I'm a noob to fuzz area and looked AFL implementation.
AFL seems to replace stdin
file descriptor to input file
descriptor. Whenever the target program encounters standard input, the target program takes input from the input file
, not the stdin
.
So, my question is popped from on this.
Let's say we made a library and we'd like to unit test to find some implementation bug using fuzzer. In this case, we don't take any standard input
, just takes only function parameters from developers who use our library. Therefore, AFL doesn't work in this case.
Libfuzzer
seems proper solution in this case since generated input can be fed into our specific interesting function.
Is this right understand? or does AFL also can work as libfuzzer
for the unit test?
Thank you
Afl supports feeding inputs through files, not only stdin
. To test a library that receives input through arguments, you can write a simple executable that will open an input file, read it's contents, call the needed library functions with argument values read from this file and close the file.