Fuzzing
Fuzzing faucet config with docker
First, get yourself setup with docker based on our Installing docker documentation.
Then you can build and run the afl-fuzz tests:
docker build -t faucet/config-fuzzer -f Dockerfile.fuzz-config .
docker run -d \
-u $(id -u $USER) \
--name config-fuzzer \
-v /var/log/afl/:/var/log/afl/ \
faucet/config-fuzzer
AFL then will run indefinitely. You can find the output in /var/log/afl/. You will then need to run the output configs with faucet to see the error produced.
Fuzzing faucet packet handling with docker
Build and run the afl-fuzz tests:
docker build -t faucet/packet-fuzzer -f Dockerfile.fuzz-packet .
docker run -d \
-u $(id -u $USER) \
--name packet-fuzzer \
-v /var/log/afl/:/var/log/afl/ \
-v /var/log/faucet/:/var/log/faucet/ \
-p 6653:6653 \
-p 9302:9302 \
faucet/packet-fuzzer
AFL will then fuzz the packet handling indefinitely. The afl output can be found in /var/log/afl/. To check the error produced by an afl crash file use display_packet_crash:
python3 tests/fuzzer/display_packet_crash.py /var/log/afl/crashes/X
Where X is the name of the crash file. The output can then be found in the faucet logs (/var/log/faucet/).