Fuzz SQLite
510 views
Skip to first unread message
florent...@gmail.com
May 4, 2015, 5:32:48 AM5/4/15
to afl-...@googlegroups.com
Hi.
I launched a fuzzing on SQLite for 4 days, and AFL has found nothing.
Could you say me if my command is good ?
./afl-fuzz -i /path/afl-1.74b/testcases/others/sql/ -o ./path/output/ -x ./testcases/_extras/sql/ -- /path/src/SQLite/build/fuzzershell -f @@
Also, someone has an advice for the issue ??
Thank you very much !
Flo
I launched a fuzzing on SQLite for 4 days, and AFL has found nothing.
Could you say me if my command is good ?
./afl-fuzz -i /path/afl-1.74b/testcases/others/sql/ -o ./path/output/ -x ./testcases/_extras/sql/ -- /path/src/SQLite/build/fuzzershell -f @@
Also, someone has an advice for the issue ??
Thank you very much !
Flo
Michal Zalewski
May 4, 2015, 10:32:09 AM5/4/15
to afl-users
> ./afl-fuzz -i /path/afl-1.74b/testcases/others/sql/ -o ./path/output/ -x
> ./testcases/_extras/sql/ -- /path/src/SQLite/build/fuzzershell -f @@
Looks OK, although you probably don't strictly need -f @@, since IIRC,
> ./testcases/_extras/sql/ -- /path/src/SQLite/build/fuzzershell -f @@
fuzzershell reads from stdin by default.
That said, SQLite folks started using AFL in continuous testing
(https://www.sqlite.org/draft/testing.html#aflfuzz) and fixed around
60 issues based on my reports, so it's not gonna be easy to hit
something new.
/mz
Reply all
Reply to author
Forward
0 new messages