I wanted to take a look at an old fuzzer called AutoDafe because its name popped up in several papers I read in regards to protocol and file formats fuzzing. The last version is from August 2006 which is far back in time, but still – it might be worthy looking at. It is available at http://autodafe.sourceforge.net/ so I went and download it.

The installation guide is pretty simple – unpack, configure, make and make install.
During the compilation however an error popped up:

 
autodafe-0.1$ make
make[1]: Entering directory `/toolz/fuzzers/autodafe-0.1/src'
make[2]: Entering directory `/toolz/fuzzers/autodafe-0.1/src/adbg'
gcc -O2   -c -o debug.o debug.c
gcc -O2   -c -o gdb.o gdb.c
gcc -O2   -c -o network.o network.c
gcc -O2   -c -o adbg.o adbg.c
gcc -Wall -O2 debug.o gdb.o network.o adbg.o -lz -lxml2 -lutil -lpthread -lm  -o adbg
make[2]: Leaving directory `/toolz/fuzzers/autodafe-0.1/src/adbg'
make[2]: Entering directory `/toolz/fuzzers/autodafe-0.1/src/adc'
bison -y -dtv parser.y
mv -f y.tab.c parser.c
mv -f y.tab.h parser.h
gcc -c lexer.c
gcc -c parser.c
gcc -Wall -O2 lexer.o parser.o -o adc
make[2]: Leaving directory `/toolz/fuzzers/autodafe-0.1/src/adc'
make[2]: Entering directory `/toolz/fuzzers/autodafe-0.1/src/autodafe'
gcc -O2   -c -o debug.o debug.c
gcc -O2   -c -o file.o file.c
file.c: In function ‘check_directory’:
file.c:39:38: error: ‘PATH_MAX’ undeclared (first use in this function)
file.c:39:38: note: each undeclared identifier is reported only once for each function it appears in
make[2]: *** [file.o] Error 1
make[2]: Leaving directory `/toolz/fuzzers/autodafe-0.1/src/autodafe'
make[1]: *** [all] Error 1
make[1]: Leaving directory `/toolz/fuzzers/autodafe-0.1/src'
make: *** [all] Error 1

Quick grep to find if the PATH_MAX was declared in some of the include files showed nothing. The only place the constant is in use is in the src/autodafe/file.c as follows:

  /* check the length of the directory - useless but ... */
  if (strlen(conf->fuzz_file_dir) >= PATH_MAX - 16) {
    error_("error path too long\n");
    error_("QUITTING!\n");
    return -1;
  }

The code is pretty explanatory – you can just go and comment the entire block or declare PATH_MAX. I choose to declare it by adding a line before the problematic block:

#define PATH_MAX 512

The compilation completed successfully so now I can play with the fuzzer. I might write a follow up post in regards to its capabilities …