Lines Matching +full:oss +full:- +full:fuzz
1 ---
7 permalink: /getting-started/new-project-guide/
8 ---
13 - TOC
15 ---
21 - [Integrate]({{ site.baseurl }}/advanced-topics/ideal-integration/) one or more [fuzz targets]({{ …
22 with the project you want to fuzz.
25 [boringssl](https://github.com/google/boringssl/tree/master/fuzz) or
27 [go-fuzz](https://github.com/dvyukov/go-fuzz-corpus/tree/86a5af9d6842f80b205a082538ea28f61bbb8ccb) …
31 - [Install Docker](https://docs.docker.com/engine/installation)
33 [Why Docker?]({{ site.baseurl }}/faq/#why-do-you-use-docker)
36 …cker group](https://docs.docker.com/engine/installation/linux/ubuntulinux/#/create-a-docker-group).
39 [docker-cleanup](https://gist.github.com/mikea/d23a839cba68778d94e0302e8a2c200f)
40 periodically to garbage-collect unused images.
42 - (optional) [Install gsutil](https://cloud.google.com/storage/docs/gsutil_install) for local code …
47 Each OSS-Fuzz project has a subdirectory
48 …tps://github.com/google/oss-fuzz/tree/master/projects) directory in the [OSS-Fuzz repository](http…
49 project is located in [`projects/boringssl`](https://github.com/google/oss-fuzz/tree/master/project…
53 * [project.yaml](#projectyaml) - provides metadata about the project.
54 * [Dockerfile](#dockerfile) - defines the container environment with information
55 …endencies needed to build the project and its [fuzz targets]({{ site.baseurl }}/reference/glossary…
56 * [build.sh](#buildsh) - defines the build script that executes inside the Docker container and
59 You can automatically create a new directory for your project in OSS-Fuzz and
64 $ cd /path/to/oss-fuzz
67 $ python infra/helper.py generate $PROJECT_NAME --language=$LANGUAGE
72 …fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target) in your own source code reposito…
78 - [homepage](#homepage)
79 - [language](#language)
80 - [primary_contact](#primary)
81 - [auto_ccs](#auto_ccs)
82 - [main_repo](#main_repo)
83 - [vendor_ccs](#vendor) (optional)
84 - [sanitizers](#sanitizers) (optional)
85 - [architectures](#architectures) (optional)
86 - [help_url](#help_url) (optional)
87 - [builds_per_day](#build_frequency) (optional)
98 * [`go`]({{ site.baseurl }}//getting-started/new-project-guide/go-lang/)
99 * [`rust`]({{ site.baseurl }}//getting-started/new-project-guide/rust-lang/)
100 * [`python`]({{ site.baseurl }}//getting-started/new-project-guide/python-lang/)
101 …vm` (Java, Kotlin, Scala and other JVM-based languages)]({{ site.baseurl }}//getting-started/new-p…
102 * [`swift`]({{ site.baseurl }}//getting-started/new-project-guide/swift/)
105 … including crash reports and fuzzer statistics, and are auto-cced on new bugs filed in the OSS-Fuzz
106 …n) to get full access. ([why?]({{ site.baseurl }}/faq/#why-do-you-require-a-google-account-for-aut…
116 - Approved by the project maintainer (e.g. comment on pull request, reply on project mailing list).
117 - An organization email address is used.
126 un-instrumented system dependencies.
142 - address
143 - memory:
145 - undefined
149 homepage]({{ site.baseurl }}/further-reading/clusterfuzz#web-interface).
151 `sanitizers` example: [boringssl](https://github.com/google/oss-fuzz/blob/master/projects/boringssl…
154 The list of architectures to fuzz on.
156 Some projects can benefit from i386 fuzzing. OSS-Fuzz will build and run
161 - x86_64
162 - i386
166 * Only occur in architecture-specific source code (e.g. code that contains i386 assembly).
167 * Exist in architecture-independent source code and which only affects i386 users.
168 * Exist in architecture-independent source code and which affects users on other 32-bit platforms s…
171 On the testcase page of each oss-fuzz issue is a list of other jobs where the crash reproduces, thi…
173 …cause many projects won't build for i386 without some modification to their OSS-Fuzz build process.
174 …within the x86_64 docker image ([for example](https://github.com/google/oss-fuzz/blob/5b8dcb5d942b…
179 use all of them if possible. `libfuzzer` is required by OSS-Fuzz.
183 [OSS-Fuzz guide to reproducing crashes]({{ site.baseurl }}/advanced-topics/reproducing/). This can …
184 bugs to members of your project unfamiliar with OSS-Fuzz, or if they should follow a different work…
187 `help_url` example: [skia](https://github.com/google/oss-fuzz/blob/master/projects/skia/project.yam…
191 OSS-Fuzz allows upto 4 builds per day, and builds once per day by default.
204 FROM gcr.io/oss-fuzz-base/base-builder # base image with clang toolchain
205 RUN apt-get update && apt-get install -y ... # install required packages to build your project
213 for instance `FROM gcr.io/oss-fuzz-base/base-builder-go` for golang.
216 [expat/Dockerfile](https://github.com/google/oss-fuzz/tree/master/projects/expat/Dockerfile)
218 [syzkaller/Dockerfile](https://github.com/google/oss-fuzz/blob/master/projects/syzkaller/Dockerfile…
224 [ecc-diff-fuzzer/Dockerfile](https://github.com/google/oss-fuzz/blob/master/projects/ecc-diff-fuzze…
225 where we use `base-builder-rust`and install golang
229 This file defines how to build binaries for [fuzz targets]({{ site.baseurl }}/reference/glossary/#f…
234 - Build the project using your build system with the correct compiler.
235 - Provide compiler flags as [environment variables](#Requirements).
236 - Build your [fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target) and link your proje…
240 Here's an example from Expat ([source](https://github.com/google/oss-fuzz/blob/master/projects/expa…
243 #!/bin/bash -eu
250 make -j$(nproc) all
252 $CXX $CXXFLAGS -std=c++11 -Ilib/ \
253 $SRC/parse_fuzzer.cc -o $OUT/parse_fuzzer \
259 …ut the [Integrating a Go project]({{ site.baseurl }}//getting-started/new-project-guide/go-lang/) …
264 2. Make sure that the binary names for your [fuzz targets]({{ site.baseurl }}/reference/glossary/#f…
265 alphanumeric characters, underscore(_) or dash(-). Otherwise, they won't run on our infrastructure.
294 |---------| ------------ | ---------- |
295 | `/out/` | `$OUT` | Directory to store build artifacts (fuzz targets, dictionaries, option…
302 In case your fuzz target uses the [FuzzedDataProvider] class, make sure it is
305 …aProvider]: https://github.com/google/fuzzing/blob/master/docs/split-inputs.md#fuzzed-data-provider
311 You *must* use the special compiler flags needed to build your project and fuzz targets.
315 | ------------- | --------
318 | `$LIB_FUZZING_ENGINE` | C++ compiler argument to link fuzz target against the prebuilt engine li…
322 Most well-crafted build scripts will automatically use these variables. If not,
325 …riables](https://github.com/google/oss-fuzz/blob/master/infra/base-images/base-builder/README.md#p…
326 `base-builder` image documentation for more details.
334 … this please see the [fuzzer environment]({{ site.baseurl }}/further-reading/fuzzer-environment/) …
345 …fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target) run in, and the assumptions you …
349 You can build your docker image and fuzz targets locally, so you can test them before you push them…
351 … time using it to build your docker image and [fuzz targets]({{ site.baseurl }}/reference/glossary…
354 $ cd /path/to/oss-fuzz
356 $ python infra/helper.py build_fuzzers --sanitizer <address/memory/undefined> $PROJECT_NAME
359 The built binaries appear in the `/path/to/oss-fuzz/build/out/$PROJECT_NAME`
362 **Note:** You *must* run your fuzz target binaries inside the base-runner docker
371 3. If you want to test changes against a particular fuzz target, run the following command:
374 …$ python infra/helper.py run_fuzzer --corpus-dir=<path-to-temp-corpus-dir> $PROJECT_NAME <fuzz_tar…
378 your fuzz targets get to the code you expect. This would use the corpus
382 $ python infra/helper.py build_fuzzers --sanitizer coverage $PROJECT_NAME
383 …ython infra/helper.py coverage $PROJECT_NAME --fuzz-target=<fuzz_target> --corpus-dir=<path-to-tem…
388 [code coverage]({{ site.baseurl }}/advanced-topics/code-coverage/) for detailed
396 of the supported build configurations with the above commands (build_fuzzers -> run_fuzzer -> cover…
399 …ence failures, review your [dependencies]({{ site.baseurl }}/further-reading/fuzzer-environment/#d…
403 If you run into problems, our [Debugging page]({{ site.baseurl }}/advanced-topics/debugging/) lists…
404 [fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target).
408 To improve your fuzz target ability to find bugs faster, you should consider the
414 corpus consisting of good sample inputs is one of the best ways to improve [fuzz
415 target]({{ site.baseurl }}/reference/glossary/#fuzz-target)'s coverage.
418 to the [fuzz target]({{ site.baseurl }}/reference/glossary/#fuzz-target)'s binary in `$OUT` during …
422 (example: [boringssl](https://github.com/google/oss-fuzz/blob/master/projects/boringssl/build.sh#L4…
424 Seed corpus files will be used for cross-mutations and portions of them might appear
428 OSS-Fuzz only: See also [Accessing Corpora]({{ site.baseurl }}/advanced-topics/corpora/) for inform…
445 It is common for several [fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target)
447 (example: [expat](https://github.com/google/oss-fuzz/blob/master/projects/expat/parse_fuzzer.option…
462 ## Checking in to the OSS-Fuzz repository
464 Once you've tested your fuzzing files locally, fork OSS-Fuzz, commit, and push to the fork. Then
471 Please include copyright headers for all files checked in to oss-fuzz:
480 # http://www.apache.org/licenses/LICENSE-2.0
491 **Exception:** If you're porting a fuzz target from Chromium, keep the original Chromium license he…
495 Once your change is merged, your project and fuzz targets should be automatically built and run on
496 …ere's a problem, you can check your project's [build status](https://oss-fuzz-build-logs.storage.g…
498 Use the [ClusterFuzz web interface](https://oss-fuzz.com/) to review the following:
509 Badge](https://oss-fuzz-build-logs.storage.googleapis.com/badges/curl.svg)
511 Once your project has started [building](https://oss-fuzz-build-logs.storage.googleapis.com/index.h…
512 your project's README. This allows you to see bugs found by your OSS-Fuzz
519 …Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/<project>.svg)](https://bugs.chr…