Commit e104d01d authored by Kurt Roeckx's avatar Kurt Roeckx
Browse files

Document the recommended parameters for fuzzing 



We use those parameters for calculating the coverage.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
GH: #2088
parent 2fd54eba

fuzz/README.md

+10 −2
Original line number Diff line number Diff line
@@ -40,7 +40,10 @@ Configure for fuzzing: 
            --with-fuzzer-lib=../../svn-work/Fuzzer/libFuzzer \

            -DPEDANTIC enable-asan enable-ubsan no-shared \

            -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION \

	    -fsanitize-coverage=edge,indirect-calls,8bit-counters

            -fsanitize-coverage=edge,indirect-calls,8bit-counters \

            enable-ec_nistp_64_gcc_128 -fno-sanitize=alignment enable-tls1_3 \

            enable-weak-ssl-ciphers enable-rc5 enable-md2 \

            enable-ssl3 enable-ssl3-method enable-nextprotoneg

    $ sudo apt-get install make

    $ LDCMD=clang++ make -j

    $ fuzz/helper.py $FUZZER
@@ -58,9 +61,14 @@ AFL 
Configure for fuzzing:



    $ sudo apt-get install afl-clang

    $ CC=afl-clang-fast ./config enable-fuzz-afl no-shared

    $ CC=afl-clang-fast ./config enable-fuzz-afl no-shared -DPEDANTIC \

        enable-tls1_3 enable-weak-ssl-ciphers enable-rc5 enable-md2 \

        enable-ssl3 enable-ssl3-method enable-nextprotoneg \

        enable-ec_nistp_64_gcc_128

    $ make



The following options can also be enabled: enable-asan, enable-ubsan, enable-msan



Run one of the fuzzers:



    $ afl-fuzz -i fuzz/corpora/$FUZZER -o fuzz/corpora/$FUZZER/out fuzz/$FUZZER