Skip to content

How to properly use AFL++ docker image? #211

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
fuzzah opened this issue Feb 25, 2020 · 3 comments
Closed

How to properly use AFL++ docker image? #211

fuzzah opened this issue Feb 25, 2020 · 3 comments

Comments

@fuzzah
Copy link
Contributor

fuzzah commented Feb 25, 2020

Hi.
I've never used docker before :(

Q1
What i've come to so far is that to build AFLplusplus docker image, i should do the following:

$ git clone https://github.com/vanhauser-thc/AFLplusplus
$ cd AFLplusplus
$ sudo docker build -t aflplusplus .

Seems like docker build should be started as root, otherwise i receive error, that docker can't connect to docker daemon socket.
Also docker build requires path to directory that holds Dockerfile.

If that's correct, i suppose README.md needs to be updated accordingly.

Q2
I also noticed, that 32-bit libraries failed to build in docker container. Furthermore, in that case we're not able to quickly fix it by installing some additional packages and running make again, as AFLplusplus directory gets deleted at the end of docker build process. :(

Q3
I have built my image, and then i start container with this command:

# docker run -it --name afl --rm aflplusplus

There are afl-* binaries present with libraries like libdislocator.
How to use them? Should i somehow transfer sources of my tested projects to the container? In that case what about my billions of RHEL SourceRPM legacy dependencies?
Or should i take AFL binaries from container to my system? Neither of that?

Thanks in advance!
@vanhauser-thc
Copy link
Member

Hi fuzzah,

well the README is for people who know and use docker :) so your Q1 is rather obvious for those people ;) but I will update the readme for Q1.

Q2 - same. you can commit changes to a docker container, read up how to do that.

Q3 - same. you can import directory with the -v option. the dependencies should never be an issue as you need to compile (mostly) static to fuzz a target effieciently

@fuzzah
Copy link
Contributor Author

fuzzah commented Feb 25, 2020

@vanhauser-thc thank you.
Could you please explain what happens if i don't compile my fuzzed targets as static binaries in terms of efficiency? If i statically build my targets, what about libraries like libdislocator and sanitizers? I thought it's better to use them for efficiency in bugs discovery.

@vanhauser-thc
Copy link
Member

You build static the libraries you want to fuzz (e.g. with libxml2.a). but you would not compile all library static to your target (e.g. glibc)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vanhauser-thc @fuzzah