lib/fuzzing: Add mode for the AFL fuzzer

This is helpful for ensuring the fuzzers still compile in autobuild as no
library support is required.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

1 files changed, 25 insertions, 1 deletions

diff --git a/lib/fuzzing/README.md b/lib/fuzzing/README.md
index 97b49ed0fb1..5a248241248 100644
--- a/lib/fuzzing/README.md
+++ b/lib/fuzzing/README.md
@@ -7,6 +7,7 @@ exceptions such as crashes, assertions or memory corruption.
 See [Wikipedia article on fuzzing](https://en.wikipedia.org/wiki/Fuzzing) for
 more information.
 
+# Hongfuzz
 
 ## Configure with fuzzing
 
@@ -15,7 +16,7 @@ Example command line to build binaries for use with
 
 ```sh
 buildtools/bin/waf -C --without-gettext --enable-debug --enable-developer \
-	--address-sanitizer --enable-libfuzzer \
+	--address-sanitizer --enable-libfuzzer --abi-check-disable \
 	CC=.../honggfuzz/hfuzz_cc/hfuzz-clang configure \
 	LINK_CC=.../honggfuzz/hfuzz_cc/hfuzz-clang
 ```
@@ -32,6 +33,29 @@ buildtools/bin/waf --targets=fuzz_tiniparser build && \
   --rlimit_rss 100 -f .../tiniparser-corpus -- bin/fuzz_tiniparser
 ```
 
+# AFL (american fuzzy lop)
+
+## Configure with fuzzing
+
+Example command line to build binaries for use with
+[afl](http://lcamtuf.coredump.cx/afl/)
+
+```sh
+buildtools/bin/waf -C --without-gettext --enable-debug --enable-developer \
+	--enable-afl-fuzzer --abi-check-disable \
+	CC=afl-gcc configure
+```
+
+## Fuzzing tiniparser
+
+Example for fuzzing `tiniparser` using `afl-fuzz` (see `--help` for more
+options):
+
+```sh
+buildtools/bin/waf --targets=fuzz_tiniparser build && \
+afl-fuzz -m 200 -i inputdir -o outputdir -- bin/fuzz_tiniparser
+```
+
 # oss-fuzz
 
 Samba can be fuzzed by Google's oss-fuzz system.  Assuming you have an