Document the recommended parameters for fuzzing

[openssl.git] / fuzz / README.md

diff --git a/fuzz/README.md b/fuzz/README.md
index e8596a7b680b36c75e40a575f3bff2532a8dfa2b..e0d2eb68fba0724b7bd85c47e24bd483054145a7 100644 (file)
--- a/fuzz/README.md
+++ b/fuzz/README.md
@@ -3,7 +3,7 @@
 LibFuzzer
 =========
 
-Or, how to fuzz OpenSSL with [libfuzzer](llvm.org/docs/LibFuzzer.html).
+Or, how to fuzz OpenSSL with [libfuzzer](http://llvm.org/docs/LibFuzzer.html).
 
 Starting from a vanilla+OpenSSH server Ubuntu install.
 
@@ -38,7 +38,12 @@ Configure for fuzzing:
     $ CC=clang ./config enable-fuzz-libfuzzer \
             --with-fuzzer-include=../../svn-work/Fuzzer \
             --with-fuzzer-lib=../../svn-work/Fuzzer/libFuzzer \
-            enable-asan enable-ubsan no-shared
+            -DPEDANTIC enable-asan enable-ubsan no-shared \
+            -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION \
+            -fsanitize-coverage=edge,indirect-calls,8bit-counters \
+            enable-ec_nistp_64_gcc_128 -fno-sanitize=alignment enable-tls1_3 \
+            enable-weak-ssl-ciphers enable-rc5 enable-md2 \
+            enable-ssl3 enable-ssl3-method enable-nextprotoneg
     $ sudo apt-get install make
     $ LDCMD=clang++ make -j
     $ fuzz/helper.py $FUZZER
@@ -56,9 +61,14 @@ AFL
 Configure for fuzzing:
 
     $ sudo apt-get install afl-clang
-    $ CC=afl-clang-fast ./config enable-fuzz-afl no-shared
+    $ CC=afl-clang-fast ./config enable-fuzz-afl no-shared -DPEDANTIC \
+        enable-tls1_3 enable-weak-ssl-ciphers enable-rc5 enable-md2 \
+        enable-ssl3 enable-ssl3-method enable-nextprotoneg \
+        enable-ec_nistp_64_gcc_128
     $ make
 
+The following options can also be enabled: enable-asan, enable-ubsan, enable-msan
+
 Run one of the fuzzers:
 
     $ afl-fuzz -i fuzz/corpora/$FUZZER -o fuzz/corpora/$FUZZER/out fuzz/$FUZZER