c944a70056
* linux kernel (x509_cert) and process fuzzing example * rework filters * update to latest qemu * working for process and kernel fuzzing * new i2s mutator for binary only fuzzers * refactoring modules with new filtering interface * add state as parameter of harness * hide unused global in usermode * Script for stub bindings generation * do not try to check whether it is worth generating the bindings, always generate when the env variable is on. * add taplo to fmt_all.sh * Moved fuzzers (again) in a target-centric way. * fix rust 2024 warnings. * new libafl_qemu harness structure. * rename qemu_systemmode into qemu_baremetal * fix qemu baremetal makefile * fix formatter --------- Co-authored-by: Toka <tokazerkje@outlook.com>
20 lines
1.0 KiB
Markdown
20 lines
1.0 KiB
Markdown
# Fuzzbench Harness (text)
|
|
|
|
This folder contains an example fuzzer tailored for fuzzbench.
|
|
It uses the best possible setting, with the exception of a SimpleRestartingEventManager instead of an LlmpEventManager - since fuzzbench is single threaded.
|
|
Real fuzz campaigns should consider using multithreaded LlmpEventManager, see the other examples.
|
|
|
|
This fuzzer autodetect if the passed-in tokens and the initial inputs are text or binary data, and enables Grimoire in case of text.
|
|
|
|
## Build
|
|
|
|
To build this example, run `cargo build --release`.
|
|
This will build the fuzzer compilers (`libafl_cc` and `libafl_cpp`) with `src/lib.rs` as fuzzer.
|
|
The fuzzer uses the libfuzzer compatibility layer and the SanitizerCoverage runtime functions for coverage feedback.
|
|
|
|
These can then be used to build libfuzzer harnesses in the software project of your choice.
|
|
Finally, just run the resulting binary with `out_dir`, `in_dir`.
|
|
|
|
In any real-world scenario, you should use `taskset` to pin each client to an empty CPU core, the lib does not pick an empty core automatically (yet).
|
|
|