1# Fuzzing DNG SDK 2 3This fuzzer is intented to do a varian analysis of the issue reported 4in b/156261521. 5 6Here is a list of some CVEs previously discovered in DNG SDK: 7 8* CVE-2020-9589 9* CVE-2020-9590 10* CVE-2020-9620 11* CVE-2020-9621 12* CVE-2020-9622 13* CVE-2020-9623 14* CVE-2020-9624 15* CVE-2020-9625 16* CVE-2020-9626 17* CVE-2020-9627 18* CVE-2020-9628 19* CVE-2020-9629 20 21## Building & running the fuzz target: Android device 22 23It is recommended to set rss limit to higher values (such as 4096) when running 24the fuzzer to avoid frequent OOM libFuzzer crashes. 25 26```sh 27$ source build/envsetup.sh 28$ lunch aosp_arm64-eng 29$ SANITIZE_TARGET=hwaddress make dng_parser_fuzzer 30$ adb sync data 31$ adb shell /data/fuzz/arm64/dng_parser_fuzzer/dng_parser_fuzzer \ 32$ -rss_limit=4096 \ 33$ /data/fuzz/arm64/dng_parser_fuzzer/corpus 34``` 35 36## Building & running the fuzz target: Host 37 38```sh 39$ source build/envsetup.sh 40$ lunch aosp_x86_64-eng 41$ SANITIZE_HOST=address make dng_parser_fuzzer 42$ LD_LIBRARY_PATH=$ANDROID_HOST_OUT/fuzz/x86_64/lib/ \ 43$ $ANDROID_HOST_OUT/fuzz/x86_64/dng_parser_fuzzer/dng_parser_fuzzer \ 44$ -rss_limit_mb=4096 \ 45$ $ANDROID_HOST_OUT/fuzz/x86_64/dng_parser_fuzzer/corpus/ 46``` 47 48