Skip to content

Commit 1fe0ec2

Browse files
PBetzlerPBetzler
committed
added slow input example information to the readme and slightly changed some wordings in the readme as well
1 parent 1c5f096 commit 1fe0ec2

File tree

1 file changed

+7
-1
lines changed

1 file changed

+7
-1
lines changed

README.md

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
# Testing C/C++ for Security and Reliability
66
Building robust C/C++ applications is a highly challenging endeavor that requires thorough testing. While C/C++ enables us to write high-performance code, the memory-unsafety nature of the language brings a broad spectrum of security risks. Memory corruption issues constitute the vast majority of bugs and security vulnerabilities found in C/C++ projects, and their impact is best demonstrated by the [Heartbleed](https://en.wikipedia.org/wiki/Heartbleed) bug on OpenSSL. Regular unit and integration tests are essential to test that our code functions correctly - they are not enough to uncover memory-corruption bugs. (Whitebox and smart) Fuzz testing on the other hand, has established itself as the best practical method to find these issues in large code bases such as Google Chrome.
77

8-
In this example, we demonstrate how you can use CI Fuzz to integrate fuzz testing into your C/C++ projects. The example project uses [CMake](https://cmake.org/) as the build system and contains the following use cases:
8+
In this example, we demonstrate how you can use CI Fuzz to integrate fuzz testing into your C/C++ projects. The example project uses [CMake](https://cmake.org/) as the build system and contains the following examples:
99
* [Simple Checks Example](src/simple_examples/explore_me.cpp#L10):
1010
A simple example that triggers a buffer over when the input parameters satisfy certain criteria.
1111
We show that CI Fuzz can quickly generate a test case that trigger this bug.
@@ -37,6 +37,12 @@ Execute with:
3737
```sh
3838
cifuzz run custom_mutator_example_checks_fuzz_test
3939
```
40+
* [Slow Input Example](src/advanced_examples/slow_input_checks_test.cpp#L17):
41+
An example that shows how the fuzzer can detect inputs that lead to a slow program execution.
42+
Execute with:
43+
```sh
44+
cifuzz run slow_input_checks_fuzz_test
45+
```
4046

4147

4248
To execute all fuzz tests at the same time, or calculate the code coverage for all, just skip the fuzz target name. Like:

0 commit comments

Comments
 (0)