You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Ken
22abc7086e
|
4 years ago | |
|---|---|---|
| .. | ||
| Makefile | 4 years ago | |
| README | 4 years ago | |
| config.h | 4 years ago | |
| fuzz.c | 4 years ago | |
| lwipopts.h | 4 years ago | |
| output_to_pcap.sh | 4 years ago | |
README
Fuzzing the lwIP stack (afl-fuzz requires linux/unix or similar)
This directory contains a small app that reads Ethernet frames from stdin and
processes them. It is used together with the 'american fuzzy lop' tool (found
at http://lcamtuf.coredump.cx/afl/) and the sample inputs to test how
unexpected inputs are handled. The afl tool will read the known inputs, and
try to modify them to exercise as many code paths as possible, by instrumenting
the code and keeping track of which code is executed.
Just running make will produce the test program.
Running make with parameter 'D=-DLWIP_FUZZ_MULTI_PACKET' will produce a binary
that parses the input data as multiple packets (experimental!).
Then run afl with:
afl-fuzz -i inputs/<INPUT> -o output ./lwip_fuzz
and it should start working. It will probably complain about CPU scheduler,
set AFL_SKIP_CPUFREQ=1 to ignore it.
If it complains about invalid "/proc/sys/kernel/core_pattern" setting, try
executing "sudo bash -c 'echo core > /proc/sys/kernel/core_pattern'"