diff options
Diffstat (limited to 'docs/LibFuzzer.rst')
| -rw-r--r-- | docs/LibFuzzer.rst | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/docs/LibFuzzer.rst b/docs/LibFuzzer.rst index 0b785a325e698..a11baa720ec8d 100644 --- a/docs/LibFuzzer.rst +++ b/docs/LibFuzzer.rst @@ -87,10 +87,16 @@ Some important things to remember about fuzz targets: * Usually, the narrower the target the better. E.g. if your target can parse several data formats, split it into several targets, one per format. -Building --------- +Fuzzer Usage +------------ + +Very recent versions of Clang (> April 20 2017) include libFuzzer, +and no installation is necessary. +In order to fuzz your binary, use the `-fsanitize=fuzzer` flag during the compilation:: -Next, build the libFuzzer library as a static archive, without any sanitizer + clang -fsanitize=fuzzer,address mytarget.c + +Otherwise, build the libFuzzer library as a static archive, without any sanitizer options. Note that the libFuzzer library contains the ``main()`` function: .. code-block:: console @@ -728,6 +734,7 @@ to crash on invalid inputs. Examples: regular expression matchers, text or binary format parsers, compression, network, crypto. + Trophies ======== * GLIBC: https://sourceware.org/glibc/wiki/FuzzingLibc |