Merge pull request #27 from matrix-org/rav/fuzzers_readme
Add a README for the fuzzers
This commit is contained in:
commit
780203b054
1 changed files with 51 additions and 0 deletions
51
fuzzers/README.rst
Normal file
51
fuzzers/README.rst
Normal file
|
@ -0,0 +1,51 @@
|
||||||
|
Fuzzers
|
||||||
|
=======
|
||||||
|
|
||||||
|
This directory contains a collection of fuzzing tools. Each tests a different
|
||||||
|
entry point to the code.
|
||||||
|
|
||||||
|
Usage notes:
|
||||||
|
|
||||||
|
1. Install AFL:
|
||||||
|
|
||||||
|
.. code::
|
||||||
|
|
||||||
|
apt-get install afl
|
||||||
|
|
||||||
|
2. Build the fuzzers:
|
||||||
|
|
||||||
|
.. code::
|
||||||
|
|
||||||
|
make fuzzers
|
||||||
|
|
||||||
|
3. Some of the tests (eg ``fuzz_decrypt`` and ``fuzz_group_decrypt``) require a
|
||||||
|
session file. You can use the ones generated by the python test script
|
||||||
|
(``python/test.sh``).
|
||||||
|
|
||||||
|
4. Make some work directories:
|
||||||
|
|
||||||
|
.. code::
|
||||||
|
|
||||||
|
mkdir -p fuzzing/in fuzzing/out
|
||||||
|
|
||||||
|
5. Generate starting input:
|
||||||
|
|
||||||
|
.. code::
|
||||||
|
|
||||||
|
echo "Test" > fuzzing/in/test
|
||||||
|
|
||||||
|
6. Run the test under ``afl-fuzz``:
|
||||||
|
|
||||||
|
.. code::
|
||||||
|
|
||||||
|
afl-fuzz -i fuzzing/in -o fuzzing/out -- \
|
||||||
|
./build/fuzzers/fuzz_<fuzzing_tool> [<test args>]
|
||||||
|
|
||||||
|
7. To resume with the data produced by an earlier run:
|
||||||
|
|
||||||
|
.. code::
|
||||||
|
|
||||||
|
./afl-fuzz -i- -o existing_output_dir [...etc...]
|
||||||
|
|
||||||
|
8. If it shows failures, pipe the failure case into
|
||||||
|
``./build/fuzzers/debug_<fuzzing_tool>``, fix, and repeat.
|
Loading…
Reference in a new issue