| Name | Date | Size | #Lines | LOC | ||
|---|---|---|---|---|---|---|
| .. | - | - | ||||
| corpus/ | 12-May-2024 | - | 899 | 627 | ||
| README.rst | D | 12-May-2024 | 1.1 KiB | 34 | 21 | |
| fuzz_frames.cc | D | 12-May-2024 | 4.2 KiB | 161 | 123 | |
| fuzz_target.cc | D | 12-May-2024 | 2.3 KiB | 80 | 67 | |
| fuzz_target_fdp.cc | D | 12-May-2024 | 2.9 KiB | 100 | 80 |
README.rst
1Fuzzer 2====== 3 4This directory contains fuzzer target mainly written to integrate 5nghttp2 into `oss-fuzz <https://github.com/google/oss-fuzz>`_. 6 7fuzz_target.cc contains an entry point of fuzzer. corpus directory 8contains initial data for fuzzer. 9 10The file name of initial data under corpus is the lower-cased hex 11string of SHA-256 hash of its own content. 12 13corpus/h2spec contains input data which was recorded when we ran 14`h2spec <https://github.com/summerwind/h2spec>`_ against nghttpd. 15 16corpus/nghttp contains input data which was recorded when we ran 17nghttp against nghttpd with some varying command line options of 18nghttp. 19 20 21To build fuzz_target.cc, make sure that libnghttp2 is built with 22following compiler/linker flags: 23 24.. code-block:: text 25 26 CPPFLAGS="-fsanitize-coverage=edge -fsanitize=address" 27 LDFLAGS="-fsanitize-coverage=edge -fsanitize=address" 28 29Then, fuzz_target.cc can be built using the following command: 30 31.. code-block:: text 32 33 $ clang++ -fsanitize-coverage=edge -fsanitize=address -I../lib/includes -std=c++11 fuzz_target.cc ../lib/.libs/libnghttp2.a /usr/lib/llvm-3.9/lib/libFuzzer.a -o nghttp2_fuzzer 34