Fuzz v6 #3914
Fuzz v6 #3914
Conversation
For all modes : fuzz, unit tests, real suricata, etc...
And ways to compile them with enable-fuzztargets at configure time
| @@ -6,8 +6,11 @@ noinst_HEADERS = action-globals.h \ | |||
| suricata-common.h threadvars.h tree.h \ | |||
| util-validate.h | |||
| bin_PROGRAMS = suricata | |||
| if BUILD_FUZZTARGETS | |||
| bin_PROGRAMS += fuzz_applayerprotodetectgetproto fuzz_applayerparserparse fuzz_siginit fuzz_confyamlloadstring fuzz_decodepcapfile fuzz_sigyamlpcap | |||
There was a problem hiding this comment.
can you update this to have a ~80 char line limit?
| suricata_LDADD = $(HTP_LDADD) $(RUST_LDADD) | ||
| suricata_LDADD = $(RUST_SURICATA_LIB) $(HTP_LDADD) $(RUST_LDADD) | ||
|
|
||
| fuzz_applayerprotodetectgetproto_SOURCES = tests/fuzz/fuzz_applayerprotodetectgetproto.c $(COMMON_SOURCES) |
There was a problem hiding this comment.
can we unify these more? Its kind of ugly to have this list of similar blocks
There was a problem hiding this comment.
I spent some hours looking for a solution to this. Do you have any idea/pointer ? For some macro-like function for Makefile.am files...
| fuzz_applayerprotodetectgetproto_SOURCES = tests/fuzz/fuzz_applayerprotodetectgetproto.c $(COMMON_SOURCES) | ||
| fuzz_applayerprotodetectgetproto_LDFLAGS = $(all_libraries) ${SECLDFLAGS} | ||
| fuzz_applayerprotodetectgetproto_LDADD = $(RUST_SURICATA_LIB) $(HTP_LDADD) $(RUST_LDADD) | ||
| if HAVE_LIBFUZZINGENGINE |
There was a problem hiding this comment.
when would we not have this?
There was a problem hiding this comment.
For instance, CI does not need libFuzzingEngine to build the fuzz targets with the simple driver onefile.c
I use it as well to debug and reproduce crashes
|
|
||
| if (alp_tctx == NULL) { | ||
| InitGlobal(); | ||
| run_mode = RUNMODE_UNITTEST; |
There was a problem hiding this comment.
It made sense to me that fuzzing was some kind of testing.
What does that imply ?
| suricata.delayed_detect = 1; | ||
|
|
||
| SupportFastPatternForSigMatchTypes(); | ||
| //PostConfLoadedSetup(&suricata); |
There was a problem hiding this comment.
why isn't this used instead?
Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/2859
Describe changes:
Modifies #3908 with needed rebase
I think that it will be useful to merge this code as continuous fuzzing will find more bugs than I did running these targets 10 minutes or less and finding already #3877 and #3890
What is left to be done before merging this ?
Are the following items relevant ? Is there anything else ?
fuzz_openFilePostConfLoadedSetupto init.cShould we already start oss-fuzz integration on a specific branch ? cf https://github.com/catenacyber/oss-fuzz/blob/ac9d0d47951f7c884b33ca26920717a27b84abee/projects/suricata/Dockerfile#L31