testingfuzzing

Understanding and different usage between libfuzzer and AFL


I'm a noob to fuzz area and looked AFL implementation.

AFL seems to replace stdin file descriptor to input file descriptor. Whenever the target program encounters standard input, the target program takes input from the input file, not the stdin.

So, my question is popped from on this.

Let's say we made a library and we'd like to unit test to find some implementation bug using fuzzer. In this case, we don't take any standard input, just takes only function parameters from developers who use our library. Therefore, AFL doesn't work in this case.

Libfuzzer seems proper solution in this case since generated input can be fed into our specific interesting function.

Is this right understand? or does AFL also can work as libfuzzer for the unit test?

Thank you


Solution

  • Afl supports feeding inputs through files, not only stdin. To test a library that receives input through arguments, you can write a simple executable that will open an input file, read it's contents, call the needed library functions with argument values read from this file and close the file.