Merge pull request #27 from matrix-org/rav/fuzzers_readme

Add a README for the fuzzers

Merge pull request #27 from matrix-org/rav/fuzzers_readme
Add a README for the fuzzers
780203b0 · Richard van der Hoff · GitHub · 38acc352 · cada801d · 780203b0
Commit 780203b0 authored Oct 19, 2016 by Richard van der Hoff Committed by GitHub Oct 19, 2016
--- a/fuzzers/README.rst
+++ b/fuzzers/README.rst
+Fuzzers
+=======
+
+This directory contains a collection of fuzzing tools. Each tests a different
+entry point to the code.
+
+Usage notes:
+
+1. Install AFL:
+
+   .. code::
+
+      apt-get install afl
+
+2. Build the fuzzers:
+
+   .. code::
+
+      make fuzzers
+
+3. Some of the tests (eg ``fuzz_decrypt`` and ``fuzz_group_decrypt``) require a
+   session file. You can use the ones generated by the python test script
+   (``python/test.sh``).
+
+4. Make some work directories:
+
+   .. code::
+
+      mkdir -p fuzzing/in fuzzing/out
+
+5. Generate starting input:
+
+   .. code::
+
+      echo "Test" > fuzzing/in/test
+
+6. Run the test under ``afl-fuzz``:
+
+   .. code::
+
+      afl-fuzz -i fuzzing/in -o fuzzing/out -- \
+         ./build/fuzzers/fuzz_<fuzzing_tool> [<test args>]
+
+7. To resume with the data produced by an earlier run:
+
+   .. code::
+
+      ./afl-fuzz -i- -o existing_output_dir [...etc...]
+
+8. If it shows failures, pipe the failure case into
+   ``./build/fuzzers/debug_<fuzzing_tool>``, fix, and repeat.