploitation is challenging. In the letter, we propose a corrupted data propagation-guided fuzzing method. By tracking the propagation process of corrupted data among memory objects, we propose a multi-level fuzzing schedule to search the execution paths. Experimental results show that our proposed method, EMOFuzz, can effectively identify exploitable objects under various overflow lengths, significantly enhancing the efficiency of exploitability analysis.