From 97e2e1d641016cd7b74848b9560e3771f092c1ea Mon Sep 17 00:00:00 2001 From: dergoegge Date: Tue, 12 Sep 2023 14:09:21 +0100 Subject: [fuzz] Use afl++ shared-memory fuzzing Using shared-memory is faster than reading from stdin, see https://github.com/AFLplusplus/AFLplusplus/blob/7d2122e0596132f9344a5d0896020ebc79cd33db/instrumentation/README.persistent_mode.md --- src/test/fuzz/fuzz.cpp | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/src/test/fuzz/fuzz.cpp b/src/test/fuzz/fuzz.cpp index c20cbde05f..f5697f14b1 100644 --- a/src/test/fuzz/fuzz.cpp +++ b/src/test/fuzz/fuzz.cpp @@ -29,6 +29,10 @@ #include #include +#ifdef __AFL_FUZZ_INIT +__AFL_FUZZ_INIT(); +#endif + const std::function G_TEST_LOG_FUN{}; /** @@ -188,7 +192,7 @@ int main(int argc, char** argv) { initialize(); static const auto& test_one_input = *Assert(g_test_one_input); -#ifdef __AFL_INIT +#ifdef __AFL_HAVE_MANUAL_CONTROL // Enable AFL deferred forkserver mode. Requires compilation using // afl-clang-fast++. See fuzzing.md for details. __AFL_INIT(); @@ -197,12 +201,10 @@ int main(int argc, char** argv) #ifdef __AFL_LOOP // Enable AFL persistent mode. Requires compilation using afl-clang-fast++. // See fuzzing.md for details. + const uint8_t* buffer = __AFL_FUZZ_TESTCASE_BUF; while (__AFL_LOOP(1000)) { - std::vector buffer; - if (!read_stdin(buffer)) { - continue; - } - test_one_input(buffer); + size_t buffer_len = __AFL_FUZZ_TESTCASE_LEN; + test_one_input({buffer, buffer_len}); } #else std::vector buffer; -- cgit v1.2.3