README.rst 996 Bytes
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
Fuzzers
=======

This directory contains a collection of fuzzing tools. Each tests a different
entry point to the code.

Usage notes:

1. Install AFL:

   .. code::

      apt-get install afl

2. Build the fuzzers:

   .. code::

      make fuzzers

3. Some of the tests (eg ``fuzz_decrypt`` and ``fuzz_group_decrypt``) require a
   session file. You can use the ones generated by the python test script
   (``python/test.sh``).

4. Make some work directories:

   .. code::

      mkdir -p fuzzing/in fuzzing/out

5. Generate starting input:

   .. code::

      echo "Test" > fuzzing/in/test

6. Run the test under ``afl-fuzz``:

   .. code::

      afl-fuzz -i fuzzing/in -o fuzzing/out -- \
         ./build/fuzzers/fuzz_<fuzzing_tool> [<test args>]

7. To resume with the data produced by an earlier run:

   .. code::

      ./afl-fuzz -i- -o existing_output_dir [...etc...]

8. If it shows failures, pipe the failure case into
   ``./build/fuzzers/debug_<fuzzing_tool>``, fix, and repeat.