From: Remi Gacogne Date: Tue, 5 Sep 2023 16:10:40 +0000 (+0200) Subject: Better formatting of the fuzzing README X-Git-Tag: rec-5.0.0-alpha1~20^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a38ba9e0d5ad40f5aa4fc6203571c893efdf7401;p=thirdparty%2Fpdns.git Better formatting of the fuzzing README --- diff --git a/fuzzing/README.md b/fuzzing/README.md index f8ec89d190..ca26a8b100 100644 --- a/fuzzing/README.md +++ b/fuzzing/README.md @@ -4,39 +4,39 @@ Fuzzing the PowerDNS products This repository contains several fuzzing targets that can be used with generic fuzzing engines like AFL and libFuzzer. -These targets are built by passing the --enable-fuzz-targets option to the +These targets are built by passing the `--enable-fuzz-targets` option to the configure of the authoritative server and dnsdist, then building them as usual. You can also build only these targets manually by going into the pdns/ directory -and issuing a 'make fuzz_targets' command for the authoritative server, -or going into the pdns/dnsdistdist and issuing a 'make fuzz_targets' command for +and issuing a `make fuzz_targets` command for the authoritative server, +or going into the pdns/dnsdistdist and issuing a `make fuzz_targets` command for dnsdist. The current targets cover: -- the auth and rec packet cache (fuzz_target_packetcache) ; -- MOADNSParser (fuzz_target_moadnsparser) ; -- the Proxy Protocol parser (fuzz_target_proxyprotocol) ; -- the HTTP parser we use (YaHTTP, fuzz_target_yahttp) ; -- ZoneParserTNG (fuzz_target_zoneparsertng). -- Parts of the ragel-generated parser (parseRFC1035CharString in - fuzz_target_dnslabeltext) ; -- the dnsdist packet cache (fuzz_target_dnsdistcache). +- the auth and rec packet cache (`fuzz_target_packetcache`) ; +- MOADNSParser (`fuzz_target_moadnsparser`) ; +- the Proxy Protocol parser (`fuzz_target_proxyprotocol`) ; +- the HTTP parser we use (YaHTTP, `fuzz_target_yahttp`) ; +- ZoneParserTNG (`fuzz_target_zoneparsertng`). +- Parts of the ragel-generated parser (`parseRFC1035CharString` in + `fuzz_target_dnslabeltext`) ; +- the dnsdist packet cache (`fuzz_target_dnsdistcache`). By default the targets are linked against a standalone target, -standalone_fuzz_target_runner.cc, which does no fuzzing but makes it easy +`standalone_fuzz_target_runner.cc`, which does no fuzzing but makes it easy to check a given test file, or just that the fuzzing targets can be built properly. -This behaviour can be changed via the LIB_FUZZING_ENGINE variable, for example -by setting it to -lFuzzer, building with clang by setting CC=clang CXX=clang++ -before running the configure and adding '-fsanitize=fuzzer-no-link' to CFLAGS -and CXXFLAGS. Doing so instructs the compiler to instrument the code for -efficient fuzzing but not to link directly with -lFuzzer, which would make +This behaviour can be changed via the `LIB_FUZZING_ENGINE` variable, for example +by setting it to `-lFuzzer`, building with clang by setting `CC=clang CXX=clang++` +before running the `configure` and adding `-fsanitize=fuzzer-no-link` to `CFLAGS` +and `CXXFLAGS`. Doing so instructs the compiler to instrument the code for +efficient fuzzing but not to link directly with `-lFuzzer`, which would make the compilation tests done during the configure phase fail. Sanitizers ---------- In order to catch the maximum of issues during fuzzing, it makes sense to -enable the ASAN and UBSAN sanitizers via --enable-asan and --enable-ubsan +enable the `ASAN` and `UBSAN` sanitizers via `--enable-asan` and `--enable-ubsan` options to the configure, or to set the appropriate flags directly. Corpus @@ -45,20 +45,20 @@ Corpus This directory contains a few files used for continuous fuzzing of the PowerDNS products. -The 'corpus' directory contains three sub-directories: -- http-raw-payloads/ contains HTTP payloads of queries, used by - fuzz_target_yahttp ; -- proxy-protocol-raw-packets/ contains DNS queries prefixed with a Proxy - Protocol v2 header, used by fuzz_target_proxyprotocol ; -- raw-dns-packets/ contains DNS queries and responses as captured on - the wire. These are used by the fuzz_target_dnsdistcache, - fuzz_target_moadnsparser and fuzz_target_packetcache targets ; -- zones/ contains DNS zones, used by the fuzz_target_zoneparsertng +The `corpus` directory contains three sub-directories: +- `http-raw-payloads/` contains HTTP payloads of queries, used by + `fuzz_target_yahttp` ; +- `proxy-protocol-raw-packets/` contains DNS queries prefixed with a Proxy + Protocol v2 header, used by `fuzz_target_proxyprotocol` ; +- `raw-dns-packets/` contains DNS queries and responses as captured on + the wire. These are used by the `fuzz_target_dnsdistcache`, + `fuzz_target_moadnsparser` and `fuzz_target_packetcache` targets ; +- `zones/` contains DNS zones, used by the `fuzz_target_zoneparsertng` target. When run in the OSS-Fuzz environment, the zone files from the -regression-tests/zones/ directory are added to the ones present -in the fuzzing/corpus/zones/ directory. +`regression-tests/zones/` directory are added to the ones present +in the `fuzzing/corpus/zones/` directory. Quickly getting started (using clang 11) ----------------------------------------