Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / honggfuzz / 41348213b51598e5a11b4f9f08bc7ad35166c24f / . / examples / openssl
tree: aff91939ed1acd728a055285e0a5db64f991a66d [path history] [tgz]
  1. corpus_client/
  2. corpus_privkey/
  3. corpus_server/
  4. corpus_x509/
  5. client.c
  6. compile_hfuzz_openssl_master.sh
  7. hf_rand_lib.h
  8. make.sh
  9. privkey.c
  10. README.md
  11. server.c
  12. x509.c
examples/openssl/README.md

Fuzzing OpenSSL

Requirements

  • honggfuzz
  • clang-4.0, or newer (5.0 works as well)
  • openssl 1.1.0 (or, the master branch from git)

Preparation

  1. Compile honggfuzz
  2. Unpack/Clone OpenSSL
$ git clone --depth=1 https://github.com/openssl/openssl.git
$ mv openssl openssl-master
  1. Edit compile_hfuzz_openssl_master.sh (e.g. add -fsanitize=address) and configure and compile OpenSSL
$ cd openssl-master
$ /home/jagger/src/honggfuzz/examples/openssl/compile_hfuzz_openssl_master.sh
  1. Prepare fuzzing binaries

The make.sh script will compile honggfuzz and libFuzzer binaries. Syntax:

make.sh [address|memory|undefined]

$ cd ..
$ /home/jagger/src/honggfuzz/examples/openssl/make.sh master address

Fuzzing

$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_server/ -z -P -- ./persistent.server.openssl.master
$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_client/ -z -P -- ./persistent.client.openssl.master
$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_x509/ -z -P -- ./persistent.x509.openssl.master
$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_privkey/ -z -P -- ./persistent.privkey.openssl.master