Fuzzing Linux fuse implemented filesystems

[lael.c...@gmail.com]

Hi,

Most Linux filesystems based on fuse are pure user space programs that mount a file that can be fuzzed as input to a directory.

But filesystems contains several types of structures that aren’t parsed by just mounting the filesystem.

Such actions are typically triggered by writing or listing file contents of directories recursively.

There’s already AFL_POST_LIBRARY, would it possible to have something like AFL_DURING_LIBRARY please ?

AFL_DURING_LIBRARY would be started after the process is started but before it is ending (in the current case it would have the responsibility to terminate the process through a umount() system call after having recursively opened all files on the less than 1Mb Test case).

It would allow to test most fuse base filesystems without any modifications to the code, and of course, I suspect there’s would be other benefits in other use cases, isn’t it ?