examples: libjpeg and libpng fuzzer
2 files changed
tree: 47f8d3c330d17a213efd7474c00e91da47f3e9db
  1. android/
  2. docs/
  3. examples/
  4. libhfuzz/
  5. linux/
  6. mac/
  7. posix/
  8. third_party/
  9. tools/
  10. .gitignore
  11. .gitmodules
  12. arch.h
  13. CHANGELOG
  14. cmdline.c
  15. cmdline.h
  16. common.h
  17. CONTRIBUTING
  18. COPYING
  19. display.c
  20. display.h
  21. files.c
  22. files.h
  23. fuzz.c
  24. fuzz.h
  25. honggfuzz.c
  26. log.c
  27. log.h
  28. Makefile
  29. mangle.c
  30. mangle.h
  31. README.md
  32. report.c
  33. report.h
  34. sancov.c
  35. sancov.h
  36. sanitizers.c
  37. sanitizers.h
  38. subproc.c
  39. subproc.h
  40. util.c
  41. util.h
README.md

honggfuzz

Description

A security oriented, feedback-driven, evolutionary, easy-to-use fuzzer with interesting analysis options. See USAGE for details

Code

Requirements

  • Linux - The BFD library (libbfd-dev) and libunwind (libunwind-dev/libunwind8-dev)
  • FreeBSD - gmake
  • Android - Android SDK/NDK. Also see this detailed doc on how to build and run it
  • Windows - CygWin
  • Darwin/OS X - Xcode 10.8+
  • if Clang/LLVM is used - the BlocksRuntime Library (libblocksruntime-dev)

Trophies

The tool has been used to find a few interesting security problems in major software packages; Examples:

Examples

The examples directory contains code demonstrating (among others) how to use honggfuzz to find bugs in the OpenSSL library and in the Apache web server.

Other

This is NOT an official Google product.