aboutsummaryrefslogtreecommitdiff
path: root/lib/mbedtls-2.27.0/programs/fuzz/README.md
diff options
context:
space:
mode:
authorAdam Harrison <adamdharrison@gmail.com>2023-07-06 06:37:41 -0400
committerAdam Harrison <adamdharrison@gmail.com>2023-07-06 06:37:41 -0400
commit9db10386430479067795bec66bb26343ff176ded (patch)
tree5ad0cf95abde7cf03afaf8f70af8549d46b09a46 /lib/mbedtls-2.27.0/programs/fuzz/README.md
parent57092d80cb07fa1a84873769fa92165426196054 (diff)
downloadlite-xl-plugin-manager-9db10386430479067795bec66bb26343ff176ded.tar.gz
lite-xl-plugin-manager-9db10386430479067795bec66bb26343ff176ded.zip
Removed old mbedtls, replacing with submodule.
Diffstat (limited to 'lib/mbedtls-2.27.0/programs/fuzz/README.md')
-rw-r--r--lib/mbedtls-2.27.0/programs/fuzz/README.md68
1 files changed, 0 insertions, 68 deletions
diff --git a/lib/mbedtls-2.27.0/programs/fuzz/README.md b/lib/mbedtls-2.27.0/programs/fuzz/README.md
deleted file mode 100644
index b6a4333..0000000
--- a/lib/mbedtls-2.27.0/programs/fuzz/README.md
+++ /dev/null
@@ -1,68 +0,0 @@
-What is it?
-------
-
-This directory contains fuzz targets.
-Fuzz targets are simple codes using the library.
-They are used with a so-called fuzz driver, which will generate inputs, try to process them with the fuzz target, and alert in case of an unwanted behavior (such as a buffer overflow for instance).
-
-These targets were meant to be used with oss-fuzz but can be used in other contexts.
-
-This code was contributed by Philippe Antoine ( Catena cyber ).
-
-How to run?
-------
-
-To run the fuzz targets like oss-fuzz:
-```
-git clone https://github.com/google/oss-fuzz
-cd oss-fuzz
-python infra/helper.py build_image mbedtls
-python infra/helper.py build_fuzzers --sanitizer address mbedtls
-python infra/helper.py run_fuzzer mbedtls fuzz_client
-```
-You can use `undefined` sanitizer as well as `address` sanitizer.
-And you can run any of the fuzz targets like `fuzz_client`.
-
-To run the fuzz targets without oss-fuzz, you first need to install one libFuzzingEngine (libFuzzer for instance).
-Then you need to compile the code with the compiler flags of the wished sanitizer.
-```
-perl scripts/config.py set MBEDTLS_PLATFORM_TIME_ALT
-mkdir build
-cd build
-cmake ..
-make
-```
-Finally, you can run the targets like `./test/fuzz/fuzz_client`.
-
-
-Corpus generation for network trafic targets
-------
-
-These targets use network trafic as inputs :
-* client : simulates a client against (fuzzed) server traffic
-* server : simulates a server against (fuzzed) client traffic
-* dtls_client
-* dtls_server
-
-They also use the last bytes as configuration options.
-
-To generate corpus for these targets, you can do the following, not fully automated steps :
-* Build mbedtls programs ssl_server2 and ssl_client2
-* Run them one against the other with `reproducible` option turned on while capturing trafic into test.pcap
-* Extract tcp payloads, for instance with tshark : `tshark -Tfields -e tcp.dstport -e tcp.payload -r test.pcap > test.txt`
-* Run a dummy python script to output either client or server corpus file like `python dummy.py test.txt > test.cor`
-* Finally, you can add the options by appending the last bytes to the file test.cor
-
-Here is an example of dummy.py for extracting payload from client to server (if we used `tcp.dstport` in tshark command)
-```
-import sys
-import binascii
-
-f = open(sys.argv[1])
-for l in f.readlines():
- portAndPl=l.split()
- if len(portAndPl) == 2:
- # determine client or server based on port
- if portAndPl[0] == "4433":
- print(binascii.unhexlify(portAndPl[1].replace(":","")))
-```