Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds support for dictionaries containing interesting keywords (tokens) that are useful for the mutation of inputs while fuzzing, particularly, when fuzzing syntax-aware programs (dvyukov#174). This modification allows to provide the
-dict
flag to go-fuzz, so that the user can provide a dictionary file with useful tokens for the fuzzing campaign. E.g.:The tokens parsed from the dictionary are stored in
ROData.strLits
, as those are the string literals that are used by the mutator engine when generating new fuzzing inputs.The dictionary format that is accepted by the
-dict
flag is the same that is used by AFL/Libfuzzer (see https://github.com/google/AFL/tree/master/dictionaries).This dictionary format defines that there is one token per line. Every line consists of a name followed by an equal sign and the token in quotes (e.g.
name=”token”
). It is also possible to define binary sequences by providing the values in hex (e.g.\xNN
) within the token. To insert a backslash or a double quote within the token, it has to be escaped using a backslash (e.g.\\
or\”
).\n
and\t
are recognized as well, since they might be useful for text-based protocols. Other problematic characters can be added by providing its hex value.To make this implementation fully compatible with AFL/Libfuzzer’s dictionaries, token levels are supported. A level can be appended to every token, by appending
@<num>
to the keyword, e.g.keyword@1=”token”
These tokens will be loaded only, if the dictionary level is equal to or greater than the specified number. The default dictionary level is 0, but it can be increased by appending
@<num>
to the dictionary path. E.g.: