diff options
Diffstat (limited to 'doc/Development/Fuzzing.asciidoc')
-rw-r--r-- | doc/Development/Fuzzing.asciidoc | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/doc/Development/Fuzzing.asciidoc b/doc/Development/Fuzzing.asciidoc deleted file mode 100644 index 0981f1a..0000000 --- a/doc/Development/Fuzzing.asciidoc +++ /dev/null @@ -1,49 +0,0 @@ -=== Setup -Required packages: afl - -==== Compiling Qt -This will build an instrumented Qt: - -[source, sh] ----- -export CC=$(which afl-gcc) -export CXX=$(which afl-g++) -./configure ... -make ----- - -=== Running the fuzzer -[source, sh] ----- -cd /sys/devices/system/cpu -su -echo performance | tee cpu*/cpufreq/scaling_governor -exit - -cd $testdir -afl-fuzz -m 512 -t 40 -i $input -o $output -- $testexe @@ - -# see for available scaling_governor values: -cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_available_governors - -cd /sys/devices/system/cpu -su -echo powersave | tee cpu*/cpufreq/scaling_governor -exit ----- - -The $input directory contains your reference input files, while the findings of the fuzzers will be written in $output. - -@@ gets replaced by the name of a file generated by AFL, containing the mutated input. - -=== Using ramdisk for tests -[source, sh] ----- -$ mkdir afl -# mount -t tmpfs -o size=1024M tmpfs afl/ -$ cd afl/ -$ afl-fuzz -i inputs -o findings ... ----- - -=== Sources -1. https://www.kdab.com/fuzzing-qt-fun-profit/ |