olm/fuzzers
2018-10-12 16:22:12 -04:00
..
include Add a fuzzer for olm_group_decrypt 2016-05-26 13:25:34 +01:00
CMakeLists.txt add pk files to cmake, avoid some duplication, and update documentation 2018-10-12 16:22:12 -04:00
fuzz_decode_message.cpp Add support for building fuzzers using american fuzzy lop 2016-05-23 17:32:24 +01:00
fuzz_decrypt.cpp Add a fuzzer for olm_group_decrypt 2016-05-26 13:25:34 +01:00
fuzz_group_decrypt.cpp Fix broken fuzzer compilation 2016-10-24 16:32:21 +01:00
fuzz_unpickle_account.cpp Add support for building fuzzers using american fuzzy lop 2016-05-23 17:32:24 +01:00
fuzz_unpickle_session.cpp Add support for building fuzzers using american fuzzy lop 2016-05-23 17:32:24 +01:00
README.rst Fix broken fuzzer compilation 2016-10-24 16:32:21 +01:00

Fuzzers
=======

This directory contains a collection of fuzzing tools. Each tests a different
entry point to the code.

Usage notes:

1. Install AFL:

   .. code::

      apt-get install afl

2. Build the fuzzers:

   .. code::

      make fuzzers

3. Some of the tests (eg ``fuzz_decrypt`` and ``fuzz_group_decrypt``) require a
   session file. You can use the ones generated by the python test script
   (``python/test.sh``).

4. Make some work directories:

   .. code::

      mkdir -p fuzzing/in fuzzing/out

5. Generate starting input:

   .. code::

      echo "Test" > fuzzing/in/test

6. Run the test under ``afl-fuzz``:

   .. code::

      afl-fuzz -i fuzzing/in -o fuzzing/out -- \
         ./build/fuzzers/fuzz_<fuzzing_tool> [<test args>]

7. To resume with the data produced by an earlier run:

   .. code::

       afl-fuzz -i- -o existing_output_dir [...etc...]

8. If it shows failures, pipe the failure case into
   ``./build/fuzzers/debug_<fuzzing_tool>``, fix, and repeat.