BMP Peach Pit Data Sheet

Peach Fuzzer, LLC

This document may not be distributed or used for commercial purposes without the explicit consent of the copyright holders.

Peach Fuzzer® is a registered trademark of Peach Fuzzer, LLC.

Peach Fuzzer contains Patent Pending technologies.

While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.

Peach Fuzzer, LLC 1122 E Pike St Suite 1064 Seattle, WA 98112

1 BMP Image Format

• Peach Pit: BMP

• Supported Platforms: Windows, Linux, OS X

Bitmap (BMP) is a Microsoft defined file format containing raster graphic images. Bitmap files contain fixed sized headers and a variable length pixel array.

The BMP header varies by a the version number; each subsequent version appends fields to end of the previous version. For example:

• The v2 header is the same header as the v1 header except that there are additional data fields appended to the v1 header

• The v3 is header is the same header as the v2 header except that there are additional data fields appended to the v2 header

The file format is closely tied to the DIB internal data structure in the Windows API.

Specifications

Specification Title

http://msdn.microsoft.com/en- Bitmap Header Types us/library/dd183386%28VS.85%29.aspx

Use Cases

Supported Headers Specification

BITMAPCOREHEADER Bitmap Header Types

BITMAPINFOHEADER Bitmap Header Types

BITMAPV4HEADER Bitmap Header Types

BITMAPV5HEADER Bitmap Header Types

Configuration

Target Configuration

The BMP file format can target any number of image viewing programs (such as "feh" on Linux and "mspaint.exe" on Windows) by setting the target program that you are fuzzing (such as feh or mspaint.exe) in the BMP.xml.config pit file.

2 Normally you would set different target programs for different operating systems.

Required Pit Configuration Changes

Seed Name of a valid BMP file located in the Samples directory. An empty string indicates use all files in the directory. Multiple files can be globbed together with an asterisk wildcard.

Target The program that opens the fuzzed BMP files

Optional Pit Configuration Changes

Strategy Fuzzing strategy Peach will use for testing.

LoggerPath Directory path to folder where logs will be stored.

Agent The agent that will be ran to open the target program. This is generally OS dependent.

Path Path to the relative base directory where all pits are located.

SamplePath Path to the directory in which the BMP sample files are stored. Relative to Path.

Configure Monitoring

Monitoring must be configured to provide fault detection, data collection, and automation as needed.

Running

Single test debug run

peach -1 --debug BMP.xml

Full test run

peach BMP.xml

3 Examples

Example 1. Sample BMP Configuration File

This example configuration uses feh on Linux. The configuration file also contains settings for mspaint on Windows and preview on OSX:

First, install feh; for this example we assume you are running on Ubuntu or Debian. For other platforms follow the platform specific installation instructions for feh.

#Installing feh on linux sudo apt-get install feh

When running this, feh will repeatedly open and close.