Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / honggfuzz / 795853e035a9c29bce351bf8dcef90d89f936260
commit795853e035a9c29bce351bf8dcef90d89f936260[log] [tgz]
authorAnestis Bechtsoudis <anestis@census-labs.com>Tue Oct 18 10:32:09 2016 +0300
committerAnestis Bechtsoudis <anestis@census-labs.com>Tue Oct 18 10:32:09 2016 +0300
treed013f099261fa4f9529f5534f3b586b4be41184c
parent06e7874ec811393e83c276e145bb96aa320a971c [diff]
[Android] Compile libhfuzz

libhfuzz is compiled as static library using the BUILD_STATIC_LIBRARY
template from Android NDK. The static library is added as "virtual"
dependency to main honggfuzz module, otherwise the build system
will ignore it since it detects that the module target is not used. The
libhfuzz extra cflags are matching the ones from master Makefile. Testing
of the libhfuzz is still pending since it requires clang 4.0 while Android is
still defaulting to 3.8.

Also tided-up a little bit the Android.mk so that common configuration is
shared at the top of the file for both target modules.

Finally an additional post build step was required to copy the generated
.a file into the project dir so that both output files are under the same file.
Static libraries compiled from NDK templates are not automatically added
to project output dirs since they purposed for internal dependencies by
default.

Signed-off-by: Anestis Bechtsoudis <anestis@census-labs.com>
2 files changed
tree: d013f099261fa4f9529f5534f3b586b4be41184c
  1. android/
  2. docs/
  3. examples/
  4. libhfuzz/
  5. linux/
  6. mac/
  7. posix/
  8. third_party/
  9. tools/
  10. .gitignore
  11. .gitmodules
  12. arch.h
  13. CHANGELOG
  14. cmdline.c
  15. cmdline.h
  16. common.h
  17. CONTRIBUTING
  18. COPYING
  19. display.c
  20. display.h
  21. files.c
  22. files.h
  23. fuzz.c
  24. fuzz.h
  25. honggfuzz.c
  26. log.c
  27. log.h
  28. Makefile
  29. mangle.c
  30. mangle.h
  31. README.md
  32. report.c
  33. report.h
  34. sancov.c
  35. sancov.h
  36. subproc.c
  37. subproc.h
  38. util.c
  39. util.h
README.md

honggfuzz

Description

  • A general-purpose, easy-to-use fuzzer with interesting analysis options. See USAGE for details
  • Supports several hardware-based (CPU) and software-based feedback-driven fuzzing methods
  • It works (at least) under GNU/Linux, FreeBSD, Mac OS X, Windows/CygWin and Android
  • Supports persistent modes of fuzzing (long-lived process calling a fuzzed API repeatedly) with libhfuzz
  • Can fuzz standalone long-lasting processes (e.g. network servers like Apache's httpd and ISC's bind)

Code

Requirements

  • Linux - The BFD library (libbfd-dev) and libunwind (libunwind-dev/libunwind8-dev)
  • FreeBSD - gmake
  • Android - Android SDK/NDK. Also see this detailed doc on how to build and run it
  • Windows - CygWin
  • Darwin/OS X - Xcode 10.8+
  • if Clang/LLVM is used - the BlocksRuntime Library (libblocksruntime-dev)

Trophies

The tool has been used to find a few interesting security problems in major software packages; Examples:

Other

This is NOT an official Google product.