jepler/jepler.github.io
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
jepler.github.io/_posts/2018-03-26-Fuzz-testing-CircuitPython.html
Jeff Epler 906c71555b look & feel
2019-07-07 13:49:33 -05:00

52 lines
3 KiB
HTML
Raw Permalink Blame History

---
layout: post
title: Fuzz-testing CircuitPython
redirect_from:
- /01522108310
---
<body>
<div style="float:right;clear:right"><!-- afl-graphs.png--><div class=albumouter style=width:306px id=><div class=albumimage style="width:306px;margin-left:0px;"><a href="https://media.unpythonic.net/emergent-files/01522108310/afl-graphs-medium.jpg" class="thickbox" rel="album" title="afl-graphs"><img src="https://media.unpythonic.net/emergent-files/01522108310/afl-graphs-small.jpg" width=300 height=184></a><div ><div style="float: right" ><a href="https://media.unpythonic.net/emergent-files/01522108310/afl-graphs-medium.jpg">(M)</a><a href="https://media.unpythonic.net/emergent-files/01522108310/afl-graphs.png">(L)</a></div><a href="https://media.unpythonic.net/emergent-files/01522108310/afl-graphs.png">afl-graphs</a></div></div></div>
</div>
I've been hacking on <a href="https://github.com/adafruit/circuitpython">CircuitPython</a> lately.
A lot of what I've done is fix bugs found by <a href="http://lcamtuf.coredump.cx/afl/">afl</a>. Here's how to try it for yourself:
<p>I recommend that you use a throwaway virtual machine for this, because at one point afl-fuzz learned how to create files in the filesystem! that was a big surprise, waking up to a directory full of filenames like &quot;tesppppppppppppppppppppppppppppptfile&quot;!
<p>First, make sure you can build circuitpython's unix port. The steps are,
approximately,
<ol>
<li>Clone circuitpython
<li><tt>git submodule update --init --recursive</tt>
<li><tt>make -C ports/unix -j5 deplibs</tt>
<li><tt>make -C ports/unix -j5</tt>
</ol>
(you can review the .travis.yml file in the CircuitPython source tree for the packages they install on top of a regular Ubuntu system to get it building)
<p>Note that the executable is ports/unix/micropython even when you have
cloned circuitpython.
<p>Next, get afl from <a href="http://lcamtuf.coredump.cx/afl/">http://lcamtuf.coredump.cx/afl/</a>.
If you can, follow the instructions in llvm_mode/README.llvm to get
afl-clang-fast. Now, clean and rebuild:
<ol>
<li><tt>make -C ports/unix clean</tt>
<li><tt>make -C ports/unix CC=/path/to/afl-clang-fast -j5 deplibs</tt>
<li><tt>make -C ports/unix CC=/path/to/afl-clang-fast -j5</tt>
</ol>
(If you couldn't use afl-clang-fast, then use CC=afl-clang or CC=afl-gcc)
<p>Prepare the testcases directory for afl-fuzz. I used a number of tests from tests/basic:
<ol>
<li><tt>mkdir testcases</tt>
<li><tt>cp tests/basics/*.py testcases</tt>
</ol>
<p>And start the fuzzer:
<ol>
<li><tt>/path/to/afl-fuzz -i testcases -o findings -- ports/unix/circuitpython</tt>
</ol>
<p>If you have any good findings, drop by the <a href="https://discord.gg/nBQh6qu">adafruit circuitpython discord</a> and let us know about them! Even better if you fix them.
<br><br><font size=-2>Entry first conceived on 26 March 2018, 23:51 UTC, last modified on 6 July 2019, 21:49 UTC</font>
</body>
</html><!--Imported with do-aether-page on Sat Jul 6 17:23:39 CDT 2019-->
Reference in a new issue View git blame Copy permalink