dfuzzer man page
dfuzzer — Tool for fuzz testing processes communicating through D-Bus
dfuzzer -n BUS_NAME [OTHER_OPTIONS]
dfuzzer is the D-Bus fuzzer, the tool for fuzz testing processes communicating through D-Bus. It can be used to test processes connected to both, the session bus and the system bus daemon. The fuzzer works as a client, it first connects to the bus daemon and then it traverses and fuzz tests all the methods provided by a D-Bus service (specified by the -n option - bus name). By default only failures and warnings are printed. Use -v for verbose mode.
Fuzz tests are performed on methods of a chosen interface(s) and an object(s) for the given bus name. Fuzzer generates random arguments for each method of an interface and calls these methods everytime with different generated arguments.
dfuzzer is monitoring tested process state and memory usage during fuzz testing. In case tested process crashed or its memory usage is abnormal it is printed on the output of dfuzzer. Fuzzer always prints exit status (see section Exit Status) before exiting.
When you are getting exceptions (printed only in verbose mode: -v option) like org.freedesktop.DBus.Error.AccessDenied or org.freedesktop.DBus.Error.AuthFailed during testing, try to run dfuzzer as root (warning: this is dangerous, proceed with caution).
- -n BUS_NAME
D-Bus name to test.
Print dfuzzer version and exit.
Print dfuzzer help and exit.
List all available connection names on both buses.
Enable verbose messages.
Enable debug messages. Implies -v. This option should not be normally used during testing.
Do not use suppression file. Default behaviour is to use suppression files in this order (if one doesn't exist next in order is taken for loading suppressions - this way user can define his own file):
- 1. ./dfuzzer.conf
- 2. ~/.dfuzzer.conf
- 3. /etc/dfuzzer.conf
- Suppression files must be defined in this format:
- method0 description
- method1 description
- method2 description
which tells that for example methods method1 and method2 will be skipped when testing bus name bus_name_2.
- -o OBJECT_PATH
Optional object path to test. All children objects are traversed.
- -i INTERFACE
Interface to test. Requires also -o option.
- -m MEM_LIMIT [in kB]
When tested process exceeds this limit, warning is printed on the output. Default value for this limit is 3x process intial memory size. If set memory limit value is less than or equal to process initial memory size, it will be adjusted to the default value (3x process intial memory size).
- -b max_buf_size [in B]
Maximum buffer size for generated strings, minimal value for this option is 256 B. Default maximum size is 50000 B ~= 50 kB (the greater the limit, the longer the testing).
- -t METHOD_NAME
When this parameter is provided, only method METHOD_NAME is tested. All other methods of an interface are skipped. Requires also -o and -i options.
- -e 'COMMAND'
Command/Script to execute after each method call. If command/script finished unsuccessfuly, fail message is printed with its return value.
List all names on bus: # dfuzzer -l
Test all methods of GNOME Shell. Be verbose. # dfuzzer -v -n org.gnome.Shell
Test only method of the given bus name, object path and interface: # dfuzzer -n org.freedesktop.Avahi -o / -i org.freedesktop.Avahi.Server -t GetAlternativeServiceName
Test all methods of Avahi and be verbose. Redirect all log messages including failures and warnings into avahi.log: # dfuzzer -v -n org.freedesktop.Avahi 2>&1 | tee avahi.log
Test name org.freedesktop.Avahi, be verbose and do not use suppression file: # dfuzzer -v -s -n org.freedesktop.Avahi
dfuzzer may return these codes:
0 testing ended successfuly 1 error occured, either internal dfuzzer error
or D-Bus related error (-d option to debug) 2 testing detected failures (including warnings) 3 testing detected only warnings
No known bugs. Report bugs to email@example.com.
Matus Marhefka (firstname.lastname@example.org) Additional changes by Miroslav Vadkerti (email@example.com)
2014,2015 Red Hat, Inc.