Home Explore Help
Register Sign In
PSG
/
civetweb
mirror of https://github.com/civetweb/civetweb.git
5
0
Fork 0
Files Issues 0 Wiki
Tree: v1.14
Branches Tags
civetweb
/
fuzztest
bel2125 b5a3f8dc7c Add file comment for fuzzmain.c 4 years ago
..
docroot 9c96991d7e First draft for fuzz test (#893) 5 years ago
http1 8f28f092d4 Add fuzz test for client 5 years ago
http1c 8f28f092d4 Add fuzz test for client 5 years ago
url 9c96991d7e First draft for fuzz test (#893) 5 years ago
README.txt 293c8c3da7 Add build scripts for fuzz test 5 years ago
build.sh cfe2afa545 Fuzz test: Fix all build warnings 4 years ago
build_and_run.sh cfe2afa545 Fuzz test: Fix all build warnings 4 years ago
build_with_all.sh cfe2afa545 Fuzz test: Fix all build warnings 4 years ago
fuzzmain.c b5a3f8dc7c Add file comment for fuzzmain.c 4 years ago
http1.dict 9c96991d7e First draft for fuzz test (#893) 5 years ago

README.txt

For fuzz testing civetweb, perform the following steps:

- Switch to civetweb root directory
- make clean

First fuzz target: vary URI for HTTP1 server
- make WITH_ALL=1 TEST_FUZZ=1
- mv civetweb civetweb_fuzz1
- sudo ./civetweb_fuzz1 -max_len=2048 fuzztest/url/

Second fuzz target: vary HTTP1 request for HTTP1 server
- make WITH_ALL=1 TEST_FUZZ=2
- mv civetweb civetweb_fuzz2
- sudo ./civetweb_fuzz2 -max_len=2048 -dict=fuzztest/http1.dict fuzztest/http1/

Third fuzz target: vary HTTP1 response for HTTP1 client API
- make WITH_ALL=1 TEST_FUZZ=3
- mv civetweb civetweb_fuzz3
- sudo ./civetweb_fuzz3 -max_len=2048 -dict=fuzztest/http1.dict fuzztest/http1c/



Open issues:
* Need "sudo" for container? (ASAN seems to needs it on WSL test)
* let "make" create "civetweb_fuzz#" instead of "mv"
* useful initial corpus and directory
* Planned additional fuzz test:
* vary HTTP2 request for HTTP2 server (in HTTP2 feature branch)
* use internal function to bypass socket (bottleneck)
* where to put fuzz corpus?