admin/ast-project
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

---

Browse Source
This commit is contained in:
[Quy Anh] «Elliot» Nguyen
2026-06-24 13:47:14 +02:00
commit fd930e15cb
2377 changed files with 1213931 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
part1/README.md
+41
View File
@@ -0,0 +1,41 @@
## Instructions
### Build
```bash
docker build -t fuzzer .
```
### Fuzz
```bash
docker run -it -v "$(pwd)/bugs:/fuzzer/bugs" fuzzer
```
### Additional Options
#### Get a shell
```bash
docker run -it -v "$(pwd)/bugs:/fuzzer/bugs" --entrypoint bash fuzzer
```
#### Flags
| Flag | Default | Description |
| -------------------- | -------------------------------------- | ------------------------------------------------------------------------- |
| `--seeds` | `/home/test/seeds` | Directory containing seed `.sql` files for mutation |
| `--buggy` | `/home/test/sqlite3-src/build/sqlite3` | Path to the buggy SQLite binary being tested |
| `--reference` | `/usr/bin/sqlite3` | Path to the reference SQLite binary for comparison |
| `--count` | `10000` | Number of queries to generate and execute |
| `--mutate-timeout` | `0.5` | Per-mutation timeout in seconds (prevents hanging mutations) |
| `--max-query-length` | `100000` | Hard character limit for generated queries (longer queries reset to seed) |
| `--workers` | `multiprocessing.cpu_count()` | Number of parallel `check()` worker threads |
| `--validate-seeds` | `False` | Run upfront validation pass on all seeds before fuzzing |
| `--run-baseline` | `False` | Run seeds without mutation (baseline coverage measurement) |
#### Customize the fuzzer, e.g.
```bash
test-db --validate-seeds --count 5000 --mutate-timeout 0.1 --max-query-length 100000
```