| Philippe Antoine | 8149627 | 2019-06-04 14:47:58 +0200 | [diff] [blame^] | 1 | What is it ? |
| 2 | ------ |
| 3 | |
| 4 | This directory contains fuzz targets. |
| 5 | Fuzz targets are simple codes using the library. |
| 6 | They are used with a so-called fuzz driver, which will generate inputs, try to process them with the fuzz target, and alert in case of an unwanted behavior (such as a buffer overflow for instance). |
| 7 | |
| 8 | These targets were meant to be used with oss-fuzz but can be used in other contexts. |
| 9 | |
| 10 | This code was contributed by Philippe Antoine ( Catena cyber ). |
| 11 | |
| 12 | How to run ? |
| 13 | ------ |
| 14 | |
| 15 | To run the fuzz targets like oss-fuzz : |
| 16 | ``` |
| 17 | git clone https://github.com/google/oss-fuzz |
| 18 | cd oss-fuzz |
| 19 | python infra/helper.py build_image mbedtls |
| 20 | python infra/helper.py build_fuzzers --sanitizer address mbedtls |
| 21 | python infra/helper.py run_fuzzer mbedtls fuzz_client |
| 22 | ``` |
| 23 | You can use `undefined` sanitizer as well as `address` sanitizer |
| 24 | And you can run any of the fuzz targets like `fuzz_client` |
| 25 | |
| 26 | To run the fuzz targets without oss-fuzz, you first need to install one libFuzzingEngine (libFuzzer for instance) |
| 27 | Then you need to compile the code |
| 28 | ``` |
| 29 | perl scripts/config.pl set MBEDTLS_PLATFORM_TIME_ALT |
| 30 | mkdir build |
| 31 | cd build |
| 32 | cmake .. |
| 33 | make |
| 34 | ``` |
| 35 | Finally, you can run the targets like `./test/fuzz/fuzz_client` |