- <h2 class="SECT2"><a name="TESTING-REPORT" id="TESTING-REPORT">5.2.
- Test reports</a></h2>
-
- <p>Please submit test reports only with the <a href=
- "http://sourceforge.net/tracker/?func=add&group_id=11118&atid=395005"
- target="_top">test form</a> at sourceforge. Three simple steps:</p>
-
- <ul>
- <li>
- <p>Select category: the distribution you test on.</p>
- </li>
-
- <li>
- <p>Select group: the version of <span class=
- "APPLICATION">Privoxy</span> that we are about to release.</p>
- </li>
-
- <li>
- <p>Fill the Summary and Detailed Description with something
- intelligent (keep it short and precise).</p>
- </li>
- </ul>Do not mail to the mailing list (we cannot keep track on issues
- there).
+ <h2 class="SECT2"><a name="PRIVOXY-REGRESSION-TEST" id="PRIVOXY-REGRESSION-TEST">5.2. Testing with <span class=
+ "APPLICATION">Privoxy-Regression-Test</span></a></h2>
+ <p>If you compiled, packaged or merely installed Privoxy, it is recommended to run <span class=
+ "APPLICATION">Privoxy-Regression-Test</span> to verify that at least the tested parts of <span class=
+ "APPLICATION">Privoxy</span> are working as expected.</p>
+ <p>This is actually pretty easy. For details, please see <b class="COMMAND">perldoc
+ privoxy-regression-test.pl</b>.</p>
+ </div>
+ <div class="SECT2">
+ <h2 class="SECT2"><a name="FUZZING" id="FUZZING">5.3. Fuzzing Privoxy</a></h2>
+ <p>To make fuzzing more convenient, Privoxy can be configured with --enable-fuzz which will result in the --fuzz
+ option becoming available.</p>
+ <p>Example (tested on ElectroBSD):</p>
+ <table border="0" bgcolor="#E0E0E0" width="100%">
+ <tr>
+ <td>
+ <pre class="PROGRAMLISTING"># Compile Privoxy with instrumentation for afl
+$ export CC=afl-clang
+$ export CFLAGS="-fsanitize=address -ggdb"
+$ export CPPFLAGS=-I/usr/local/include/
+$ export LDFLAGS="-fsanitize=address -L/usr/local/lib"
+$ export AFL_USE_ASAN=1
+$ export AFL_HARDEN=1
+$ ./configure --with-debug --enable-extended-host-patterns --enable-accept-filter --enable-no-gifs --enable-compression --enable-strptime-sanity-checks --enable-external-filters --enable-fuzz
+
+$ ./privoxy --fuzz
+Privoxy version 3.0.24 (http://www.privoxy.org/)
+Usage: ./privoxy [--config-test] [--chroot] [--help] [--no-daemon] [--pidfile pidfile] [--pre-chroot-nslookup hostname] [--user user[.group]] [--version] [configfile]
+ ./privoxy --fuzz fuzz-mode ./path/to/fuzzed/input [--stfu]
+
+Supported fuzz modes and the expected input:
+ action: Text to parse as action file.
+ client-request: Client request to parse. Currently incomplete
+ client-header: Client header to parse.
+ chunked-transfer-encoding: Chunk-encoded data to dechunk.
+ deflate: deflate-compressed data to decompress.
+ filter: Text to parse as filter file.
+ gif: gif to deanimate.
+ gzip: gzip-compressed data to decompress.
+ pcrs-substitute: A pcrs-substitute to compile. Not a whole pcrs job! Example: Bla $1 bla C $3 blah.
+ server-header: Server header to parse.
+ server-response: Server response to parse.
+
+The following fuzz modes read data from stdin if the 'file' is '-'
+ client-request
+ client-header
+ chunked-transfer-encoding
+ deflate
+ gif
+ gzip
+ pcrs-substitute
+ server-header
+ server-response
+
+Aborting
+
+$ export ASAN_OPTIONS='abort_on_error=1'
+$ mkdir input output
+$ echo '$1 bla fasel $2' > input/pcrs
+$ afl-fuzz -i input -o output -m none ~/git/privoxy/privoxy --fuzz pcrs-substitute - --stfu
+
+$ cat >input/pcrs.txt
+FILTER: bla fasel
+s@(.{1})[432](\d+)@$1$2$hostname@UgisT
+
+$ afl-fuzz -i input/ -o output/ -f bla.filter -m none privoxy --fuzz filter bla.filter --stfu</pre>
+ </td>
+ </tr>
+ </table>