I’ve added a new Peach Pit for the Quicktime MOV/MP4 file format. This template covers the majority of the specification, complete with size and count relations with the exception of a few corner cases where certain size elements are not included.
You may also notice from the comments that there are some instances where certain relations, though included, have been disabled. This is due to the overwhelmingly long amount of time required to parse these elements. As such, they’ve been replaced with simple blob elements.
You can download the new Peach Pit here.
Also, as with all of my previous Peach Pits, this template is currently written for Peach v2.3.9 or less. Updating it to Peach v3.0 shouldn’t be much of an issue. For more information, take a look at documentation for the new Peach Pit format, here.
September 18th, 2013 on 7:51 am
Why are you not using the Memory Monitor? It seems a good addition that does not affect.
September 21st, 2013 on 1:12 am
Kinunt,
The memory monitor seems more useful in detecting memory leaks (not to be confused with info leaks) rather than bounds issues. Using GFlags with either standard or full page heap verification is typically more than enough to identify most bugs.
If you’re unfamiliar with the way GFlags works, I’ve included a brief description of it in a recent article I wrote for http://www.corelan.be:
https://www.corelan.be/index.php/2013/07/02/root-cause-analysis-integer-overflows/#Page_heap
April 24th, 2018 on 2:40 am
Hi Pyoor
I was studying Peach Fuzzer recently, your series of articles of this theme have helped me a lot. But, I still do not understand expressionSet and expressionGet in . Can you explain in detail, because the introduction on the Peach official website is very vague.