diff options
Diffstat (limited to 'fuzz/FUZZING.md')
-rw-r--r-- | fuzz/FUZZING.md | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/fuzz/FUZZING.md b/fuzz/FUZZING.md new file mode 100644 index 0000000..65363e1 --- /dev/null +++ b/fuzz/FUZZING.md @@ -0,0 +1,37 @@ +<!-- +Copyright (C) Internet Systems Consortium, Inc. ("ISC") + +SPDX-License-Identifier: MPL-2.0 + +This Source Code Form is subject to the terms of the Mozilla Public +License, v. 2.0. If a copy of the MPL was not distributed with this +file, you can obtain one at https://mozilla.org/MPL/2.0/. + +See the COPYRIGHT file distributed with this work for additional +information regarding copyright ownership. +--> + += Fuzzing + +The tests in this directory can be operated in three modes: + +* non-fuzzing - the test just runs over all input located in `<test_name>.in/` + directory by compiling with mock main.c that walks through the directory and + runs `LLVMFuzzerTestOneInput()` over the input files +* AFL - `./configure --with-fuzzing=afl` will either feed the stdin to + `LLVMFuzzerTestOneInput()` or run the `__AFL_LOOP(10000)` if compiled with + `afl-clang-fast` +* LibFuzzer - `./configure --with-fuzzing=libfuzzer` will disable `main.c` + completely and it uses the standard LibFuzzer mechanims to feed + `LLVMFuzzerTestOneInput` with the fuzzer + +== Test Cases + +Each test case should be called descriptively and the executable target must +link `testcase.o` and `main.o` and the `test_case.c` must have a function +`LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)`. + +== Adding more fuzzers + +To add a different fuzzer, `main.c` must be modified to include `main()` function +for a specific fuzzer (or no function as is case with LibFuzzer). |