This repository is a fork of OSS-Fuzz project. OSS-Sydr-Fuzz contains open source software targets for sydr-fuzz that combines fuzzing (libFuzzer) with the power of dynamic symbolic execution (Sydr).
Each open source target project provides:
- Fuzz target for libFuzzer
- Fuzz target for Sydr
- Build script
- Dictionary
- Initial seed corpus
- Dockerfile that installs dependencies, builds targets, creates initial corpus, etc.
- Hybrid fuzzing configuration file for sydr-fuzz
- Instructions to start hybrid fuzzing
NOTE: Some listed above files may not be present or can be gathered from external repositories.
- capstone
- cjson
- freeimage
- image-rs
- lcms
- libcbor
- libjpeg-turbo
- openssl
- poco
- postgresql
- rapidjson
- re2
- sqlite3
- tarantool
- xlnt
Feel free to support new fuzz targets. The workflow is following:
- Compose targets for libFuzzer and Sydr.
- Prepare build script.
- Build Dockerfile with all targets.
- Provide sydr-fuzz configuration files.
- Write README with commands to run fuzzing.
- FreeImage:
- Tarantool:
Vishnyakov A., Fedotov A., Kuts D., Novikov A., Parygina D., Kobrin E., Logunova V., Belecky P., Kurmangaleev Sh. Sydr: Cutting Edge Dynamic Symbolic Execution. 2020 Ivannikov ISPRAS Open Conference (ISPRAS), IEEE, 2020, pp. 46-54. DOI: 10.1109/ISPRAS51486.2020.00014
@inproceedings{vishnyakov20,
title = {Sydr: Cutting Edge Dynamic Symbolic Execution},
author = {Vishnyakov, Alexey and Fedotov, Andrey and Kuts, Daniil and Novikov,
Alexander and Parygina, Darya and Kobrin, Eli and Logunova, Vlada
and Belecky, Pavel and Kurmangaleev, Shamil},
booktitle = {2020 Ivannikov ISPRAS Open Conference (ISPRAS)},
pages = {46--54},
year = {2020},
publisher = {IEEE},
doi = {10.1109/ISPRAS51486.2020.00014},
}