Categorygithub.com/scionproto/scionpkgslayersinternalfuzz
package
0.12.0
Repository: https://github.com/scionproto/scion.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
4
Dependents
0
Files
103 SLOC

# README

Fuzzing Targets for slayers

This package contains the fuzzing targets for the slayers package. There are multiple targets defined. The default Fuzz target fuzzes a full SCION packet decoding run. FuzzLayers fuzzes individual layers. Which layer that is fuzzed is determined by the first byte of the input. Furthermore, there is one target per layer for individual fuzzing.

Installation

To run fuzzing in your local environment, you need to have go-fuzz and go-fuzz-build available in your path.

See: go-fuzz

Start fuzzing

To start fuzzing, navigate to this directory and run:

go-fuzz-build --func Fuzz
cp -r ../../testdata corpus
go-fuzz

To run a different target, run:

go-fuzz --func FuzzSCION

Debugging crashers

Crashers will be stored in the crashers directory. Per crash, there are three files. The .output file contains the panic information. The .quoted file contains the quoted input data that lead to the crash.

Copy the string of the .quoted file and replace the input data in the appropriate testing function in fuzz_test.go. Now, you have a unit test that panics and can be debugged.

# Functions

Fuzz fuzzes a SCION packet.
FuzzEndToEndExtn is the fuzzing target for the EndToEnd extension.
FuzzHopByHopExtn is the fuzzing target for the HopByHop extension.
FuzzLayers is the target that fuzzes all layers.
FuzzSCION is the fuzzing target for the SCION header.
FuzzSCMP is the fuzzing target for the SCMP header.
FuzzSCMPEcho is the fuzzing target for SCMP Echo.
FuzzSCMPExternalInterfaceDown is the fuzzing target for SCMP ExternalInterfaceDown.
FuzzSCMPInternalConnectivityDown is the fuzzing target for SCMP InternalConnectivityDown.
FuzzSCMPTraceroute is the fuzzing target for SCMP Traceroute.
FuzzUDP is the fuzzing target for the UDP/SCION header.