blob: 0dfd9ae3877f773687cf53db48de7ebe03e32a40 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
# Fuzzing OpenSSL #
**Requirements**
* honggfuzz
* clang-4.0, or newer (5.0/6.0 work as well)
* openssl 1.1.0 (or, the master branch from git)
* libressl/boringssl/openssl-1.0.2 work as well, though they might require specific building instructions
**Preparation (for OpenSSL 1.1.0/master)**
1. Compile honggfuzz
2. Unpack/Clone OpenSSL
```shell
$ git clone --depth=1 https://github.com/openssl/openssl.git
$ mv openssl openssl-master
```
3. Use ```compile_hfuzz_openssl_master.sh``` to configure OpenSSL
```shell
$ cd openssl-master
$ /home/jagger/src/honggfuzz/examples/openssl/compile_hfuzz_openssl_master.sh [enable-asan|enable-msan|enable-ubsan]
```
4. Compile OpenSSL
```shell
$ make
```
5. Prepare fuzzing binaries
The _make.sh_ script will compile honggfuzz and libFuzzer binaries. Syntax:
```shell
make.sh <directory-with-open/libre/boring-ssl> [address|memory|undefined]
```
```shell
$ cd ..
$ /home/jagger/src/honggfuzz/examples/openssl/make.sh openssl-master address
```
**Fuzzing**
```shell
$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_server/ -P -- ./openssl-master.address.server
$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_client/ -P -- ./openssl-master.address.client
$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_x509/ -P -- ./openssl-master.address.x509
$ /home/jagger/src/honggfuzz/honggfuzz -f corpus_privkey/ -P -- ./openssl-master.address.privkey
```
|