Fuzzing devilutionX #2846
Replies: 2 comments 1 reply
-
|
I think it would be really interesting, there are definitely issues that this would trip. Personally as things are at the moment there are other things that I would focus on for now, but I welcome anyone to work on this and I'm happy to help. Do I understand correctly that this relies on the code having unit tests already? |
Beta Was this translation helpful? Give feedback.
-
|
Unit tests not required. @StephenCWills hinted it may aid unit test development though. From my limited understanding and very basic overview, the corpus folder contains input files for devilutionX and fuzzing changes the input files until there is a crash then the resulting file is stored in results folder to reproduce the crash. Command line to open/run mpq, sv or hsv files? I'm guessing that would be the easiest way. Recent example on OpenMW: https://gitlab.com/OpenMW/openmw/-/merge_requests/1158 |
Beta Was this translation helpful? Give feedback.
-
|
Really cool idea @JohnsterID. I also think it would be very useful as it could help uncover buffer overflow issues, integer overflow/underflows, off-by-ones, etc. Did you try it out?? Was it difficult to set up the fuzzing tools or how far did you get? Cheers, |
Beta Was this translation helpful? Give feedback.
-
A while ago, @Chance4us mentioned the possibility of fuzzing on #2463.
If there is anyone out there that want to journey down that path, I wanted to highlight fuzzing on OpenMW that may help.
fuzzing · Wiki · OpenMW / openmw · GitLab
Finding bugs in OpenMW with AFL++ and honggfuzz
Beta Was this translation helpful? Give feedback.
All reactions