Last active
July 11, 2019 13:17
-
-
Save yevgenypats/c939b165321260f1ef05774be2b6a017 to your computer and use it in GitHub Desktop.
Exiv2 AFL setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# install git, cmake, zlib, libexpat | |
apt update && apt install -y git build-essential cmake zlib1g-dev libexpat1-dev | |
# install afl | |
git clone https://github.com/mirrorer/afl | |
cd afl | |
make && make install | |
cd .. | |
# Download and compile the vulnerable exiv2 version (as it's already fixed in master) | |
git clone https://github.com/fuzzitdev/exiv2 --branch libfuzzer_integration_vanilla exiv2 | |
cd exiv2 | |
export CC=`which afl-gcc` | |
export CXX=`which afl-g++` | |
mkdir build | |
cd build | |
cmake .. -DCMAKE_BUILD_TYPE=Release | |
cmake --build . | |
# Run AFL | |
mkdir in | |
mkdir out | |
# just use random png for the seed corpus | |
wget -O in/1.png https://www.fnordware.com/superpng/pnggrad8rgb.png | |
afl-fuzz -i in -o out ./bin/exiv2 @@ | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment