From 30798fb0a97dc77c725bed35bb721bc5b1e0da12 Mon Sep 17 00:00:00 2001
From: vit9696 <vit9696@users.noreply.github.com>
Date: Sat, 5 Feb 2022 20:37:02 +0300
Subject: [PATCH] User: Enable security predicate checking

---
 User/Makefile  | 13 +++++++++++++
 User/README.md |  2 ++
 2 files changed, 15 insertions(+)

diff --git a/User/Makefile b/User/Makefile
index 11f4f4e8a42..3d7d097146a 100644
--- a/User/Makefile
+++ b/User/Makefile
@@ -279,8 +279,21 @@ sydr-fuzz: $(PROJECT).sydr$(SUFFIX) $(PROJECT)$(SUFFIX) FORCE
 	EOF
 	UBSAN_OPTIONS='halt_on_error=1' sydr-fuzz -l debug run -f
 
+sydr-fuzz-security: $(PROJECT).sydr$(SUFFIX) $(PROJECT)$(SUFFIX) FORCE
+	@cat <<- EOF > sydr-fuzz.toml
+	 	[sydr]
+		args = "--security --no-invert"
+		target = "$(PROJECT).sydr$(SUFFIX) @@"
+		corpus = "sydr-fuzz-out/corpus"
+		jobs = $(FUZZ_JOBS)
+	EOF
+	sydr-fuzz -l debug security
+
 sydr-fuzz-import: $(PROJECT).sydr$(SUFFIX) $(PROJECT)$(SUFFIX) FORCE
+	@$(MKDIR) sydr-fuzz-out/corpus
+	@$(MKDIR) sydr-fuzz-out/security
 	./$(PROJECT)$(SUFFIX) -merge=1 $(FUZZ_DIR) sydr-fuzz-out/corpus
+	./$(PROJECT)$(SUFFIX) -merge=1 $(FUZZ_DIR) sydr-fuzz-out/security
 
 coverage: $(PRODUCT) FORCE
 	@$(LCOV) --version
diff --git a/User/README.md b/User/README.md
index 88a6db6a38b..aee544f45b3 100644
--- a/User/README.md
+++ b/User/README.md
@@ -72,6 +72,8 @@ Example 4. Perform fuzzing with the help of [Sydr](https://www.ispras.ru/en/tech
 ```sh
 CC=clang DEBUG=1 FUZZ=1 SANITIZE=1 make
 CC=clang DEBUG=1 SYDR=1 make sydr-fuzz
+# Optionally check for security predicates.
+CC=clang DEBUG=1 SYDR=1 make sydr-fuzz-security
 # Import Sydr inputs to FUZZDICT.
 CC=clang DEBUG=1 SYDR=1 make sydr-fuzz-import
 # LCOV is required for running this command.