libprotobuf-mutator bindings for Python using Atheris.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aidenhall from gravatar.com aidenhall Avatar for jvoisin from gravatar.com jvoisin Avatar for TheShiftedBit from gravatar.com TheShiftedBit

Unverified details

These details have not been verified by PyPI
Project links
Meta

Project description

Libprotobuf-mutator: Python bindings for Atheris

Structure-aware Fuzzing with Protocol Buffers

Atheris supports custom mutators (as offered by LibFuzzer) to produce grammar-aware inputs.

Protocol buffers are an example of structured types that are hard to fuzz with generic mutation-based fuzzers. Libprotobuf-mutator bindings for Atheris allow to generate protocol buffer inputs for your fuzzing targets using custom mutators.

Apart from fuzzing targets that take protocol buffers as input, it's also possible to use protocol buffers as an intermediate representation for fuzzing complex input types. See the docs on using Protocol Buffers As Intermediate Format for fuzzing.

Getting Started

Prerequisite

Install Atheris

pip3 install atheris

Install

Installing libprotobuf-mutator for Atheris from source requires bazel. Visit https://docs.bazel.build/versions/master/install.html for installation instructions.

Then run:

pip3 install .

Example usage

Using Atheris with Libprotobuf-mutator is similar to using plain Atheris. The main difference is that the function under test will receive a proto of the given format, instead of a bytes array.

You can specify the proto format using the atheris_libprotobuf_mutator.Setup() function, which substitutes the regular atheris.Setup() function.

import atheris
import atheris_libprotobuf_mutator
import sys

import example_proto_pb2


@atheris.instrument_func
def TestOneProtoInput(msg):
  # msg will be an ExampleMessage as specified in the Setup() function below.
  if msg.example_value == 13371337:
    raise RuntimeError('Crash!')


if __name__ == '__main__':
  atheris_libprotobuf_mutator.Setup(
      sys.argv, TestOneProtoInput, proto=example_proto_pb2.ExampleMessage)
  atheris.Fuzz()

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aidenhall from gravatar.com aidenhall Avatar for jvoisin from gravatar.com jvoisin Avatar for TheShiftedBit from gravatar.com TheShiftedBit

Unverified details

These details have not been verified by PyPI
Project links
Meta

Release history Release notifications | RSS feed

This version

0.1.2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

atheris_libprotobuf_mutator-0.1.2.tar.gz (7.6 kB view details)

Uploaded Source

File details

Details for the file atheris_libprotobuf_mutator-0.1.2.tar.gz.

File metadata

  • Download URL: atheris_libprotobuf_mutator-0.1.2.tar.gz
  • Upload date:
  • Size: 7.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.6.1 requests/2.26.0 setuptools/49.2.1 requests-toolbelt/0.9.1 tqdm/4.52.0 CPython/3.8.6

File hashes

Hashes for atheris_libprotobuf_mutator-0.1.2.tar.gz
Algorithm Hash digest
SHA256 6e716261c859664dda4e583573d0e5a72622bb8e71721ed5c596489a218a1c86
MD5 bbc960c7320d1251de7c7f811bb7a4b7
BLAKE2b-256 ab13b68aceb41c9b517908bb4235a3d62320a82c8df55505af6665d0eed20322

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page