Years ago I started hacking on an "mpm fuzz": https://github.com/pquerna/httpd/compare/trunk...pquerna:mpm_fuzz
The idea was to make a "fake" MPM, which could feed data from AFL directly into the network filter stack, in a super efficient way. I don't know if it is really a great idea, since TLS and h2 are maybe hard to get right in the stack, but its a different approach that could lead to high coverage of critical remote network paths. Not sure it's the right way to go about it, but thought I'd mention it as a potential approach to deep fuzzing. On Fri, Jul 16, 2021 at 4:02 AM david korczynski <da...@adalogics.com> wrote: > Hi all, > > I have been working on getting fuzzing into Apache httpd and it would be > great to have it set up with OSS-Fuzz. OSS-Fuzz is a free service run by > Google that will continuously run fuzzers and the service is > administrered on github (https://github.com/google/oss-fuzz). > Apache-commons is already integrated into OSS-Fuzz (see here: > https://github.com/google/oss-fuzz/pull/5633) > > I have done initial work on fuzzing httpd which can be found in this PR: > https://github.com/google/oss-fuzz/pull/6044 > > I am happy to continue working more on improving the fuzzing so we can > get a high code coverage of httpd, but I would prefer to do this only if > the developers of httpd are happy to receive bug reports from the > fuzzers. In order to integrate with OSS-Fuzz the only thing needed is a > set of email addresses that will receive the bug reports, and these > emails need to be affiliated with a Google account (for login purposes). > > Let me know if you are happy to integrate httpd into OSS-Fuzz. > > Kind regards, > David > > ADA Logics Ltd is registered in England. No: 11624074. > Registered office: 266 Banbury Road, Post Box 292, > OX2 7DL, Oxford, Oxfordshire , United Kingdom >