From ce3a0cbd06d3566ecaacb77cac75513ece610bbf Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Thu, 26 Nov 2015 00:12:57 +0000 Subject: [PATCH] [libFuzzer] clean up the docs, add one more link llvm-svn: 254115 --- docs/LibFuzzer.rst | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/docs/LibFuzzer.rst b/docs/LibFuzzer.rst index 74845c54636..eb79b2e490c 100644 --- a/docs/LibFuzzer.rst +++ b/docs/LibFuzzer.rst @@ -86,7 +86,9 @@ Toy example A simple function that does something interesting if it receives the input "HI!":: cat << EOF >> test_fuzzer.cc - extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size) { + #include + #include + extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { if (size > 0 && data[0] == 'H') if (size > 1 && data[1] == 'I') if (size > 2 && data[2] == '!') @@ -122,8 +124,9 @@ Here we show how to use lib/Fuzzer on something real, yet simple: pcre2_:: # Build the actual function that does something interesting with PCRE2. cat << EOF > pcre_fuzzer.cc #include + #include #include "pcre2posix.h" - extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size) { + extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { if (size < 1) return 0; char *str = new char[size+1]; memcpy(str, data, size); @@ -221,6 +224,9 @@ to find Heartbleed with LibFuzzer:: #include #include #include + #include + #include + SSL_CTX *sctx; int Init() { SSL_library_init(); @@ -232,7 +238,7 @@ to find Heartbleed with LibFuzzer:: assert (SSL_CTX_use_PrivateKey_file(sctx, "server.key", SSL_FILETYPE_PEM)); return 0; } - extern "C" int LLVMFuzzerTestOneInput(unsigned char *Data, size_t Size) { + extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { static int unused = Init(); SSL *server = SSL_new(sctx); BIO *sinbio = BIO_new(BIO_s_mem()); @@ -261,6 +267,9 @@ Voila:: #1 0x4db504 in tls1_process_heartbeat openssl-1.0.1f/ssl/t1_lib.c:2586:3 #2 0x580be3 in ssl3_read_bytes openssl-1.0.1f/ssl/s3_pkt.c:1092:4 +Note: a `similar fuzzer `_ +is now a part of the boringssl source tree. + Advanced features =================