docker build -f Dockerfile_AFLGO -t aflgo:latest .
docker run --rm -ti -v "/tmp/path/to/mount/code:/tmp/volume" aflgo:latest /bin/bash
The last command starts a container and mounts /tmp/path/to/mount/code
to /tmp/volume
in the container.
This can be used to compile the code and apply the fuzzing to get the results on the host machine.
The images are based on Debian Bullseye and contain the LLVM Version 11 and the source code with binaries from AFLGo. Also, the packages tmux, htop, nano and vim are installed.
Dockerfile_AFLGO
: For Fuzzing with AFLGoDockerfile_DFFBOT
: For Fuzzing Distance-guided fuzzing on binaries (AFLGo on binaries)Dockerfile_AFL-QEMU
: For fuzzing with QEMU without distance-guided and on the base of AFLGo (old AFL)
Preparing run and then:
for i in $(seq 0 9)
do
timeout -s INT -k 10 8h $AFLGO/afl-fuzz -m none -z exp -c 45m -i in -o "out_$i" $SUBJECT/xmllint --valid --recover @@
done
timeout
for aborting the command after n time units.- The for loop to run the experiment 10 times.
- If QEMU should be applied, supply
-Q
to afl-fuzz.
Ensure that clang is used and not afl-clang-fast to prevent the instrumentation of the binaries.
export CXX=clang++
export CC=clang