Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-03-03 03:39:30 -05:00
Code Issues Packages Projects Releases Wiki Activity

Update fuzz testing instructions

Browse Source 
* Also fix env var name
This commit is contained in:
Jonathan White 2025-02-09 09:15:20 -05:00
parent 41b6247178
commit 518dd71de6
4 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/cli/Utils.cpp
View File

@ -226,7 +226,7 @@ namespace Utils
#ifdef __AFL_COMPILER #ifdef __AFL_COMPILER
// Fuzz test build takes password from environment variable to // Fuzz test build takes password from environment variable to
// allow non-interactive operation // allow non-interactive operation
const auto env = getenv("KEYPASSXC_AFL_PASSWORD"); const auto env = getenv("KEEPASSXC_AFL_PASSWORD");
return env ? env : ""; return env ? env : "";
#else #else
auto& in = STDIN; auto& in = STDIN;

8
docs/FuzzTest.md → utils/fuzz-testing/README.md
View File

@ -27,7 +27,7 @@ A special "instrumented build" is used that allows the fuzzer to look into the p
$ CXX=afl-g++ AFL_HARDEN=1 cmake -DWITH_XC_ALL=ON .. $ CXX=afl-g++ AFL_HARDEN=1 cmake -DWITH_XC_ALL=ON ..
$ make $ make
In the source code, special behavior for fuzz testing can be implemented with `#ifdef __AFL_COMPILER`. For example, in fuzz builds, the KeePassXC CLI takes the database password from environment variable `KEYPASSXC_AFL_PASSWORD` to allow non-interactive operation. In the source code, special behavior for fuzz testing can be implemented with `#ifdef __AFL_COMPILER`. For example, in fuzz builds, the KeePassXC CLI takes the database password from environment variable `KEEPASSXC_AFL_PASSWORD` to allow non-interactive operation.
## Prepare Fuzzer Input ## Prepare Fuzzer Input
@ -35,18 +35,18 @@ To get the fuzzer started, we provide empty password database files (the passwor
$ cd buildafl $ cd buildafl
$ mkdir -p findings/testcases $ mkdir -p findings/testcases
$ cp ../share/empty*.kdbx findings/testcases $ cp ../utils/fuzz-testing/empty*.kdbx findings/testcases
The fuzzer works by running KeePassXC with variations of this input, mutated in ways that make the program crash or hang. The fuzzer works by running KeePassXC with variations of this input, mutated in ways that make the program crash or hang.
## Run The Fuzzer ## Run The Fuzzer
$ cd buildafl $ cd buildafl
$ KEYPASSXC_AFL_PASSWORD=secret afl-fuzz -i findings/testcases -o findings -m 2000 -t 1000 src/cli/keepassxc-cli ls @@ $ KEEPASSXC_AFL_PASSWORD=secret afl-fuzz -i findings/testcases -o findings -m 2000 -t 1000 src/cli/keepassxc-cli ls @@
This fuzz-tests the `ls` command of the KeePassXC CLI, which loads and decrypts a database file and then lists its contents. The parameters mean: This fuzz-tests the `ls` command of the KeePassXC CLI, which loads and decrypts a database file and then lists its contents. The parameters mean:
* `KEYPASSXC_AFL_PASSWORD=secret`: In fuzz test builds, the KeePassXC CLI takes the database password from this environment variable. * `KEEPASSXC_AFL_PASSWORD=secret`: In fuzz test builds, the KeePassXC CLI takes the database password from this environment variable.
* `-i findings/testcases`: The directory which contains the initial fuzzer input. * `-i findings/testcases`: The directory which contains the initial fuzzer input.
* `-o findings`: The directory in which to store fuzzer results. * `-o findings`: The directory in which to store fuzzer results.
* `-m 2000`: Fuzzer memory (in megabytes). Adjust as required if the fuzzer fails to start up. * `-m 2000`: Fuzzer memory (in megabytes). Adjust as required if the fuzzer fails to start up.

0
share/empty3.kdbx → utils/fuzz-testing/empty3.kdbx
View File

0
share/empty4.kdbx → utils/fuzz-testing/empty4.kdbx
View File