mirror of
https://github.com/borgbackup/borg.git
synced 2024-12-27 10:18:12 +00:00
c786a5941e
This is a (relatively) simple state machine running in the data callbacks invoked by the msgpack unpacking stack machine (the same machine is used in msgpack-c and msgpack-python, changes are minor and cosmetic, e.g. removal of msgpack_unpack_object, removal of the C++ template thus porting to C and so on). Compared to the previous solution this has multiple advantages - msgpack-c dependency is removed - this approach is faster and requires fewer and smaller memory allocations Testability of the two solutions does not differ in my professional opinion(tm). Two other changes were rolled up; _hashindex.c can be compiled without Python.h again (handy for fuzzing and testing); a "small" bug in the cache sync was fixed which allocated too large archive indices, leading to excessive archive.chunks.d disk usage (that actually gave me an idea).
10 lines
361 B
Text
10 lines
361 B
Text
- Install AFL and the requirements for LLVM mode (see docs)
|
|
- Compile the fuzzing target, e.g.
|
|
|
|
AFL_HARDEN=1 afl-clang-fast main.c -o fuzz-target -O3
|
|
|
|
(other options, like using ASan or MSan are possible as well)
|
|
- Add additional test cases to testcase_dir
|
|
- Run afl, easiest (but inefficient) way;
|
|
|
|
afl-fuzz -i testcase_dir -o findings_dir ./fuzz-target
|