fuzz.sh

Branch :

Show log
Commit
Author : Ran Benita
Date : 2018-03-11 00:04:05
Hash : 2cb5c2a3
Message : Add fuzzing infrastructure Though text formats aren't exactly fuzzer's strong suit, fuzzers can catch many surface-level bugs. The fuzz/ directory contains target programs, testcases and dictionaries to drive the afl fuzzer. This commit adds a fuzzer for the XKB keymap text format and the Compose text format. On my slow machine, using a single core, a full cycle of the XKB fuzzer takes 5 hours. For Compose, it takes a few minutes. Fuzzing for the other file formats (rules files mostly) will be added later. To do some fuzzing, run `./fuzz/fuzz.sh`. Signed-off-by: Ran Benita <ran234@gmail.com>

fuzz/fuzz.sh

#!/bin/sh
set -e

case "$1" in
    keymap|compose)
        ;;
    *)
        echo "usage: $0 keymap|compose" 1>&2
        exit 1
        ;;
esac

export CC=afl-clang-fast
export AFL_HARDEN=1
test -d fuzz/build || meson setup -Db_lto=true fuzz/build
ninja -C fuzz/build
afl-fuzz -i fuzz/$1/testcases -x fuzz/$1/dict -o fuzz/$1/findings -t 200 -m 10 -- ./fuzz/build/fuzz-$1 @@

kc3-lang/libxkbcommon/fuzz/fuzz.sh

Commit

kc3-lang/libxkbcommon /fuzz/fuzz.sh