dfuzzer - Man Page

Tool for fuzz testing processes communicating through D-Bus




dfuzzer is the D-Bus fuzzer, the tool for fuzz testing processes communicating through D-Bus. It can be used to test processes connected to both, the session bus and the system bus daemon. The fuzzer works as a client, it first connects to the bus daemon and then it traverses and fuzz tests all the methods provided by a D-Bus service (specified by the -n option - bus name). By default only failures and warnings are printed. Use -v for verbose mode.

Fuzz tests are performed on methods of a chosen interface(s) and an object(s) for the given bus name. Fuzzer generates random arguments for each method of an interface and calls these methods everytime with different generated arguments.

dfuzzer is monitoring tested process state and memory usage during fuzz testing. In case tested process crashed or its memory usage is abnormal it is printed on the output of dfuzzer. Fuzzer always prints exit status (see section Exit Status) before exiting.

When you are getting exceptions (printed only in verbose mode: -v option) like org.freedesktop.DBus.Error.AccessDenied or org.freedesktop.DBus.Error.AuthFailed during testing, try to run dfuzzer as root (warning: this is dangerous, proceed with caution).

Required Options


D-Bus name to test.

Other Options


Print dfuzzer version and exit.


Print dfuzzer help and exit.


List all available connection names on both buses.


Enable verbose messages.


Enable debug messages. Implies -v. This option should not be normally used during testing.


Do not use suppression file. Default behaviour is to use suppression files in this order (if one doesn't exist next in order is taken for loading suppressions - this way user can define his own file):

   1. ./dfuzzer.conf

   2. ~/.dfuzzer.conf

   3. /etc/dfuzzer.conf

   Suppression files must be defined in this format:


   method0 description


   method1 description

   method2 description


which tells that for example methods method1 and method2 will be skipped when testing bus name bus_name_2.


Optional object path to test. All children objects are traversed.


Interface to test. Requires also -o option.

-m MEM_LIMIT [in kB]

When tested process exceeds this limit, warning is printed on the output. Default value for this limit is 3x process intial memory size. If set memory limit value is less than or equal to process initial memory size, it will be adjusted to the default value (3x process intial memory size).

-b max_buf_size [in B]

Maximum buffer size for generated strings, minimal value for this option is 256 B. Default maximum size is 50000 B ~= 50 kB (the greater the limit, the longer the testing).


When this parameter is provided, only method METHOD_NAME is tested. All other methods of an interface are skipped. Requires also -o and -i options.


Command/Script to execute after each method call. If command/script finished unsuccessfuly, fail message is printed with its return value.


List all names on bus:

# dfuzzer -l

Test all methods of GNOME Shell. Be verbose.

# dfuzzer -v -n org.gnome.Shell

Test only method of the given bus name, object path and interface:

# dfuzzer -n org.freedesktop.Avahi -o / -i org.freedesktop.Avahi.Server -t GetAlternativeServiceName

Test all methods of Avahi and be verbose. Redirect all log messages including failures and warnings into avahi.log:

# dfuzzer -v -n org.freedesktop.Avahi 2>&1 | tee avahi.log

Test name org.freedesktop.Avahi, be verbose and do not use suppression file:

# dfuzzer -v -s -n org.freedesktop.Avahi

Exit Status

dfuzzer may return these codes:

0    testing ended successfuly

1    error occured, either internal dfuzzer error
    or D-Bus related error (-d option to debug)

2    testing detected failures (including warnings)

3    testing detected only warnings

See Also



No known bugs. Report bugs to mmarhefk@redhat.com.


Matus Marhefka (mmarhefk@redhat.com)

Additional changes by Miroslav Vadkerti (mvadkert@redhat.com)


12 Mar 2015 dfuzzer 1.4