mirror of
https://github.com/monero-project/monero.git
synced 2024-12-13 20:06:32 +02:00
841231e5bd
Existing tests: block, transaction, signature, cold outputs, cold transaction. Data for these is in tests/data/fuzz. A convenience shell script is in contrib/fuzz_testing/fuzz.sh, eg: contrib/fuzz_testing/fuzz.sh signature The fuzzer will run indefinitely, ^C to stop. Fuzzing is currently supported for GCC only. I can't get CLANG to build Monero here as it dies on some system headers, so if someone wants to make it work on both, that'd be great. In particular, the __AFL_LOOP construct should be made to work so that a given run can fuzz multiple inputs, as the C++ load time is substantial.
22 lines
543 B
Bash
Executable File
22 lines
543 B
Bash
Executable File
#!/bin/sh
|
|
|
|
AFLFUZZ=$(which afl-fuzz)
|
|
if ! test -x "$AFLFUZZ"
|
|
then
|
|
echo "afl-fuzz not found - install american-fuzzy-lop"
|
|
exit 1
|
|
fi
|
|
|
|
type="$1"
|
|
if test -z "$type"
|
|
then
|
|
echo "usage: $0 block|transaction|signature|cold-outputs|cold-transaction"
|
|
exit 1
|
|
fi
|
|
case "$type" in
|
|
block|transaction|signature|cold-outputs|cold-transaction) ;;
|
|
*) echo "usage: $0 block|transaction|signature|cold-outputs|cold-transaction"; exit 1 ;;
|
|
esac
|
|
|
|
afl-fuzz -i tests/data/fuzz/$type -m 150 -t 250 -o fuzz-out/$type build/fuzz/tests/fuzz/${type}_fuzz_tests
|