• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

android/H15-Mar-2016-13097

docs/H15-Mar-2016-523403

examples/H03-May-2022-143102

interceptor/H15-Mar-2016-192142

linux/H15-Mar-2016-3,1352,155

mac/H15-Mar-2016-720425

posix/H15-Mar-2016-196127

third_party/H15-Mar-2016-528415

tools/H15-Mar-2016-161116

.gitignoreH A D15-Mar-2016171 1413

CHANGELOGH A D15-Mar-20161.4 KiB2923

CONTRIBUTINGH A D15-Mar-20161.4 KiB2521

COPYINGH A D15-Mar-201611.1 KiB203169

MakefileH A D03-May-20228.1 KiB219166

README.mdH A D15-Mar-20162.6 KiB2922

arch.hH A D15-Mar-20161.1 KiB367

cmdline.cH A D15-Mar-201617.3 KiB473412

cmdline.hH A D15-Mar-2016997 348

common.hH A D15-Mar-20167.3 KiB292204

display.cH A D15-Mar-20166.8 KiB170116

display.hH A D15-Mar-2016864 304

files.cH A D15-Mar-201612.8 KiB472371

files.hH A D15-Mar-20161.8 KiB5919

fuzz.cH A D15-Mar-201621.7 KiB675510

fuzz.hH A D15-Mar-2016852 304

honggfuzz.cH A D15-Mar-20164.8 KiB198139

log.cH A D15-Mar-20163.8 KiB158113

log.hH A D15-Mar-20162.4 KiB6332

mangle.cH A D15-Mar-201611.8 KiB376291

mangle.hH A D15-Mar-2016992 336

report.cH A D15-Mar-20163.8 KiB12688

report.hH A D15-Mar-2016860 304

sancov.cH A D15-Mar-201629.8 KiB905650

sancov.hH A D15-Mar-20161.5 KiB4310

util.cH A D15-Mar-20166.9 KiB319237

util.hH A D15-Mar-20162.1 KiB6827

README.md

1# honggfuzz #
2
3**Description**
4
5  * A general-purpose, easy-to-use fuzzer with interesting analysis options. See [USAGE](https://github.com/google/honggfuzz/blob/master/docs/USAGE.md) for more details
6  * Supports hardware-based [feedback-driven fuzzing](https://github.com/google/honggfuzz/blob/master/docs/FeedbackDrivenFuzzing.md) (requires Linux and a supported CPU model), also for closed-source binaries
7  * It works, at least, under GNU/Linux, FreeBSD, Mac OSX and [Android](https://github.com/google/honggfuzz/blob/master/docs/Android.md)
8  * [Can fuzz long-lasting processes](https://github.com/google/honggfuzz/blob/master/docs/AttachingToPid.md) (e.g. network servers like Apache's httpd and ISC's bind)
9  * It's been used to find a few interesting security problems in major software; examples:
10    * FreeType 2 project: [CVE-2010-2497](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2497), [CVE-2010-2498](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2498), [CVE-2010-2499](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2499), [CVE-2010-2500](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2500), [CVE-2010-2519](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2519), [CVE-2010-2520](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2520), [CVE-2010-2527](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2527)
11    * [Multiple bugs in the libtiff library](http://bugzilla.maptools.org/buglist.cgi?query_format=advanced;emailreporter1=1;email1=robert@swiecki.net;product=libtiff;emailtype1=substring)
12    * [Multiple bugs in the librsvg library](https://bugzilla.gnome.org/buglist.cgi?query_format=advanced;emailreporter1=1;email1=robert%40swiecki.net;product=librsvg;emailtype1=substring)
13    * [Multiple bugs in the poppler library](http://lists.freedesktop.org/archives/poppler/2010-November/006726.html)
14    * [Multiple exploitable bugs in IDA-Pro](https://www.hex-rays.com/bugbounty.shtml)
15    * ... and more
16
17**Code**
18  * Latest version: [0.6](https://github.com/google/honggfuzz/releases/tag/0.6) [CHANGELOG](https://github.com/google/honggfuzz/blob/master/CHANGELOG)
19  * Older versions and static builds: [Honggfuzz 0.5](https://docs.google.com/file/d/0B86hdL7CeBvAX1NzMkMtUzN4Rms/view), [Direct download link](https://docs.google.com/uc?id=0B86hdL7CeBvAX1NzMkMtUzN4Rms&export=download) and [earlier versions](https://drive.google.com/folderview?id=0B86hdL7CeBvAfmJXcTJCeTJSeFdHd3E5Q3VGZFdCY192aVBxcHJSbkIyUVZGMG9ualJ6aE0&usp=sharing)
20
21**Requirements**
22  * Linux - BFD library (libbfd-dev) and LibUnwind (libunwind-dev/libunwind8-dev)
23  * FreeBSD - gmake
24  * Android - Android SDK/NDK
25
26**Other**
27
28This is NOT an official Google product.
29