Changeset 1641 for zzuf/trunk/doc


Ignore:
Timestamp:
Jan 10, 2007, 6:17:26 PM (14 years ago)
Author:
Sam Hocevar
Message:
  • Implemented memory limits. Probably breaks on other arches because of all the new functions.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • zzuf/trunk/doc/zzuf.1

    r1640 r1641  
    33zzuf \- multiple purpose fuzzer
    44.SH SYNOPSIS
    5 \fBzzuf\fR [\fB\-cdiMnqS\fR] [\fB\-r\fR \fIratio\fR] [\fB\-s\fR \fIseed\fR | \fB\-s\fR \fIstart:stop\fR]
     5\fBzzuf\fR [\fB\-cdiMnqS\fR] [\fB\-r\fR \fIratio\fR] [\fB\-s\fR \fIseed\fR|\fB\-s\fR \fIstart:stop\fR]
    66.br
    77                [\fB\-F\fR \fIforks\fR] [\fB\-C\fR \fIcrashes\fR] [\fB\-B\fR \fIbytes\fR] [\fB\-T\fR \fIseconds\fR]
    88.br
    9                 [\fB\-P\fR \fIprotect\fR] [\fB\-R\fR \fIrefuse\fR]
     9                [\fB\-M\fR \fImegabytes\fR] [\fB\-P\fR \fIprotect\fR] [\fB\-R\fR \fIrefuse\fR]
    1010.br
    1111                [\fB\-I\fR \fIinclude\fR] [\fB\-E\fR \fIexclude\fR] [\fIPROGRAM\fR [\fIARGS\fR]...]
     
    9999Instead of displaying the program's standard output, just print the MD5 digest
    100100of that output. The standard error channel is left untouched.
     101.TP
     102\fB\-M\fR, \fB\-\-max-memory\fR=\fImegabytes\fR
     103Specify the maximum amount of memory, in megabytes, that children are allowed
     104to allocate. This is useful to detect infinite loops that eat up a lot of
     105memory. The value should set reasonably high so as not to interfer with normal
     106program operation.
     107
     108\fBZzuf\fR uses the \fBsetrlimit\fR() call to set memory usage limitations and
     109relies on the operating system's ability to enforce such limitations.
    101110.TP
    102111\fB\-n\fR, \fB\-\-network\fR
     
    228237.PP
    229238\fB    zzuf \-c \-s 87423 \-r 0.01 vlc movie.avi\fR
    230 \fB    zzuf \-c \-s 87423 \-r 0.01 cp movie.avi fuzzy\-movie.avi\fR
     239\fB    zzuf \-c \-s 87423 \-r 0.01 <movie.avi >fuzzy\-movie.avi\fR
    231240\fB    vlc fuzzy\-movie.avi\fR
    232241.PP
     
    241250.SH RESTRICTIONS
    242251.PP
    243 Due to \fBzzuf\fR using shared object preloading (\fBLD_PRELOAD\fR on most
    244 Unix systems, \fBDYLD_INSERT_LIBRARIES\fR on Mac OS X) to run its child
     252Due to \fBzzuf\fR using shared object preloading (\fBLD_PRELOAD\fR,
     253\fB_RLD_LIST\fB, \fBDYLD_INSERT_LIBRARIES\fR, etc.) to run its child
    245254processes, it will fail in the presence of any mechanism that disables
    246255preloading. For instance setuid root binaries will not be fuzzed when run
     
    267276descriptor operations is undefined.
    268277.SH NOTES
    269 In order to intercept file and network operations and signal handlers,
    270 \fBzzuf\fR diverts and reimplements the following functions, which can
    271 be private libc symbols, too:
     278In order to intercept file and network operations, signal handlers and memory
     279allocations, \fBzzuf\fR diverts and reimplements the following functions,
     280which can be private libc symbols, too:
    272281.TP
    273282Unix file descriptor handling:
    274283\fBopen\fR(), \fBlseek\fR(), \fBread\fR(), \fBaccept\fR(), \fBsocket\fR(),
    275 \fBmmap\fR(), \fBmunmap\fR(), \fBclose\fR()
     284\fBclose\fR()
    276285.TP
    277286Standard IO streams:
     
    279288\fBfread\fR(), \fBgetc\fR(), \fBfgetc\fR(), \fBfgets\fR(), \fBungetc\fR(),
    280289\fBfclose\fR()
     290.TP
     291Memory management:
     292\fBmmap\fR(), \fBmunmap\fR(), \fBmalloc\fR(), \fBcalloc\fR(), \fBvalloc\fR(),
     293\fBfree\fR(), \fBmemalign\fR(), \fBposix_memalign\fR(), \fBbrk\fR(),
     294\fBsbrk\fR()
    281295.TP
    282296Linux-specific:
Note: See TracChangeset for help on using the changeset viewer.