Steps to reproduce ( in Alibaba Cloud Linux 3 with openssl 1.1.1 and clang 15.0.7)
# 1.install clang
yum install -y clang
# 2.build in the host mode
cmake -DRATS_TLS_BUILD_MODE="host" -DBUILD_SAMPLES=on -DBUILD_FUZZ=on -H. -Bbuild
make -C build install
# 3. generate random corpus
cd /usr/share/rats-tls/fuzz
mkdir corpus && cd corpus
base64 /dev/urandom | head -c 1500000 > random.txt
cd ..
# 4. run fuzz program
./fuzz_init -max_len=1500000 -len_control=0 corpus
you can use nullattester,nullverifier,nulltls , nullcrypto to replace the randon instance selection in fuzz_init.cc to make memory leak more easily to trigger.
forfuzz_init.txt you should change its suffix into fuzz_init.cpp and change the correponding Cmake file name too
error.log is the output of libfuzzer output
Steps to reproduce ( in Alibaba Cloud Linux 3 with openssl 1.1.1 and clang 15.0.7)
you can use
nullattester
,nullverifier
,nulltls
,nullcrypto
to replace the randon instance selection infuzz_init.cc
to make memory leak more easily to trigger. forfuzz_init.txt
you should change its suffix intofuzz_init.cpp
and change the correponding Cmake file name tooerror.log
is the output of libfuzzer outputThe error is
as the screenshot shows, see full content in
fuzz.log
![image](https://github.com/inclavare-containers/rats-tls/assets/55319684/bbbe98e fuzz.log CMakeLists.txtfuzz_init.txt