mbedtls/tests/fuzz
2019-06-21 19:48:02 +02:00
..
corpuses Fuzz testing 2019-06-21 19:47:27 +02:00
CMakeLists.txt Fuzz README and direct compilation 2019-06-21 19:48:02 +02:00
common.c Factoring code 2019-06-21 19:47:27 +02:00
common.h Factoring code 2019-06-21 19:47:27 +02:00
fuzz_client.c Protecting client/server fuzz targts with ifdefs 2019-06-21 19:48:02 +02:00
fuzz_client.options Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_dtlsclient.c Protecting client/server fuzz targts with ifdefs 2019-06-21 19:48:02 +02:00
fuzz_dtlsclient.options Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_dtlsserver.c Protecting client/server fuzz targts with ifdefs 2019-06-21 19:48:02 +02:00
fuzz_dtlsserver.options Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_privkey.c Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_privkey.options Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_pubkey.c Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_pubkey.options Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_server.c Protecting client/server fuzz targts with ifdefs 2019-06-21 19:48:02 +02:00
fuzz_server.options Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_x509crl.c Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_x509crl.options Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_x509crt.c Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_x509crt.options Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_x509csr.c Fuzz testing 2019-06-21 19:47:27 +02:00
fuzz_x509csr.options Fuzz testing 2019-06-21 19:47:27 +02:00
Makefile Makefile support 1 2019-06-21 19:48:02 +02:00
onefile.c Fixes dummy leak in fuzz driver 2019-06-21 19:47:27 +02:00
README.md Makefile support 1 2019-06-21 19:48:02 +02:00

What is it ?

This directory contains fuzz targets. Fuzz targets are simple codes using the library. They are used with a so-called fuzz driver, which will generate inputs, try to process them with the fuzz target, and alert in case of an unwanted behavior (such as a buffer overflow for instance).

These targets were meant to be used with oss-fuzz but can be used in other contexts.

This code was contributed by Philippe Antoine ( Catena cyber ).

How to run ?

To run the fuzz targets like oss-fuzz :

git clone https://github.com/google/oss-fuzz
cd oss-fuzz
python infra/helper.py build_image mbedtls
python infra/helper.py build_fuzzers --sanitizer address mbedtls
python infra/helper.py run_fuzzer mbedtls fuzz_client

You can use undefined sanitizer as well as address sanitizer And you can run any of the fuzz targets like fuzz_client

To run the fuzz targets without oss-fuzz, you first need to install one libFuzzingEngine (libFuzzer for instance) Then you need to compile the code with the compiler flags of the wished sanitizer

perl scripts/config.pl set MBEDTLS_PLATFORM_TIME_ALT
mkdir build
cd build
cmake ..
make

Finally, you can run the targets like ./test/fuzz/fuzz_client