cadey
/
nim-wiki
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Updated Fuzzing your nim code to rabbit out all the hard bugs (markdown)

This commit is contained in:
niv 2017-01-20 21:51:14 +01:00
parent 4038e2a564
commit e91892ccd8
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Fuzzing-your-nim-code-to-rabbit-out-all-the-hard-bugs.md
View File

@ -126,7 +126,7 @@ Then I'd strongly suggest to start reading up on afl if you want to employ it wi
## Testing for bugs in your code ## Testing for bugs in your code
By default AFL will identify segfaults and such but not vulnerabilities in your code. You can add extra assertions to be run only during the AFL test with: Please keep in mind that fuzzing is supposed to find the **unknown/unexpected** errors, not just the ones you are anticipating. Thus, whereever possible, err on the side of caution and consider all exceptions to be a failure state that will bite you in the butt once you ship. That said, you can use this nice template to trigger a AFL "crash" condition:
```nim ```nim
when defined(macosx) or defined(linux) or defined(freebsd) or when defined(macosx) or defined(linux) or defined(freebsd) or
@ -141,4 +141,4 @@ template AFLAssert*(cond: bool) =
discard posix.kill(pid, posix.SIGABRT) discard posix.kill(pid, posix.SIGABRT)
``` ```
Also add `-d:afl` to your nim.cfg to enable this. Then add `-d:afl` to your nim.cfg to enable this.