nim-eth/tests/fuzzing
Jordan Hrycaj 5ecbcb5886
Using unsigned types for message type and requst IDs (#722)
* Using unsigned types for message type and requst IDs

why:
  Negative values are neither defined for RLP nor in the protocol specs
  which refer to the RLPs (see yellow paper app B clause (199).

* Fix `int` argument (must be `uint`) in fuzzing tests

why:
  Not part of all tests so it slipped through.
2024-08-30 17:27:09 +00:00
..
discovery Fix some typos (#557) 2022-11-16 17:44:00 +01:00
discoveryv5 Update discv5 to use non deprecated ENR calls and simplify code (#710) 2024-06-27 16:18:21 +02:00
enr Update discv5 to use non deprecated ENR calls and simplify code (#710) 2024-06-27 16:18:21 +02:00
rlp rlp: refresh code (#683) 2024-05-26 09:58:24 +02:00
rlpx Using unsigned types for message type and requst IDs (#722) 2024-08-30 17:27:09 +00:00
fuzzing_helpers.nim Build fuzzing tests in CI and fix current fuzzing tests (#396) 2021-09-07 16:00:01 +02:00
readme.md Update fuzzing readme.md 2020-07-21 10:58:14 +02:00

readme.md

Fuzzing Tests

This directory contains a set of subdirectories which hold one or more test cases that can be used for fuzzing. The fuzzing test cases use the fuzzing templates from nim-testutils.

For more details see the fuzzing readme of nim-testutils.

Some of the subdirectories also hold corpus generation tooling in order to have some corpus files to start fuzzing from.

Prerequisites

As explained in nim-testutils fuzzing readme, first install the fuzzer you want to run.

Next install nim-testutils its ntu application.

E.g. by running the nim-testutils nimble install:

nimble install testutils

How to run

To start fuzzing a test case run following command:

# Rlp fuzzing with libFuzzer
ntu fuzz --fuzzer:libFuzzer rlp/rlp_decode
# Rlp fuzzing with afl
ntu fuzz --fuzzer:afl rlp/rlp_decode

Or another example:

# ENR fuzzing with libFuzzer
ntu fuzz --fuzzer:libFuzzer enr/fuzz_enr
# ENR fuzzing with afl
ntu fuzz --fuzzer:afl enr/fuzz_enr

Manual adjustments

The ntu application is still very limited in its functionality. Many of the underlying fuzzer functionality is not available for adjustment so you might want to configure the setup in a more manual way.

How to do this is briefly explained here for afl and here for libFuzzer.