Skip to content

Instantly share code, notes, and snippets.

@jonatack

jonatack/bitcoin-fuzzing.md

Created April 12, 2019 14:11
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jonatack/5179fd1842414147c2e691ba0e871310 to your computer and use it in GitHub Desktop.
Save jonatack/5179fd1842414147c2e691ba0e871310 to your computer and use it in GitHub Desktop.
Download ZIP
bitcoin fuzzing
Raw
bitcoin-fuzzing.md 
/bitcoin/src# $AFLPATH
/afl-2.52b: Is a directory

/bitcoin/src# $AFLOUT
/qa-assets/outputs: Is a directory

/bitcoin/src# $DIR_FUZZ_IN
/qa-assets/fuzz_seed_corpus: Is a directory

/bitcoin/src# $FUZZ_TARGET
bash: address_deserialize: command not found

/bitcoin/src# ls -lha test/fuzz/
total 916K
drwxr-xr-x 4 jon jon 4.0K Apr 12 15:35 .
drwxr-xr-x 7 jon jon  20K Apr 12 15:27 ..
-rwxrwxrwx 1 jon jon 686K Apr 12 15:27 address_deserialize-deserialize.o
-rwxrwxrwx 1 jon jon 173K Apr 12 15:27 address_deserialize-fuzz.o
drwxr-xr-x 2 jon jon 4.0K Apr 12 15:27 .deps
-rw-r--r-- 1 jon jon 4.8K Apr 12 12:49 deserialize.cpp
-rw-r--r-- 1 jon jon    0 Apr 12 14:39 .dirstamp
-rw-r--r-- 1 jon jon 1.9K Apr  8 13:06 fuzz.cpp
-rw-r--r-- 1 jon jon  410 Apr  8 13:06 fuzz.h
drwxr-xr-x 2 jon jon 4.0K Apr 12 14:46 .libs
-rw-r--r-- 1 jon jon 2.4K Apr  8 13:06 script_flags.cpp


/bitcoin/src# $AFLPATH/afl-fuzz -i ${DIR_FUZZ_IN}/${FUZZ_TARGET} -o ${AFLOUT}/${FUZZ_TARGET} -m52 -- test/fuzz/${FUZZ_TARGET}
afl-fuzz 2.52b by <lcamtuf@google.com>
[+] You have 4 CPU cores and 1 runnable tasks (utilization: 25%).
[+] Try parallel jobs - see docs/parallel_fuzzing.txt.
[*] Checking CPU core loadout...
[+] Found a free CPU core, binding to #0.
[*] Checking core_pattern...
[*] Checking CPU scaling governor...
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Scanning '/qa-assets/fuzz_seed_corpus/address_deserialize'...
[+] No auto-generated dictionary tokens to reuse.
[*] Creating hard links for all input files...
[*] Validating target binary...

[-] PROGRAM ABORT : Program 'test/fuzz/address_deserialize' not found or not executable
         Location : check_binary(), afl-fuzz.c:6821


/bitcoin/src# $AFLPATH/afl-fuzz -i ${DIR_FUZZ_IN}/${FUZZ_TARGET} -o ${AFLOUT}/${FUZZ_TARGET} -m52 -- test/fuzz/${FUZZ_TARGET}-deserialize.o
afl-fuzz 2.52b by <lcamtuf@google.com>
[+] You have 4 CPU cores and 1 runnable tasks (utilization: 25%).
[+] Try parallel jobs - see docs/parallel_fuzzing.txt.
[*] Checking CPU core loadout...
[+] Found a free CPU core, binding to #0.
[*] Checking core_pattern...
[*] Checking CPU scaling governor...
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Scanning '/qa-assets/fuzz_seed_corpus/address_deserialize'...
[+] No auto-generated dictionary tokens to reuse.
[*] Creating hard links for all input files...
[*] Validating target binary...
[*] Attempting dry run with 'id:000000,orig:073d39adf1ae4493fb00ce3df326a1279d550c64'...
[*] Spinning up the fork server...

[-] PROGRAM ABORT : Unable to execute target application ('test/fuzz/address_deserialize-deserialize.o')
         Location : init_forkserver(), afl-fuzz.c:2206
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment