From 8149627b8040ad9774350999027586e2a3f20de5 Mon Sep 17 00:00:00 2001 From: Philippe Antoine Date: Tue, 4 Jun 2019 14:47:58 +0200 Subject: [PATCH] Fuzz README and direct compilation --- tests/fuzz/CMakeLists.txt | 78 ++++++++++++++++++++++++++++++--------- tests/fuzz/README.md | 35 ++++++++++++++++++ 2 files changed, 95 insertions(+), 18 deletions(-) create mode 100644 tests/fuzz/README.md diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt index 4f37efa9f..17ec3f64c 100644 --- a/tests/fuzz/CMakeLists.txt +++ b/tests/fuzz/CMakeLists.txt @@ -10,29 +10,71 @@ if(ENABLE_ZLIB_SUPPORT) set(libs ${libs} ${ZLIB_LIBRARIES}) endif(ENABLE_ZLIB_SUPPORT) -add_executable(fuzz_x509csr fuzz_x509csr.c onefile.c) -target_link_libraries(fuzz_x509csr ${libs}) +find_library(FUZZINGENGINE_LIB FuzzingEngine) -add_executable(fuzz_x509crl fuzz_x509crl.c onefile.c) -target_link_libraries(fuzz_x509crl ${libs}) +if(NOT FUZZINGENGINE_LIB) + add_executable(fuzz_x509csr fuzz_x509csr.c onefile.c) + target_link_libraries(fuzz_x509csr ${libs}) -add_executable(fuzz_x509crt fuzz_x509crt.c onefile.c) -target_link_libraries(fuzz_x509crt ${libs}) + add_executable(fuzz_x509crl fuzz_x509crl.c onefile.c) + target_link_libraries(fuzz_x509crl ${libs}) -add_executable(fuzz_privkey fuzz_privkey.c onefile.c) -target_link_libraries(fuzz_privkey ${libs}) + add_executable(fuzz_x509crt fuzz_x509crt.c onefile.c) + target_link_libraries(fuzz_x509crt ${libs}) -add_executable(fuzz_pubkey fuzz_pubkey.c onefile.c) -target_link_libraries(fuzz_pubkey ${libs}) + add_executable(fuzz_privkey fuzz_privkey.c onefile.c) + target_link_libraries(fuzz_privkey ${libs}) -add_executable(fuzz_client fuzz_client.c common.c onefile.c) -target_link_libraries(fuzz_client ${libs}) + add_executable(fuzz_pubkey fuzz_pubkey.c onefile.c) + target_link_libraries(fuzz_pubkey ${libs}) -add_executable(fuzz_server fuzz_server.c common.c onefile.c) -target_link_libraries(fuzz_server ${libs}) + add_executable(fuzz_client fuzz_client.c common.c onefile.c) + target_link_libraries(fuzz_client ${libs}) -add_executable(fuzz_dtlsclient fuzz_dtlsclient.c common.c onefile.c) -target_link_libraries(fuzz_dtlsclient ${libs}) + add_executable(fuzz_server fuzz_server.c common.c onefile.c) + target_link_libraries(fuzz_server ${libs}) -add_executable(fuzz_dtlsserver fuzz_dtlsserver.c common.c onefile.c) -target_link_libraries(fuzz_dtlsserver ${libs}) + add_executable(fuzz_dtlsclient fuzz_dtlsclient.c common.c onefile.c) + target_link_libraries(fuzz_dtlsclient ${libs}) + + add_executable(fuzz_dtlsserver fuzz_dtlsserver.c common.c onefile.c) + target_link_libraries(fuzz_dtlsserver ${libs}) +else() + project(fuzz CXX) + + add_executable(fuzz_x509csr fuzz_x509csr.c) + target_link_libraries(fuzz_x509csr ${libs} FuzzingEngine) + SET_TARGET_PROPERTIES(fuzz_x509csr PROPERTIES LINKER_LANGUAGE CXX) + + add_executable(fuzz_x509crl fuzz_x509crl.c) + target_link_libraries(fuzz_x509crl ${libs} FuzzingEngine) + SET_TARGET_PROPERTIES(fuzz_x509crl PROPERTIES LINKER_LANGUAGE CXX) + + add_executable(fuzz_x509crt fuzz_x509crt.c) + target_link_libraries(fuzz_x509crt ${libs} FuzzingEngine) + SET_TARGET_PROPERTIES(fuzz_x509crt PROPERTIES LINKER_LANGUAGE CXX) + + add_executable(fuzz_privkey fuzz_privkey.c) + target_link_libraries(fuzz_privkey ${libs} FuzzingEngine) + SET_TARGET_PROPERTIES(fuzz_privkey PROPERTIES LINKER_LANGUAGE CXX) + + add_executable(fuzz_pubkey fuzz_pubkey.c) + target_link_libraries(fuzz_pubkey ${libs} FuzzingEngine) + SET_TARGET_PROPERTIES(fuzz_pubkey PROPERTIES LINKER_LANGUAGE CXX) + + add_executable(fuzz_client fuzz_client.c common.c) + target_link_libraries(fuzz_client ${libs} FuzzingEngine) + SET_TARGET_PROPERTIES(fuzz_client PROPERTIES LINKER_LANGUAGE CXX) + + add_executable(fuzz_server fuzz_server.c common.c) + target_link_libraries(fuzz_server ${libs} FuzzingEngine) + SET_TARGET_PROPERTIES(fuzz_server PROPERTIES LINKER_LANGUAGE CXX) + + add_executable(fuzz_dtlsclient fuzz_dtlsclient.c common.c) + target_link_libraries(fuzz_dtlsclient ${libs} FuzzingEngine) + SET_TARGET_PROPERTIES(fuzz_dtlsclient PROPERTIES LINKER_LANGUAGE CXX) + + add_executable(fuzz_dtlsserver fuzz_dtlsserver.c common.c) + target_link_libraries(fuzz_dtlsserver ${libs} FuzzingEngine) + SET_TARGET_PROPERTIES(fuzz_dtlsserver PROPERTIES LINKER_LANGUAGE CXX) +endif() diff --git a/tests/fuzz/README.md b/tests/fuzz/README.md new file mode 100644 index 000000000..a779c29ac --- /dev/null +++ b/tests/fuzz/README.md @@ -0,0 +1,35 @@ +What is it ? +------ + +This directory contains fuzz targets. +Fuzz targets are simple codes using the library. +They are used with a so-called fuzz driver, which will generate inputs, try to process them with the fuzz target, and alert in case of an unwanted behavior (such as a buffer overflow for instance). + +These targets were meant to be used with oss-fuzz but can be used in other contexts. + +This code was contributed by Philippe Antoine ( Catena cyber ). + +How to run ? +------ + +To run the fuzz targets like oss-fuzz : +``` +git clone https://github.com/google/oss-fuzz +cd oss-fuzz +python infra/helper.py build_image mbedtls +python infra/helper.py build_fuzzers --sanitizer address mbedtls +python infra/helper.py run_fuzzer mbedtls fuzz_client +``` +You can use `undefined` sanitizer as well as `address` sanitizer +And you can run any of the fuzz targets like `fuzz_client` + +To run the fuzz targets without oss-fuzz, you first need to install one libFuzzingEngine (libFuzzer for instance) +Then you need to compile the code +``` +perl scripts/config.pl set MBEDTLS_PLATFORM_TIME_ALT +mkdir build +cd build +cmake .. +make +``` +Finally, you can run the targets like `./test/fuzz/fuzz_client`