[tor-bugs] #20893 [Core Tor/Tor]: Add a fuzzing harness for Tor

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jan 30 12:12:21 UTC 2017


#20893: Add a fuzzing harness for Tor
-----------------------------------+------------------------------------
 Reporter:  teor                   |          Owner:  nickm
     Type:  enhancement            |         Status:  merge_ready
 Priority:  Medium                 |      Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor           |        Version:
 Severity:  Normal                 |     Resolution:
 Keywords:  fuzz, review-group-15  |  Actual Points:
Parent ID:                         |         Points:  2
 Reviewer:                         |        Sponsor:
-----------------------------------+------------------------------------
Changes (by asn):

 * status:  needs_review => merge_ready


Comment:

 OK, I followed the guide and now it works fine. I fuzzed with `fuzz-http`
 and `fuzz-consensus` for a little while. I think this feature is ready to
 merge now.

 BTW, I think the docs are a bit vague here:
 {{{
 To Run:
   mkdir -p src/test/fuzz/fuzz_http_findings
   ../afl/afl-fuzz -i ${TOR_FUZZ_CORPORA}/http -o
 src/test/fuzz/fuzz_http_findings -m <asan-memory-limit> --
 src/test/fuzz_dir
 }}}
 since the last arg should be a fuzzing executable (like `src/test/fuzz
 /fuzz-http`) and not a non-existent directory (`src/test/fuzz_dir`).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20893#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list