New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Coverage Evaluation #242
Comments
Related: StateAFL -K bug: |
AFLnwe: -f .tmp-file to workaround short read race condition. -> Does not work, fix is to just use a malloc buffer race condition probably happend because openssl was exiting directly |
Execution plan:
The final result of this evaluation will be:
Rediscover vulns:
(optional)
|
Pain points during evaluation
|
|
Running s_server with --rand-state=0 does not work -> crash |
GCC and Clang calculate coverage differently, some seeses |
Q: TLS-Anvil client versions? wolfssl client 1.2/1.3, openssl client 1.2/1.3 Let TLS-Anvil choose. |
Renegotiatoin Info in 5.3.0 is incompatible with TLS-Anvil: tls-attacker/TLS-Attacker#152 |
Had to fight this one: profuzzbench/profuzzbench#6 |
Fixed coverage misses when generating it. flush on exit |
read_from_terminal was the issue with aflnwe stuck coverage on OpenSSL |
Observed issues during this evaluation:
|
Targets:
Fuzzers/Testers:
Methodology:
Option A)
Issues:
Option B)
-fprofile-arcs -ftest-coverage
!TODO
Adjust coverage filters for profuzzbench
Compile without optimizations
Verify and check ASAN usage (max 1 campaign in parallel with ASAN!) #244
Enable 1.2 and 1.3 (wolfssl: -v d -7 3)
profuzzbench
tlspuffin
TLSAnvil
Generate max. coverage from TLS-Anvil with OpenSSL
Coverage with TLS-Anvil when testing an OpenSSL 1.1.1j server:
Generate max. coverage from TLS-Anvil with wolfSSL
Precompiled(Instead of precompiled I validated that the max. line count matches across all campaign evaluations)The text was updated successfully, but these errors were encountered: