<!entity p-intro SYSTEM "privoxy.sgml">
<!entity history SYSTEM "history.sgml">
<!entity seealso SYSTEM "seealso.sgml">
-<!entity p-version "3.0.26">
+<!entity p-version "3.0.27">
<!entity p-status "UNRELEASED">
<!entity % p-not-stable "INCLUDE">
<!entity % p-stable "IGNORE">
This file belongs into
ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
- $Id: developer-manual.sgml,v 2.73 2016/07/28 08:25:33 fabiankeil Exp $
+ $Id: developer-manual.sgml,v 2.83 2017/06/08 13:08:39 fabiankeil Exp $
Copyright (C) 2001-2016 Privoxy Developers https://www.privoxy.org/
See LICENSE.
</pubdate>
- <pubdate>$Id: developer-manual.sgml,v 2.73 2016/07/28 08:25:33 fabiankeil Exp $</pubdate>
+ <pubdate>$Id: developer-manual.sgml,v 2.83 2017/06/08 13:08:39 fabiankeil Exp $</pubdate>
<!--
</programlisting>
<para><emphasis>Note:</emphasis> This declares the rcs variables that should be
- added to the "show-proxy-args" page. If this is a brand new
+ added to the "show-version" page. If this is a brand new
creation by you, you are free to change the "Copyright" section
to represent the rights you wish to maintain.</para>
</para>
</sect2>
<!-- XXX: Document how to write test reports and where to send them -->
+
+ <!-- ~~~~~ New section ~~~~~ -->
+ <sect2 id="fuzzing"><title>Fuzzing Privoxy</title>
+ <para>
+ To make fuzzing more convenient, Privoxy can be configured
+ with --enable-fuzz which will result in the --fuzz option
+ becoming available.
+ </para>
+ <para>
+ Example (tested on ElectroBSD):
+ </para>
+ <programlisting>
+# Compile Privoxy with instrumentation for afl
+$ export CC=afl-clang
+$ export CFLAGS="-fsanitize=address -ggdb"
+$ export CPPFLAGS=-I/usr/local/include/
+$ export LDFLAGS="-fsanitize=address -L/usr/local/lib"
+$ export AFL_USE_ASAN=1
+$ export AFL_HARDEN=1
+$ ./configure --with-debug --enable-extended-host-patterns --enable-accept-filter --enable-no-gifs --enable-compression --enable-strptime-sanity-checks --enable-external-filters --enable-fuzz
+
+$ ./privoxy --fuzz
+Privoxy version 3.0.24 (http://www.privoxy.org/)
+Usage: ./privoxy [--config-test] [--chroot] [--help] [--no-daemon] [--pidfile pidfile] [--pre-chroot-nslookup hostname] [--user user[.group]] [--version] [configfile]
+ ./privoxy --fuzz fuzz-mode ./path/to/fuzzed/input [--stfu]
+
+Supported fuzz modes and the expected input:
+ action: Text to parse as action file.
+ client-request: Client request to parse. Currently incomplete
+ client-header: Client header to parse.
+ chunked-transfer-encoding: Chunk-encoded data to dechunk.
+ deflate: deflate-compressed data to decompress.
+ filter: Text to parse as filter file.
+ gif: gif to deanimate.
+ gzip: gzip-compressed data to decompress.
+ pcrs-substitute: A pcrs-substitute to compile. Not a whole pcrs job! Example: Bla $1 bla C $3 blah.
+ server-header: Server header to parse.
+ server-response: Server response to parse.
+
+The following fuzz modes read data from stdin if the 'file' is '-'
+ client-request
+ client-header
+ chunked-transfer-encoding
+ deflate
+ gif
+ gzip
+ pcrs-substitute
+ server-header
+ server-response
+
+Aborting
+
+$ export ASAN_OPTIONS='abort_on_error=1'
+$ mkdir input output
+$ echo '$1 bla fasel $2' > input/pcrs
+$ afl-fuzz -i input -o output -m none ~/git/privoxy/privoxy --fuzz pcrs-substitute - --stfu
+
+$ cat >input/pcrs.txt
+FILTER: bla fasel
+s@(.{1})[432](\d+)@$1$2$hostname@UgisT
+
+$ afl-fuzz -i input/ -o output/ -f bla.filter -m none privoxy --fuzz filter bla.filter --stfu
+</programlisting>
+ </sect2>
</sect1>
<!-- ~~~~~ New section ~~~~~ -->
<listitem>
<para>
Increment the version number (point from odd to even in development
- branches!) in <filename>configure.in</filename>. (RPM spec files
- will need to be incremented as well.)
+ branches!) in <filename>configure.in</filename> and update the code
+ status (CODE_STATUS="xxx") to one of "alpha", "beta" or "stable".
+ Rebuild configure and GNUMakefile to make sure the updated values are
+ being used.
</para>
</listitem>
<listitem>
<para>
- Update the code status (CODE_STATUS="xxx") to one of "alpha", "beta" or "stable".
+ Use the dok-release target to update the sgml documentation source files.
</para>
</listitem>
<listitem>
<para>
- If <filename>default.action</filename> has changed since last
- release (i.e. software release or standalone actions file release),
- bump up its version info to A.B in this line:
- </para>
- <para>
+ If action file processing has changed and is not backward-compatible,
+ make sure the "for-privoxy-version=x.y.z" minimum version number in
+ default.action.master has been updated:
<programlisting>
- {+add-header{X-Actions-File-Version: A.B} -filter -no-popups}
+{{settings}}
+#############################################################################
+#MASTER# COMMENT: The minimum Privoxy version:
+for-privoxy-version=3.0.11
</programlisting>
</para>
- <para>
- Then change the version info in doc/webserver/actions/index.php,
- line: '$required_actions_file_version = "A.B";'
- </para>
</listitem>
<listitem>
<para>
without the ability to build these). Some docs may require
rather obscure processing tools. <filename>config</filename>,
the man page (and the html version of the man page)
- fall in this category. REAMDE, the man page, AUTHORS, and config
+ fall in this category. README, the man page, AUTHORS, and config
should all also be committed to CVS for other packagers. The
formal docs should be uploaded to the webserver. See the
Section "Updating the webserver" in this manual for details.