RIOT-OS/RIOT
RIOT-OS/RIOT
1
0
Fork 0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2025-01-18 12:52:44 +01:00
Code Releases Activity
0a189c2d73
RIOT/fuzzing/README.md

36 lines
911 B
Markdown
Raw Normal View History

fuzzing: Initialize This adds a new subdirectory called `fuzzing/` which will contain applications for fuzzing various RIOT network modules in the future. This subdirectory is heavily inspired by the `examples/` subdirectory. The fuzzing applications use AFL as a fuzzer. Each application contains Makefiles, source code, and an input corpus used by AFL to generate input for fuzzing.
2020-01-17 17:01:31 +01:00
# Fuzzing
Automated fuzzing tests for RIOT network applications.
## Setup
The following additional dependencies are required:
* [afl][afl homepage]
* [libasan][sanitizers github] (optional but recommended)
## Invocation
Before fuzzing an application it needs to be compiled, to ease detection
of unwanted behaviour (e.g. out-of-bounds buffer accesses), compiling
with `all-asan` is highly recommended. For example:
make -C fuzzing/<application> all-asan
Afterwards invoke afl using:
make -C fuzzing/<application> fuzz
### Parallel Fuzzing
Parallel fuzzing is supported through `AFL_FLAGS`, e.g.:
# Start first AFL instance
AFL_FLAGS="-M fuzzer01" make -C fuzzing/gnrc_tcp/ fuzz
# Start second AFL instance in a different terminal
AFL_FLAGS="-M fuzzer02" make -C fuzzing/gnrc_tcp/ fuzz
[sanitizers github]: https://github.com/google/sanitizers
[afl homepage]: http://lcamtuf.coredump.cx/afl/
Copy Permalink