Materials of "Modern fuzzing of C/C++ Projects" workshop.
The first version of the workshop had been presented at ZeroNights'16 security conference.
- 2-3 hours of your time
- Linux-based OS
- C/C++ experience (nothing special, but you need to be able to read, write and compile C/C++ code)
- a recent version of clang compiler. Distributions from package managers are too old and most likely won't work (the workshop called "modern", right?), you have two options:
sudo apt-get install -y make autoconf automake libtool pkg-config zlib1g-dev
Fuzzing experience is not required.
- An introduction to fuzz testing
- An example of traditional fuzzing
- Coverage-guided fuzzing
- Writing fuzzers (simple examples)
- Finding Heartbleed (CVE-2014-0160)
- Finding c-ares $100,000 bug (CVE-2016-5180)
- How to improve your fuzzer
- Fuzzing libxml2, learning how to improve the fuzzer and analyze performance
- Fuzzing libpng, learning an importance of seed corpus and other stuff
- Fuzzing re2
- Fuzzing pcre2
- Chromium integration & homework assignment
Building libFuzzer is extreemly easy:
cd libFuzzer Fuzzer/build.sh
libFuzzer repository could be found inside LLVM's compiler-rt project.