• Home
Name Date Size #Lines LOC

..--

README.mdD12-May-20242.1 KiB5230

driver.cD12-May-2024716 3628

fuzz.hD12-May-2024583 2318

fuzz_bookmark.cD12-May-2024318 1611

fuzz_bookmark.corpusD12-May-202419 21

fuzz_date_parse.cD12-May-2024506 2013

fuzz_date_time_new_from_iso8601.cD12-May-2024637 2618

fuzz_dbus_message.cD12-May-2024616 2921

fuzz_inet_address_mask_new_from_string.cD12-May-2024644 2618

fuzz_inet_address_new_from_string.cD12-May-2024624 2618

fuzz_inet_socket_address_new_from_string.cD12-May-2024665 2618

fuzz_key.cD12-May-2024644 2821

fuzz_key.corpusD12-May-202439 32

fuzz_network_address_parse.cD12-May-2024686 2618

fuzz_network_address_parse_uri.cD12-May-2024694 2618

fuzz_uri_escape.cD12-May-20241.4 KiB6648

fuzz_uri_parse.cD12-May-20241.3 KiB4533

fuzz_uri_parse_params.cD12-May-2024560 2921

fuzz_variant_binary.cD12-May-2024528 2216

fuzz_variant_text.cD12-May-2024423 2216

fuzz_variant_text.dictD12-May-2024216 3332

meson.buildD12-May-20241.1 KiB3934

README.md

1Fuzz targets used by [oss-fuzz](https://github.com/google/oss-fuzz/).
2
3Useful links: [Dashboard](https://oss-fuzz.com/) _(requires access)_, [Build logs](https://oss-fuzz-build-logs.storage.googleapis.com/index.html), [Coverage](https://oss-fuzz.com/coverage-report/job/libfuzzer_asan_glib/latest)
4
5## How to add new targets
6
7Add **fuzz_target_name.c** and edit `meson.build` accordingly.
8
9New targets are picked up by oss-fuzz automatically within a day. Targets must not be renamed once added.
10
11Add (optional) **fuzz_target_name.dict** containing keywords and magic bytes.
12
13Add (optional) **fuzz_target_name.corpus** with file names on separate lines. Wildcards `?`, `*` and `**` are supported. Examples below.
14
15```bash
16glib/*  # all files in directory glib
17glib/** # all files in directory glib and sub-directories
18**.xbel # all files ending with .xbel in the repository
19```
20
21Recommended reading: [Fuzz Target](https://llvm.org/docs/LibFuzzer.html#fuzz-target), [Dictionaries](https://llvm.org/docs/LibFuzzer.html#dictionaries), [Corpus](https://llvm.org/docs/LibFuzzer.html#corpus)
22
23## How to reproduce oss-fuzz bugs locally
24
25Build with at least the following flags, choosing a sanitizer as needed. A somewhat recent version of [clang](http://clang.llvm.org/) is recommended.
26
27```bash
28$ CC=clang CXX=clang++ meson DIR -Db_sanitize=<address|undefined> -Db_lundef=false
29```
30
31Afterwards run the affected target against the provided test case.
32
33```bash
34$ DIR/fuzzing/fuzz_target_name FILE
35```
36
37#### FAQs
38
39###### What about Memory Sanitizer (MSAN)?
40
41Correct MSAN instrumentation is [difficult to achieve](https://clang.llvm.org/docs/MemorySanitizer.html#handling-external-code) locally, so false positives are very likely to mask the actual bug.
42
43If need be, [you can still reproduce](https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md#building-using-docker) those bugs with the oss-fuzz provided docker images.
44
45###### There are no file/function names in the stack trace.
46
47`llvm-symbolizer` must be in `PATH`.
48
49###### UndefinedBehavior Sanitizer (UBSAN) doesn't provide a stack trace.
50
51Set environment variable `UBSAN_OPTIONS` to `print_stacktrace=1` prior to running the target.
52