RPCS3/llvm-mirror
1
0
Fork 0
mirror of https://github.com/RPCS3/llvm-mirror.git synced 2025-01-19 02:03:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

[libFuzzer] clean up the docs, add one more link

Browse Source 
llvm-svn: 254115
This commit is contained in:
Kostya Serebryany 2015-11-26 00:12:57 +00:00
parent df875576b5
commit ce3a0cbd06
1 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
docs/LibFuzzer.rst
View File

@ -86,7 +86,9 @@ Toy example
A simple function that does something interesting if it receives the input "HI!"::
cat << EOF >> test_fuzzer.cc
extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size) {
#include <stdint.h>
#include <stddef.h>
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
if (size > 0 && data[0] == 'H')
if (size > 1 && data[1] == 'I')
if (size > 2 && data[2] == '!')
@ -122,8 +124,9 @@ Here we show how to use lib/Fuzzer on something real, yet simple: pcre2_::
# Build the actual function that does something interesting with PCRE2.
cat << EOF > pcre_fuzzer.cc
#include <string.h>
#include <stdint.h>
#include "pcre2posix.h"
extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size) {
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
if (size < 1) return 0;
char *str = new char[size+1];
memcpy(str, data, size);
@ -221,6 +224,9 @@ to find Heartbleed with LibFuzzer::
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <assert.h>
#include <stdint.h>
#include <stddef.h>
SSL_CTX *sctx;
int Init() {
SSL_library_init();
@ -232,7 +238,7 @@ to find Heartbleed with LibFuzzer::
assert (SSL_CTX_use_PrivateKey_file(sctx, "server.key", SSL_FILETYPE_PEM));
return 0;
}
extern "C" int LLVMFuzzerTestOneInput(unsigned char *Data, size_t Size) {
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
static int unused = Init();
SSL *server = SSL_new(sctx);
BIO *sinbio = BIO_new(BIO_s_mem());
@ -261,6 +267,9 @@ Voila::
#1 0x4db504 in tls1_process_heartbeat openssl-1.0.1f/ssl/t1_lib.c:2586:3
#2 0x580be3 in ssl3_read_bytes openssl-1.0.1f/ssl/s3_pkt.c:1092:4
Note: a `similar fuzzer <https://boringssl.googlesource.com/boringssl/+/HEAD/FUZZING.md>`_
is now a part of the boringssl source tree.
Advanced features
=================