commit | e8c86435ae3ee1d1753e2036d74025230b51918e | [log] [tgz] |
---|---|---|
author | Vitaly Buka <vitalybuka@chromium.org> | Fri Dec 09 19:49:43 2016 -0800 |
committer | Vitaly Buka <vitalybuka@google.com> | Fri Dec 16 22:14:36 2016 +0000 |
tree | 3d17d68ce18c7bc1755093807a16f00cf02ff75b | |
parent | bec522238f264ff97da25cf5b323429b54c68bc8 [diff] |
Added TODOs for kcc's offline comments. Change-Id: I546c9a67047d9dc952a7ec076ccd50c3496056b4 Reviewed-on: https://team-review.git.corp.google.com/57055 Reviewed-by: Vitaly Buka <vitalybuka@google.com>
libprotobuf-mutator is a library to randomly mutate protobuffers.
It could be used together with guided fuzzing engines, such as libFuzzer.
Install prerequisites:
sudo apt-get update sudo apt-get install binutils cmake ninja-build
Compile and test everything:
mkdir build cd build cmake ../cmake/ -GNinja -DCMAKE_BUILD_TYPE=Debug ninja check
To use libprotobuf-mutator simply include protobuf_mutator.h and protobuf_mutator.cc into your build files.
The ProtobufMutator
class implements mutations of the protobuf tree structure and mutations of individual fields. The field mutation logic is very basic -- for better results you should override the ProtobufMutator::Mutate*
methods with more sophisticated logic, e.g. using libFuzzer's mutators.
To apply one mutation to a protobuf object do the following:
class MyProtobufMutator : public ProtobufMutator { public: MyProtobufMutator(uint32_t seed) : ProtobufMutator(seed) {} // Optionally redefine the Mutate* methods to perform more sophisticated mutations. } void Mutate(MyMessage* message) { MyProtobufMutator mutator(my_random_seed); mutator.Mutate(message, 100, 200); }
See also the ProtobufMutatorMessagesTest.UsageExample
test from protobuf_mutator_test.cc.
TODO