fuzz: prototype for cross-language differential fuzzing #23915

issue stratospher openend this issue on December 30, 2021
  1. stratospher commented at 7:10 pm on December 30, 2021: contributor

    Since differential fuzzing is strongest when different programming languages are involved, I’d like to fuzz cpp code against python code.

    Solution: Use sockets to establish a TCP client/server connection.

    • Server - a python file which listens and accepts client communications from the fuzz target, performs the required operations in python and sends back the computed python output as a response back to the client.
    • Client - A fuzzing harness which can send requests to the python server to perform certain operations, receives python output computed in the server file and compares cpp output with the python output to see if they match.

    Since this requires a slight architectural change in the fuzzing harness to allow python subprocesses, I’d like to know if this solution is acceptable.

    Additional context I’ve implemented a prototype which performs cross-language differential fuzzing of chacha20 on this branch and would love to hear opinions/feedback on how to proceed.

    Test instructions

    1. Start server: python3 src/test/fuzz/script.py
    2. Run the fuzz test: FUZZ=crypto_diff_fuzz_pychacha20 src/test/fuzz/fuzz
  2. stratospher added the label Feature on Dec 30, 2021
  3. stratospher commented at 7:23 pm on December 30, 2021: contributor
    @MarcoFalke, @practicalswift Could you take a look?
  4. MarcoFalke added the label Brainstorming on Dec 30, 2021
  5. MarcoFalke added the label Tests on Dec 30, 2021
  6. MarcoFalke commented at 8:11 pm on December 30, 2021: member

    Maybe it would be easiest to start the project in a separate repository (outside of the main Bitcoin Core repo)? I do this myself for exploratory CI tasks.

    For the implementation, I can’t help you, since I don’t have background in differential fuzzing across processes.

  7. fanquake commented at 2:12 am on December 31, 2021: member

    Maybe it would be easiest to start the project in a separate repository

    I agree.

  8. fanquake commented at 1:54 pm on August 11, 2022: member
    Going to close this for now. Seems like exploring outside this repo is the way to start.
  9. fanquake closed this on Aug 11, 2022
  10. bitcoin locked this on Aug 11, 2023


stratospher MarcoFalke fanquake

Labels
Feature Brainstorming Tests

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-09-28 22:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me