mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00

Michael Hanselmann dd5f8732d8 Add fuzzing support to build system

LibFuzzer, Honggfuzz and other programs implement simple interfaces for
fuzzing appropriately prepared code. Samba contains quite a lot of
parsing code, often a good target for fuzzing.

With this change the build system is amended to support building fuzzing
binaries (added in later changes).

Signed-off-by: Michael Hanselmann <public@hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

2019-08-07 06:07:28 +00:00

1.0 KiB

Raw Blame History

Fuzzing Samba

Fuzzing supplies valid, invalid, unexpected or random data as input to a piece of code. Instrumentation, usually compiler-implemented, is used to monitor for exceptions such as crashes, assertions or memory corruption.

See Wikipedia article on fuzzing for more information.

Configure with fuzzing

Example command line to build binaries for use with honggfuzz:

buildtools/bin/waf -C --without-gettext --enable-debug --enable-developer \
	--address-sanitizer --enable-libfuzzer \
	CC=.../honggfuzz/hfuzz_cc/hfuzz-clang configure \
	LINK_CC=.../honggfuzz/hfuzz_cc/hfuzz-clang

Fuzzing tiniparser

Example for fuzzing tiniparser using honggfuzz (see --help for more options):

buildtools/bin/waf --targets=fuzz_tiniparser build && \
.../honggfuzz/honggfuzz --sanitizers --timeout 3 --max_file_size 256 \
  --rlimit_rss 100 -f .../tiniparser-corpus -- bin/fuzz_tiniparser

vim: set sw=8 sts=8 ts=8 tw=79 :

1.0 KiB Raw Blame History

Fuzzing Samba

Configure with fuzzing

Fuzzing tiniparser

vim: set sw=8 sts=8 ts=8 tw=79 :

1.0 KiB

Raw Blame History