Changeset 1559 for zzuf


Ignore:
Timestamp:
Jan 5, 2007, 1:24:43 AM (14 years ago)
Author:
Sam Hocevar
Message:
  • Manpage layout improvements.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • zzuf/trunk/doc/zzuf.1

    r1558 r1559  
    2525relevant behaviour on the standard output, eg:
    2626.PP
    27 .RS
    28 .nf
    29 \fBzzuf cat /dev/zero\fR
    30 .fi
    31 .RE
    32 .PP
    33 If you want to specify flags for your application, put a '\fB\-\-\fR'
     27\fB    zzuf cat /dev/zero\fR
     28.PP
     29If you want to specify flags for your application, put a \(oq\fB\-\-\fR\(cq
    3430marker before them on the command line (otherwise \fBzzuf\fR will try to
    3531interpret them as arguments for itself), eg:
    3632.PP
    37 .RS
    38 .nf
    39 \fBzzuf \-B 1000 cat \-\- \-v /dev/zero\fR
    40 .fi
    41 .RE
     33\fB    zzuf \-B 1000 cat \-\- \-v /dev/zero\fR
    4234.SH OPTIONS
    4335.TP
     
    5042Only fuzz files whose name is specified in the target application's command
    5143line. This is mostly a shortcut to avoid specifiying twice the argument:
    52 \fBzzuf \-c cat file.txt\fR has the same effect as \fBzzuf \-I
    53 \(dq^file\\.txt$\(dq cat file.txt\fR. See the \fB\-I\fR flag for more
    54 information.
     44
     45\fB    zzuf \-c cat file.txt\fR
     46
     47has the same effect as
     48
     49\fB    zzuf \-I \(aq^file\\.txt$\(aq cat file.txt\fR
     50
     51See the \fB\-I\fR flag for more information.
    5552.TP
    5653\fB\-d\fR, \fB\-\-debug\fR
     
    105102.TP
    106103\fB\\\\\fR
    107 backslash ('\\')
     104backslash (\(oq\\\(cq)
    108105.RE
    109106.IP
    110 You can use '\fB-\fR' to specify ranges. For instance, to protect all bytes
    111 from '\fB\\x01\fR' to ' ', use '\fB\-P \(dq\\x01- \(dq\fR'.
     107You can use \(oq\fB-\fR\(cq to specify ranges. For instance, to protect all
     108bytes from \(oq\fB\\x01\fR\(cq to \(oq \(cq, use
     109\(oq\fB\-P\ \(aq\\x01-\ \(aq\fR\(cq.
    112110
    113111The statistical outcome of this option should not be overlooked. Because
     
    115113fuzz it even if only one byte of data was received, protecting characters
    116114may change the meaning of the \fB\-r\fR flag depending on the data being
    117 fuzzed. For instance, asking to fuzz 1% of input bits and to protect
    118 lowercase characters (using '\fB\-r 0.01 \-P a-z\fR') will result in an
    119 actual average fuzzing ratio of 0.9% with truly random data, 0.3% with
    120 random ASCII data and 0.2% with a normal English text.
     115fuzzed. For instance, asking to fuzz 1% of input bits (\fB\-r\ 0.01\fR)
     116and to protect lowercase characters (\fB\-P\ a-z\fR) will result in
     117an actual average fuzzing ratio of 0.9% with truly random data, 0.3% with
     118random ASCII data and 0.2% with a standard English text.
    121119
    122120See also the \fB\-R\fR flag.
     
    179177Fuzz the input of the \fBcat\fR program using default settings:
    180178.PP
    181 .RS
    182 .nf
    183 \fBzzuf cat /etc/motd\fR
    184 .fi
    185 .RE
     179\fB    zzuf cat /etc/motd\fR
    186180.PP
    187181Fuzz 1% of the input bits of the \fBcat\fR program using seed 94324:
    188182.PP
    189 .RS
    190 .nf
    191 \fBzzuf -s 94324 -r 0.01 cat /etc/motd\fR
    192 .fi
    193 .RE
     183\fB    zzuf -s 94324 -r 0.01 cat /etc/motd\fR
    194184.PP
    195185Fuzz the input of the \fBcat\fR program but do not fuzz the newline character
    196186and prevent non-ASCII characters from appearing in the output:
    197187.PP
    198 .RS
    199 .nf
    200 \fBzzuf -P \(dq\\n\(dq -R \(dq\\0-\\x1f\\x7f-\\xff\(dq cat /etc/motd\fR
    201 .fi
    202 .RE
     188\fB    zzuf -P \(aq\\n\(aq -R \(aq\\0-\\x1f\\x7f-\\xff\(aq cat /etc/motd\fR
    203189.PP
    204190Fuzz the input of the \fBconvert\fR program, using file \fBfoo.jpeg\fR as the
     
    207193want \fBzzuf\fR to fuzz them):
    208194.PP
    209 .RS
    210 .nf
    211 \fBzzuf -E \(dq\\.xml$\(dq convert -- foo.jpeg -format tga /dev/null\fR
    212 .fi
    213 .RE
     195\fB    zzuf -E \(aq\\.xml$\(aq convert -- foo.jpeg -format tga /dev/null\fR
    214196.PP
    215197Fuzz the input of \fBvlc\fR, using file \fBmovie.avi\fR as the original input
    216198and restricting fuzzing to filenames that appear on the command line
    217 (\fB\-c\fR), then generate \fBfuzzy-movie.avi\fR which is a file that can
    218 be read by \fBvlc\fR to reproduce the same behaviour without using \fBzzuf\fR:
    219 .PP
    220 .RS
    221 .nf
    222 \fBzzuf -c -s 87423 -r 0.01 vlc movie.avi\fR
    223 \fBzzuf -c -s 87423 -r 0.01 cp movie.avi fuzzy-movie.avi\fR
    224 \fBvlc fuzzy-movie.avi\fR
    225 .fi
    226 .RE
    227 .PP
    228 Fuzz 2% of \fBmplayer\fR's input bits (\fB\-r 0.02\fR) with seeds 0 to 9999
    229 (\fB\-s 0:10000\fR), disabling its standard output messages (\fB\-q\fR),
    230 launching up to three simultaneous child processes (\fB\-F 3\fR), killing
    231 \fBmplayer\fR if it takes more than one minute to read the file (\fB\-T 60\fR)
     199(\fB\-c\fR), then generate \fBfuzzy-movie.avi\fR which is a file that
     200can be read by \fBvlc\fR to reproduce the same behaviour without using
     201\fBzzuf\fR:
     202.PP
     203\fB    zzuf -c -s 87423 -r 0.01 vlc movie.avi\fR
     204\fB    zzuf -c -s 87423 -r 0.01 cp movie.avi fuzzy-movie.avi\fR
     205\fB    vlc fuzzy-movie.avi\fR
     206.PP
     207Fuzz 2% of \fBmplayer\fR's input bits (\fB\-r\ 0.02\fR) with seeds 0 to 9999
     208(\fB\-s\ 0:10000\fR), disabling its standard output messages (\fB\-q\fR),
     209launching up to three simultaneous child processes (\fB\-F\ 3\fR), killing
     210\fBmplayer\fR if it takes more than one minute to read the file (\fB\-T\ 60\fR)
    232211and disabling its \fBSIGSEGV\fR signal handler (\fB\-S\fR):
    233212.PP
    234 .RS
    235 .nf
    236 \fBzzuf -c -q -s 0:10000 -F 3 -T 60 -r 0.02 \\\fR
    237 \fB  mplayer -- -benchmark -vo null -fps 1000 movie.avi\fR
    238 .fi
    239 .RE
     213\fB    zzuf -c -q -s 0:10000 -F 3 -T 60 -r 0.02 \\\fR
     214\fB      mplayer -- -benchmark -vo null -fps 1000 movie.avi\fR
    240215.SH BUGS
    241216.PP
Note: See TracChangeset for help on using the changeset viewer.