png-afl: document usage and minor tweaks, fixes #132

image-rs · May 5, 2019 · 610a93b · 610a93b
1 parent f6fc66d
commit 610a93b
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 7 deletions.
diff --git a/png-afl/.gitignore b/png-afl/.gitignore
@@ -0,0 +1 @@
+out
diff --git a/png-afl/Cargo.toml b/png-afl/Cargo.toml
@@ -4,7 +4,5 @@ version = "0.2.0"
 authors = ["Sergey Davidoff <shnatsel@gmail.com>", "Paul Grandperrin <paul.grandperrin@gmail.com>"]
 
 [dependencies]
-afl = "0.4.0"
-png = {path = "../"}
-
-
+afl = "0.4.3"
+png = { path = "../" }
diff --git a/png-afl/README.md b/png-afl/README.md
@@ -0,0 +1,17 @@
+## Build fuzzer binary
+
+RUSTFLAGS='-C codegen-units=1' cargo afl build
+
+NOTE: the RUSTFLAGS is only needed on Linux (and not if using gold linker), see https://github.com/rust-lang/rust/issues/53945
+
+
+## Run fuzzer
+
+    cargo afl fuzz -m 200 -i fuzzing_seeds -o out target/debug/png-afl
+
+NOTE: -m 200 sets memory limit to 200 mb. afl defaults to 50 megabytes memory usage. If we would not increase it, many invocations will exit with SIGABRT and look like crashes.
+
+
+### More info
+
+https://rust-fuzz.github.io/book/afl/tutorial.html
diff --git a/png-afl/src/main.rs b/png-afl/src/main.rs
@@ -1,3 +1,4 @@
+#[macro_use]
 extern crate afl;
 extern crate png;
 
@@ -25,8 +26,7 @@ fn png_decode(data: &[u8]) -> Result<(png::OutputInfo, Vec<u8>), ()> {
 }
 
 fn main() {
-    afl::fuzz(|data| {
-    //afl::read_stdio_bytes(|data| {
-        png_decode(&data);
+    fuzz!(|data: &[u8]| {
+        let _ = png_decode(&data);
     });
 }