Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

testing: support custom dictionaries in fuzzer #46508

Open
rolandshoemaker opened this issue Jun 2, 2021 · 0 comments
Open

testing: support custom dictionaries in fuzzer #46508

rolandshoemaker opened this issue Jun 2, 2021 · 0 comments

Comments

@rolandshoemaker
Copy link
Member

@rolandshoemaker rolandshoemaker commented Jun 2, 2021

#46507 suggests multiple strategies which make use of automatically generated dictionaries of interesting values. It is likely also valuable to allow users to generate their own dictionaries of interesting values, as is supported by AFL and libFuzzer, that the mutation engine can pull from.

The easiest solution for encoding the values is likely to use a similar encoding scheme to AFL and libFuzzer, so existing dictionaries can be easily reused. Both use quoted strings with \x byte encoding, e.g.:

"blah"
"\"ac\\dc\""
"\xF7\xF8"
"foo\x0Abar"

AFL and libFuzzer support prefixing these values with a keyword (i.e. name="blah"), but do not use the name for anything. It seems reasonable to support this, so dictionaries can be directly imported, but to just ignore these values. Lines prefixed with # are ignored.

These dictionaries could be consumed from the testdata folder, similarly to the testdata/corpus seed inputs, and by extending the testing.F API with something like func (f *F) AddDictionaryEntry([]byte).

@katiehockman katiehockman added this to the Backlog milestone Sep 14, 2021
@rsc rsc changed the title [dev.fuzz] testing: support custom dictionaries testing: support custom dictionaries in fuzzer Sep 21, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants