1DFUZZER(1) dfuzzer DFUZZER(1)
2
6 dfuzzer - Tool for fuzz testing processes communicating through D-Bus
7
9 dfuzzer {--bus=BUS_NAME} [OPTIONS...]
10
12 dfuzzer is the D-Bus fuzzer, the tool for fuzz testing processes
13 communicating through D-Bus. It can be used to test processes connected
14 to both, the session bus and the system bus daemon. The fuzzer works as
15 a client, it first connects to the bus daemon and then it traverses and
16 fuzz tests all the methods provided by a D-Bus service (specified by
17 the -n/--bus-name= option). By default only failures and warnings are
18 printed. Use -v/--verbose for verbose mode.
19 Fuzz tests are performed on methods of a chosen interface(s) and an
21 object(s) for the given bus name. Fuzzer generates random arguments for
22 each method of an interface and calls these methods everytime with
23 different generated arguments.
24 dfuzzer is monitoring tested process state during fuzz testing. In case
26 tested process crashed it is printed on the output of dfuzzer. Fuzzer
27 always prints exit status (see section "Exit status") before exiting.
28 If you are getting exceptions (printed only in verbose mode:
30 -v/--verbose option) like org.freedesktop.DBus.Error.AccessDenied or
31 org.freedesktop.DBus.Error.AuthFailed during testing, try to run
32 dfuzzer as root (warning: this is dangerous, proceed with caution).
33
35 The following options are understood:
36 -b NAME, --bus-name=NAME
38 D-Bus name to test.
39 -o PATH, --object=PATH
41 D-Bus object path to test. All children objects are traversed.
42 -i NAME, --interface=NAME
44 D-Bus interface name to test. Requires -o/--object= to be set as
45 well.
46 -t NAME, --method=NAME
48 If provided, only method named NAME is tested. Requires
49 -o/--object= and -i/--interface= to be set as well.
50 Implies --skip-properties.
52 -p NAME, --property=NAME
54 If provided, only property named NAME is tested. Requires
55 -o/--object= and -i/--interface= to be set as well.
56 Implies --skip-methods.
58 --skip-methods
60 Skip method testing and test only properties.
61 --skip-properties
63 Skip property testing and test only methods.
64 -e COMMAND, --command=COMMAND
66 Command to execute after each method call. If given command
67 finishes unsuccessfully, fail message is printed with its return
68 value.
69 --show-command-output
71 Don't suppress stdout/stderr of a COMMAND specified via --command=
72 -f FILENAME, --dictionary=FILENAME
74 Name of a file with custom dictionary whhich is used as input for
75 fuzzed methods before generating random data. Currently supports
76 only strings (one per line).
77 -x ITERATIONS, --max-iterations=ITERATIONS
79 Set the upper limit for number of iterations done for each method.
80 This limit comes into effect only if the automatically calculated
81 number of iterations would exceed this limit. At least 1 iteration
82 is required.
83 -y ITERATIONS, --min-iterations=ITERATIONS
85 Same as -x/--max-iterations= but for the lower limit. Again, the
86 limit comes into effect only if the number of automatically
87 calculated iterations would fall below ITERATIONS.
88 -I ITERATIONS, --iterations=ITERATIONS
90 Set both -y/--min-iterations= and -x/--max-iterations= to
91 ITERATIONS effectively setting the number of iterations for each
92 method to ITERATIONS.
93 -L DIRNAME, --log-dir=DIRNAME
95 If set, dfuzzer writes a machine-readable CSV log into
96 DIRNAME/BUSNAME. The directory must exist.
97 -b SIZE, --buffer-limit=DIRNAME
99 Maximum buffer size for generated strings in bytes. Defaults to
100 50000. Minimal accepted value is 256.
101 -l, --list
103 List all available services on both the system and the session
104 buses.
105 -s, --no-suppressions
107 Do not load suppression file(s). Default behavior is to locate and
108 load suppression files in standard locations in the following
109 order:
110 ./dfuzzer.conf
112 ~/.dfuzzer.conf
114 /etc/dfuzzer.conf
116 For information about the format of the suppression file see the
118 section "Suppression file format".
119 -v, --verbose
121 Enable verbose logging.
122 -d, --debug
124 Enable debug logging. Implies -v/--verbose. This option should not
125 be normally used during testing.
126 -V, --version
128 Print dfuzzer version and exit.
129 -h, --help
131 Print a short help text and exit.
132
134 dfuzzer may return these codes:
135 0 testing ended successfully
137 1 an error occured (either an internall error, or a D-Bus related
139 error)
140 2 testing detected failures (including warnings)
142 3 testing detected only warnings
144
146 Suppression file is divided into sections for each service, where each
147 section contains a path to the suppressed method and an optional
148 description, which is printed to the output when such method is
149 suppressed:
150 [org.foo.bar]
152 hello potentially destructive
153 world also destructive
154 In this example methods hello and world will be suppressed on the
157 org.foo.bar bus, no matter under which object/interface they appear.
158 For more granular suppression, the method name can be given in format
160 object_path:interface_name:method
162 where each part can be omited (omitted parts behave like a wildcard,
164 i.e. they match any object/interface/method). For example:
165 [org.foo.baz]
167 hello suppress the method 'hello' on any interface
168 ::hello ditto, since object and interface are empty
169 :hello ditto
170 /org::world suppress the method 'world' on any interface under the object '/org'
172 /org:boo:world suppress the methdo 'world' on interface 'boo' and under object '/org'
173 :org.freedesktop.Foo: suppress all methods on interface 'org.freedesktop.Foo' under any object
174 /org:: suppress all methods on any interface under object '/org'
175
178 List all services on system/session bus:
179 dfuzzer -l
181 Test all methods of GNOME Shell. Be verbose:
183 dfuzzer -v -n org.gnome.Shell
185 Test only a specific method on given bus name, object path, and
187 interface:
188 dfuzzer -n org.freedesktop.Avahi -o / -i org.freedesktop.Avahi.Server -t GetAlternativeServiceName
190 Test all methods of Avahi and be verbose. Redirect all log messages
192 including failures and warnings into avahi.log:
193 dfuzzer -v -n org.freedesktop.Avahi |& tee avahi.log
195 Test name org.freedesktop.Avahi, be verbose, and do not use suppression
197 file:
198 dfuzzer -v -s -n org.freedesktop.Avahi
200
202 Matus Marhefka (mmarhefk@redhat.com)
203
205 Please report all bugs to the upstream tracker at
206 https://github.com/dbus-fuzzer/dfuzzer.
207
209 gdbus(1)
210
212 1. https://github.com/dbus-fuzzer/dfuzzer
213dfuzzer 07/19/2023 DFUZZER(1)