Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(267)

Unified Diff: third_party/afl/src/docs/QuickStartGuide.txt

Issue 2075883002: Add American Fuzzy Lop (afl) to third_party/afl/ (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix nits Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/afl/src/docs/INSTALL ('k') | third_party/afl/src/docs/README » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/afl/src/docs/QuickStartGuide.txt
diff --git a/third_party/afl/src/docs/QuickStartGuide.txt b/third_party/afl/src/docs/QuickStartGuide.txt
new file mode 100644
index 0000000000000000000000000000000000000000..59752e6df43b74c98e9f7d28e981551098fdd6ef
--- /dev/null
+++ b/third_party/afl/src/docs/QuickStartGuide.txt
@@ -0,0 +1,48 @@
+=====================
+AFL quick start guide
+=====================
+
+You should read docs/README. It's pretty short. If you really can't, here's
+how to hit the ground running:
+
+1) Compile AFL with 'make'. If build fails, see docs/INSTALL for tips.
+
+2) Find or write a reasonably fast and simple program that takes data from
+ a file or stdin, processes it in a test-worthy way, then exits cleanly.
+ If testing a network service, modify it to run in the foreground and read
+ from stdin. When fuzzing a format that uses checksums, comment out the
+ checksum verification code, too.
+
+ The program must crash properly when a fault is encountered. Watch out for
+ custom SIGSEGV or SIGABRT handlers and background processes.
+
+3) Compile the program / library to be fuzzed using afl-gcc. A common way to
+ do this would be:
+
+ CC=/path/to/afl-gcc CXX=/path/to/afl-g++ ./configure --disable-shared
+ make clean all
+
+ If program build fails, ping <afl-users@googlegroups.com>.
+
+4) Get a small but valid input file that makes sense to the program. When
+ fuzzing verbose syntax (SQL, HTTP, etc), create a dictionary as described in
+ testcases/README.testcases, too.
+
+5) If the program reads from stdin, run 'afl-fuzz' like so:
+
+ ./afl-fuzz -i testcase_dir -o findings_dir -- \
+ /path/to/tested/program [...program's cmdline...]
+
+ If the program takes input from a file, you can put @@ in the program's
+ command line; AFL will put an auto-generated file name in there for you.
+
+6) Investigate anything shown in red in the fuzzer UI by promptly consulting
+ docs/status_screen.txt.
+
+That's it. Sit back, relax, and - time permitting - try to skim through the
+following files:
+
+ - docs/README - A general introduction to AFL,
+ - docs/perf_tips.txt - Simple tips on how to fuzz more quickly,
+ - docs/status_screen.txt - An explanation of the tidbits shown in the UI,
+ - docs/parallel_fuzzing.txt - Advice on running AFL on multiple cores.
« no previous file with comments | « third_party/afl/src/docs/INSTALL ('k') | third_party/afl/src/docs/README » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698