Index of /ftp/unpacked/samba_master/lib/fuzzing

Name	Last modified	Size

Parent Directory		-
README.md	2024-04-24 06:25	2.2K
afl-fuzz-main.c	2024-04-24 06:25	1.6K
decode_ndr_X_crash	2024-04-24 06:25	4.3K
fuzz_cli_credentials_parse_string.c	2024-04-24 06:25	1.6K
fuzz_conditional_ace_blob.c	2024-04-24 06:25	4.4K
fuzz_dcerpc_parse_binding.c	2024-04-24 06:25	1.9K
fuzz_ldap_decode.c	2024-04-24 06:25	1.6K
fuzz_ldb_comparison_fold.c	2024-04-24 06:25	1.5K
fuzz_ldb_dn_explode.c	2024-04-24 06:25	1.4K
fuzz_ldb_ldif_read.c	2024-04-24 06:25	1.4K
fuzz_ldb_parse_binary_decode.c	2024-04-24 06:25	1.5K
fuzz_ldb_parse_control.c	2024-04-24 06:25	1.5K
fuzz_ldb_parse_tree.c	2024-04-24 06:25	1.3K
fuzz_lzxpress.c	2024-04-24 06:25	1.0K
fuzz_lzxpress_compress.c	2024-04-24 06:25	1.0K
fuzz_lzxpress_huffman_compress.c	2024-04-24 06:25	1.6K
fuzz_lzxpress_huffman_decompress.c	2024-04-24 06:25	1.3K
fuzz_lzxpress_huffman_round_trip.c	2024-04-24 06:25	1.7K
fuzz_lzxpress_round_trip.c	2024-04-24 06:25	1.5K
fuzz_ndr_X.c	2024-04-24 06:25	7.9K
fuzz_nmblib_parse_packet.c	2024-04-24 06:25	1.5K
fuzz_oLschema2ldif.c	2024-04-24 06:25	1.6K
fuzz_parse_lpq_entry.c	2024-04-24 06:25	1.6K
fuzz_reg_parse.c	2024-04-24 06:25	1.2K
fuzz_regfio.c	2024-04-24 06:25	1.6K
fuzz_sddl_access_check.c	2024-04-24 06:25	5.1K
fuzz_sddl_conditional_ace.c	2024-04-24 06:25	2.7K
fuzz_sddl_parse.c	2024-04-24 06:25	3.0K
fuzz_security_token_vs_descriptor.c	2024-04-24 06:25	1.9K
fuzz_sess_crypt_blob.c	2024-04-24 06:25	1.4K
fuzz_stable_sort.c	2024-04-24 06:25	1.8K
fuzz_stable_sort_r.c	2024-04-24 06:25	1.6K
fuzz_tiniparser.c	2024-04-24 06:25	1.2K
fuzzing.c	2024-04-24 06:25	804
fuzzing.h	2024-04-24 06:25	1.0K
oss-fuzz/	2024-04-24 06:25	-
patches/	2024-04-24 06:25	-
wscript_build	2024-04-24 06:25	8.4K

# Fuzzing Samba

See also https://wiki.samba.org/index.php/Fuzzing

Fuzzing supplies valid, invalid, unexpected or random data as input to a piece
of code. Instrumentation, usually compiler-implemented, is used to monitor for
exceptions such as crashes, assertions or memory corruption.

See [Wikipedia article on fuzzing](https://en.wikipedia.org/wiki/Fuzzing) for
more information.

# Honggfuzz

## Configure with fuzzing

Example command line to build binaries for use with
[honggfuzz](https://github.com/google/honggfuzz/):

```sh
./configure -C --without-gettext --enable-debug --enable-developer \
	--address-sanitizer --enable-libfuzzer --abi-check-disable \
	CC=.../honggfuzz/hfuzz_cc/hfuzz-clang \
	LINK_CC=.../honggfuzz/hfuzz_cc/hfuzz-clang
```


## Fuzzing tiniparser

Example for fuzzing `tiniparser` using `honggfuzz` (see `--help` for more
options):

```sh
make bin/fuzz_tiniparser && \
.../honggfuzz/honggfuzz --sanitizers --timeout 3 --max_file_size 256 \
  --rlimit_rss 100 -f .../tiniparser-corpus -- bin/fuzz_tiniparser
```

# AFL (american fuzzy lop)

## Configure with fuzzing

Example command line to build binaries for use with
[afl](http://lcamtuf.coredump.cx/afl/)

```sh
./configure -C --without-gettext --enable-debug --enable-developer \
	--enable-afl-fuzzer --abi-check-disable \
	CC=afl-gcc
```

## Fuzzing tiniparser

Example for fuzzing `tiniparser` using `afl-fuzz` (see `--help` for more
options):

```sh
make bin/fuzz_tiniparser build && \
afl-fuzz -m 200 -i inputdir -o outputdir -- bin/fuzz_tiniparser
```

# oss-fuzz

Samba can be fuzzed by Google's oss-fuzz system.  Assuming you have an
oss-fuzz checkout from https://github.com/google/oss-fuzz with Samba's
metadata in projects/samba, the following guides will help:

## Testing locally

https://google.github.io/oss-fuzz/getting-started/new-project-guide/#testing-locally

## Debugging oss-fuzz

See https://google.github.io/oss-fuzz/advanced-topics/debugging/

## Samba-specific hints

A typical debugging workflow is:

oss-fuzz$ python infra/helper.py shell samba
git fetch $REMOTE $BRANCH
git checkout FETCH_HEAD
lib/fuzzing/oss-fuzz/build_image.sh
compile

This will pull in any new Samba deps and build Samba's fuzzers.

# vim: set sw=8 sts=8 ts=8 tw=79 :