Project

General

Profile

Actions

Feature #2859

closed

Oss-fuzz integration

Added by Philippe Antoine almost 6 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:

Description

Here is a high level overview of what it would take (some steps overlap each other) :
- Identify the fuzz targets (ie the kind of inputs : packets, rules file, configuration file, etc…), see what has already been done for afl
- Write the fuzz targets, a code sample processing the input with suricata functions
- Compile the fuzz targets, ie compile some parts of Suricata as a static library
- Run, debug and profile
- Create corpuses, ie look into the tests for examples of input data
- Integrate into oss-fuzz (google repo)
- Fix found bugs
- Integrate tests with sanitizer support into CI


Related issues 4 (0 open4 closed)

Related to Suricata - Feature #1010: dns fuzzerClosedActions
Related to Suricata - Feature #1011: integrate fuzzer into buildbotClosedOISF DevActions
Related to Suricata - Bug #1937: rules: crashes and hangs reported by AFL+ASANClosedActions
Related to Suricata - Task #2920: syzbot addition to QAClosedOISF DevActions
Actions #1

Updated by Victor Julien over 5 years ago

  • Target version set to TBD
Actions #2

Updated by Philippe Antoine over 5 years ago

Actions #3

Updated by Philippe Antoine over 5 years ago

Actions #4

Updated by Philippe Antoine over 5 years ago

  • Related to Bug #1937: rules: crashes and hangs reported by AFL+ASAN added
Actions #5

Updated by Philippe Antoine over 5 years ago

  • Related to Task #2920: syzbot addition to QA added
Actions #6

Updated by Philippe Antoine almost 5 years ago

  • Status changed from New to Assigned
Actions #7

Updated by Philippe Antoine almost 5 years ago

  • Status changed from Assigned to In Review
Actions #8

Updated by Philippe Antoine over 4 years ago

  • Status changed from In Review to Closed
  • Target version changed from TBD to 6.0.0beta1
Actions

Also available in: Atom PDF