Skip to content

bsdiffpatch-test.c: New file suitable for AFL fuzzing #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

bsdiffpatch-test.c: New file suitable for AFL fuzzing #10

wants to merge 1 commit into from

Conversation

@cgwalters
Copy link

@cgwalters cgwalters commented Nov 21, 2015

TL;DR: Fuzzing passed.

See http://lcamtuf.coredump.cx/afl/

The basic idea is we take an arbitary input file, split it in half.
The first half is the original, the second is the modified. Then do a
roundtrip diff->patch and verify that it worked.

I ran this for 1.5 days on one core, and didn't find any crashes, and
the hangs appeared to be false positives.

Usage:

$ afl-fuzz -i input -o findings -- ./bsdiffpatch-test

The input directory contained a two byte file with NULs - afl
rapidly found other inputs.

This code should hopefully be useful if we ever decide to change the
code in the future, or for anyone who wants to try variants of fuzzing
now.

@cgwalters
bsdiffpatch-test.c: New file suitable for AFL fuzzing
a1550f5 
TL;DR: Fuzzing passed.

See http://lcamtuf.coredump.cx/afl/

The basic idea is we take an arbitary input file, split it in half.
The first half is the original, the second is the modified.  Then do a
roundtrip diff->patch and verify that it worked.

I ran this for 1.5 days on one core, and didn't find any crashes, and
the hangs appeared to be false positives.

Usage:

```
$ afl-fuzz -i input -o findings -- ./bsdiffpatch-test
```

The `input` directory contained a two byte file with `NUL`s - afl
rapidly found other inputs.

This code should hopefully be useful if we ever decide to change the
code in the future, or for anyone who wants to try variants of fuzzing
now.
@cgwalters
Copy link
Author

cgwalters commented Nov 21, 2015

(A variant of this would be to fuzz test patches only, but I'm not as interested in that - we only apply patches which have known integrity, i.e. covered by a GPG signature or TLS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cgwalters