Name | Date | Size | #Lines | LOC | ||
---|---|---|---|---|---|---|
.. | 03-May-2022 | - | ||||
oss-fuzz/ | H | 03-May-2022 | - | 113 | 46 | |
README.md | H A D | 31-Jan-2020 | 2.2 KiB | 86 | 57 | |
afl-fuzz-main.c | H A D | 31-Jan-2020 | 1.3 KiB | 57 | 33 | |
decode_ndr_X_crash | H A D | 31-Jan-2020 | 4 KiB | 138 | 109 | |
fuzz_ldap_decode.c | H A D | 28-Apr-2020 | 1.6 KiB | 67 | 33 | |
fuzz_ldb_dn_explode.c | H A D | 31-Jan-2020 | 1.3 KiB | 48 | 22 | |
fuzz_ldb_ldif_read.c | H A D | 31-Jan-2020 | 1.3 KiB | 51 | 27 | |
fuzz_ldb_parse_binary_decode.c | H A D | 31-Jan-2020 | 1.4 KiB | 50 | 24 | |
fuzz_ldb_parse_control.c | H A D | 31-Jan-2020 | 1.4 KiB | 50 | 24 | |
fuzz_ldb_parse_tree.c | H A D | 31-Jan-2020 | 1.3 KiB | 54 | 26 | |
fuzz_lzxpress.c | H A D | 31-Jan-2020 | 1 KiB | 36 | 13 | |
fuzz_ndr_X.c | H A D | 31-Jan-2020 | 7.4 KiB | 331 | 197 | |
fuzz_nmblib_parse_packet.c | H A D | 31-Jan-2020 | 1.5 KiB | 57 | 27 | |
fuzz_oLschema2ldif.c | H A D | 31-Jan-2020 | 1.6 KiB | 72 | 37 | |
fuzz_reg_parse.c | H A D | 31-Jan-2020 | 1.2 KiB | 47 | 21 | |
fuzz_regfio.c | H A D | 31-Jan-2020 | 1.6 KiB | 69 | 38 | |
fuzz_tiniparser.c | H A D | 31-Jan-2020 | 1.2 KiB | 52 | 22 | |
fuzzing.c | H A D | 31-Jan-2020 | 804 | 22 | 2 | |
fuzzing.h | H A D | 31-Jan-2020 | 1,021 | 31 | 7 | |
wscript_build | H A D | 31-Jan-2020 | 5.8 KiB | 173 | 129 |
README.md
1# Fuzzing Samba 2 3Fuzzing supplies valid, invalid, unexpected or random data as input to a piece 4of code. Instrumentation, usually compiler-implemented, is used to monitor for 5exceptions such as crashes, assertions or memory corruption. 6 7See [Wikipedia article on fuzzing](https://en.wikipedia.org/wiki/Fuzzing) for 8more information. 9 10# Hongfuzz 11 12## Configure with fuzzing 13 14Example command line to build binaries for use with 15[honggfuzz](https://github.com/google/honggfuzz/): 16 17```sh 18buildtools/bin/waf -C --without-gettext --enable-debug --enable-developer \ 19 --address-sanitizer --enable-libfuzzer --abi-check-disable \ 20 CC=.../honggfuzz/hfuzz_cc/hfuzz-clang configure \ 21 LINK_CC=.../honggfuzz/hfuzz_cc/hfuzz-clang 22``` 23 24 25## Fuzzing tiniparser 26 27Example for fuzzing `tiniparser` using `honggfuzz` (see `--help` for more 28options): 29 30```sh 31buildtools/bin/waf --targets=fuzz_tiniparser build && \ 32.../honggfuzz/honggfuzz --sanitizers --timeout 3 --max_file_size 256 \ 33 --rlimit_rss 100 -f .../tiniparser-corpus -- bin/fuzz_tiniparser 34``` 35 36# AFL (american fuzzy lop) 37 38## Configure with fuzzing 39 40Example command line to build binaries for use with 41[afl](http://lcamtuf.coredump.cx/afl/) 42 43```sh 44buildtools/bin/waf -C --without-gettext --enable-debug --enable-developer \ 45 --enable-afl-fuzzer --abi-check-disable \ 46 CC=afl-gcc configure 47``` 48 49## Fuzzing tiniparser 50 51Example for fuzzing `tiniparser` using `afl-fuzz` (see `--help` for more 52options): 53 54```sh 55buildtools/bin/waf --targets=fuzz_tiniparser build && \ 56afl-fuzz -m 200 -i inputdir -o outputdir -- bin/fuzz_tiniparser 57``` 58 59# oss-fuzz 60 61Samba can be fuzzed by Google's oss-fuzz system. Assuming you have an 62oss-fuzz checkout from https://github.com/google/oss-fuzz with Samba's 63metadata in projects/samba, the following guides will help: 64 65## Testing locally 66 67https://google.github.io/oss-fuzz/getting-started/new-project-guide/#testing-locally 68 69## Debugging oss-fuzz 70 71See https://google.github.io/oss-fuzz/advanced-topics/debugging/ 72 73## Samba-specific hints 74 75A typical debugging workflow is: 76 77oss-fuzz$ python infra/helper.py shell samba 78git fetch $REMOTE $BRANCH 79git checkout FETCH_HEAD 80lib/fuzzing/oss-fuzz/build_image.sh 81compile 82 83This will pull in any new Samba deps and build Samba's fuzzers. 84 85# vim: set sw=8 sts=8 ts=8 tw=79 : 86