Steve Karg
94b3809a58
* Added reject in all confirmed service handlers, except GetEventInformation, when confirmed services with zero length occur which rejects with required parameters are missing message. * Refactored errno use in service using debug_perror. Changed debug_perror usage to debug_fprintf. * Updated file and function headers in basic/service modules. * Changed NDPU priority on confirmed messages to use requested NDPU priority. * Renamed debug_aprintf to debug_printf_stdout for clarity. * Convert most debug_fprintf usage to debug_print to reduce text bloat in AVR build
Getting Started
- Install AFL, ensure afl-gcc exists on the system:
$ afl-gcc
afl-cc 2.57b by <lcamtuf@google.com>
- Build via
make fuzz-aflfrom repository root - Clone a decent corpus
- Start AFL and feed it the input/output directories along with target executable
afl-fuzz -i </path/to/corpus/> -o </path/to/output_dir/> -m none ./apps/fuzz-afl/fuzz-afl
Caveats:
- This builds the target with ASAN (Address Sanitizer). This makes AFL require the
-m noneto not interpret ASAN's behavior as a crash - AFL uses a fork/exec model to launch the target. This is nice because each testcase is from a clean state. But this also brings in a lot of overhead. If you need something faster, check out ../fuzz-libfuzzer/