diff options
| author | van Hauser <vh@thc.org> | 2021-11-30 10:56:02 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-11-30 10:56:02 +0100 |
| commit | edbf41f78619162071987a44b46ab7f739bb85c1 (patch) | |
| tree | 3be630bc3a5d1ea65f3bb49863b37ff5b9d688c4 /docs/known_limitations.md | |
| parent | 235bb3235e45a81eb2b524f3a76346d91a163e3d (diff) | |
| parent | 8968bee836ecde0fa2427b84b2f3ac85c276958f (diff) | |
| download | afl++-edbf41f78619162071987a44b46ab7f739bb85c1.tar.gz | |
Merge pull request #1172 from llzmb/docs_cleanup_folder_2
Clean up docs folder
Diffstat (limited to 'docs/known_limitations.md')
| -rw-r--r-- | docs/known_limitations.md | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/docs/known_limitations.md b/docs/known_limitations.md deleted file mode 100644 index a68c0a85..00000000 --- a/docs/known_limitations.md +++ /dev/null @@ -1,36 +0,0 @@ -# Known limitations & areas for improvement - -Here are some of the most important caveats for AFL: - - - AFL++ detects faults by checking for the first spawned process dying due to - a signal (SIGSEGV, SIGABRT, etc). Programs that install custom handlers for - these signals may need to have the relevant code commented out. In the same - vein, faults in child processes spawned by the fuzzed target may evade - detection unless you manually add some code to catch that. - - - As with any other brute-force tool, the fuzzer offers limited coverage if - encryption, checksums, cryptographic signatures, or compression are used to - wholly wrap the actual data format to be tested. - - To work around this, you can comment out the relevant checks (see - utils/libpng_no_checksum/ for inspiration); if this is not possible, - you can also write a postprocessor, one of the hooks of custom mutators. - See [custom_mutators.md](custom_mutators.md) on how to use - `AFL_CUSTOM_MUTATOR_LIBRARY` - - - There are some unfortunate trade-offs with ASAN and 64-bit binaries. This - isn't due to any specific fault of afl-fuzz. - - - There is no direct support for fuzzing network services, background - daemons, or interactive apps that require UI interaction to work. You may - need to make simple code changes to make them behave in a more traditional - way. Preeny may offer a relatively simple option, too - see: - [https://github.com/zardus/preeny](https://github.com/zardus/preeny) - - Some useful tips for modifying network-based services can be also found at: - [https://www.fastly.com/blog/how-to-fuzz-server-american-fuzzy-lop](https://www.fastly.com/blog/how-to-fuzz-server-american-fuzzy-lop) - - - Occasionally, sentient machines rise against their creators. If this - happens to you, please consult [https://lcamtuf.coredump.cx/prep/](https://lcamtuf.coredump.cx/prep/). - -Beyond this, see [INSTALL.md](INSTALL.md) for platform-specific tips. |