Clap and README. Shall we switch to AFL: TBD

master
six 2021-12-06 20:29:47 +01:00
parent d8e7385e44
commit fa80435c41
3 changed files with 54 additions and 2 deletions

View File

@ -8,5 +8,5 @@ edition = "2021"
[dependencies] [dependencies]
wasmi = "0.9.1" wasmi = "0.9.1"
wabt = "0.10.0" wabt = "0.10.0"
clap = "3.0.0-beta.2" clap = "3.0.0-beta.5"
parity-wasm = "0.42.2" parity-wasm = "0.42.2"

19
README.md 100644
View File

@ -0,0 +1,19 @@
# Substrate WASM fuzzer
Community project for fuzzing WASM in Substrate.
Attack model: Attacker payload -> TX -> WASM Execution
## Example
# ./wasmfuzz -f <func> -n <n> -c <contract-file.wasm> -i <fuzzinput>
## Dev tasks
- Fuzzer logic/engine
- Fuzzer input
## Good question
Why don't we just use AFL? We could inject from TX entry func...
https://github.com/rust-fuzz/afl.rs
https://aflplus.plus/

View File

@ -1,6 +1,39 @@
extern crate clap;
use clap::{Arg, App}; use clap::{Arg, App};
fn main() { fn main() {
let app = App::new("hello-clap");
let iternum = Arg::with_name("n")
.long("num")
.takes_value(true)
.help("You need to specify the max number of iterations.")
.required(true);
let funcatk = Arg::with_name("f")
.long("func")
.takes_value(true)
.help("You need to specify the function to attack.")
.required(true);
let contractf = Arg::with_name("c")
.long("contract")
.takes_value(true)
.help("You need to specify the contract file's name.")
.required(true);
let app = app.arg(iternum);
let app = app.arg(funcatk);
let app = app.arg(contractf);
let matches = app.get_matches();
let iternumout = matches.value_of("iternum")
.expect("Required option.");
let funcatkout = matches.value_of("funcatk")
.expect("Required option.");
let contractfout = matches.value_of("contractf")
.expect("Required option.");
println!("Your options are: {} {} {}!", iternumout, funcatkout, contractfout);
} }