| /external/skia/fuzz/ |
| D | README.md | 8 These fuzzers are packaged in two different ways (see //BUILD.gn). There is a `fuzz` executable
9 that contains all fuzzers and is a convenient way to reproduce fuzzer-reported bugs. There are also
13 See [../site/dev/testing/fuzz.md] for more information on building and running fuzzers using the
14 `fuzz` executable.
17 We fuzz Skia using [OSS-Fuzz](https://github.com/google/oss-fuzz), which in turn uses fuzzing
18 engines such as libfuzzer, afl-fuzz, hong-fuzz, and others to fuzz Skia. OSS-fuzz will automatically
19 [file and close bugs](https://bugs.chromium.org/p/oss-fuzz/issues/list?q=label:Proj-skia) when
22 There is a [Skia folder](https://github.com/google/oss-fuzz/tree/master/projects/skia)
23 in the OSS-Fuzz repo that we make changes to when we want to add/remove/change the fuzzers that
25 [This](https://google.github.io/oss-fuzz/getting-started/new-project-guide/#testing-locally)
[all …]
|
| /external/oss-fuzz/infra/triage-party/ |
| D | oss-fuzz.yaml | 2 name: oss-fuzz
4 - https://github.com/google/oss-fuzz
7 - id: Fuzzing Issues
11 Status of issues across oss-fuzz repos
14 - fuzz-issue-updated-support
16 - fuzz-bugs
17 - fuzz-priority
19 - fuzz-many-reactions
20 - fuzz-many-commenters
21 - fuzz-issue-zombies
[all …]
|
| /external/oss-fuzz/docs/getting-started/ |
| D | continuous_integration.md | 1 ---
6 permalink: /getting-started/continuous-integration/
7 ---
11 OSS-Fuzz offers **CIFuzz**, a GitHub action/CI job that runs your fuzz targets
26 * The crash does not occur on older OSS-Fuzz builds. (If the crash does occur
30 If your project supports [OSS-Fuzz's code coverage]({{ site.baseurl }}/advanced-topics/code-coverag…
35 CIFuzz uses 30 day old/public regressions and corpora from OSS-Fuzz. This makes
40 1. Your project must be integrated with OSS-Fuzz.
42 1. Your repository needs to be cloned with `git` in oss-fuzz Dockerfile (do not use `go get` or oth…
49 1. Copy the example [`main.yml`](https://github.com/google/oss-fuzz/blob/master/infra/cifuzz/exampl…
[all …]
|
| D | new_project_guide.md | 1 ---
7 permalink: /getting-started/new-project-guide/
8 ---
13 - TOC
15 ---
21 - [Integrate]({{ site.baseurl }}/advanced-topics/ideal-integration/) one or more [fuzz targets]({{ …
22 with the project you want to fuzz.
25 [boringssl](https://github.com/google/boringssl/tree/master/fuzz) or
27 [go-fuzz](https://github.com/dvyukov/go-fuzz-corpus/tree/86a5af9d6842f80b205a082538ea28f61bbb8ccb) …
31 - [Install Docker](https://docs.docker.com/engine/installation)
[all …]
|
| /external/oss-fuzz/docs/ |
| D | faq.md | 1 ---
7 ---
11 - TOC
13 ---
19 [useful links]({{ site.baseurl }}/reference/useful-links/#tutorials) page.
27 user security. We will consider each request on a case-by-case basis, but some
30 - Exposure to remote attacks (e.g. libraries that are used to process
32 - Number of users/other projects depending on this project.
37 ## How can I find potential fuzz targets in my open source project?
41 - consume un-trusted data from users or from the network.
[all …]
|
| D | index.md | 1 ---
3 title: OSS-Fuzz
8 ---
10 # OSS-Fuzz chapter
12 [Fuzz testing] is a well-known technique for uncovering programming errors in
15 vulnerabilities and stability bugs by deploying [guided in-process fuzzing of
19 [Fuzz testing]: https://en.wikipedia.org/wiki/Fuzz_testing
21 …/bugs.chromium.org/p/chromium/issues/list?q=label%3AStability-LibFuzzer%2CStability-AFL%20-status%…
22 [guided in-process fuzzing of Chrome components]: https://security.googleblog.com/2016/08/guided-in…
25 OSS-Fuzz aims to make common open source software more secure and stable by
[all …]
|
| /external/oss-fuzz/ |
| D | README.md | 1 # OSS-Fuzz: Continuous Fuzzing for Open Source Software
3 [Fuzz testing] is a well-known technique for uncovering programming errors in
6 vulnerabilities and stability bugs by deploying [guided in-process fuzzing of
10 [Fuzz testing]: https://en.wikipedia.org/wiki/Fuzz_testing
12 …/bugs.chromium.org/p/chromium/issues/list?q=label%3AStability-LibFuzzer%2CStability-AFL%20-status%…
13 [guided in-process fuzzing of Chrome components]: https://security.googleblog.com/2016/08/guided-in…
16 OSS-Fuzz aims to make common open source software more secure and stable by
32 Currently, OSS-Fuzz supports C/C++, Rust, Go, Python and Java/JVM code. Other languages
33 supported by [LLVM] may work too. OSS-Fuzz supports fuzzing x86_64 and i386
39 
[all …]
|
| /external/oss-fuzz/projects/skia/ |
| D | Dockerfile | 7 # http://www.apache.org/licenses/LICENSE-2.0
17 FROM gcr.io/oss-fuzz-base/base-builder
20 RUN apt-get update && apt-get install -y python wget libglu1-mesa-dev cmake lib32z1-dev zlib1g-dev …
22 RUN git clone 'https://chromium.googlesource.com/chromium/tools/depot_tools.git' --depth 1
25 RUN git clone https://skia.googlesource.com/skia.git --depth 1
35 RUN wget -O $SRC/skia_data/image_filter_deserialize_seed_corpus.zip https://storage.googleapis.com/…
37 RUN wget -O $SRC/skia_data/region_set_path_seed_corpus.zip https://storage.googleapis.com/skia-fuzz…
39 RUN wget -O $SRC/skia_data/textblob_deserialize_seed_corpus.zip https://storage.googleapis.com/skia…
41 RUN wget -O $SRC/skia_data/path_deserialize_seed_corpus.zip https://storage.googleapis.com/skia-fuz…
43 RUN wget -O $SRC/skia_data/image_decode_seed_corpus.zip https://storage.googleapis.com/skia-fuzzer/…
[all …]
|
| /external/libaom/libaom/test/ |
| D | invalid_file_test.cc | 68 int expected_res_dec = -1; in HandleDecodeResult()
74 if (expected_res_dec != -1) { in HandleDecodeResult()
78 // The serial decode check is too strict for tile-threaded decoding as in HandleDecodeResult()
80 // will take precedence. Currently a tile-level error is not forwarded in HandleDecodeResult()
85 << ". (" << decoder->DecodeError() in HandleDecodeResult()
91 << ". (" << decoder->DecodeError() << ")"; in HandleDecodeResult()
129 { 1, "invalid-bug-1814.ivf", NULL },
130 { 1, "invalid-chromium-906381.ivf", NULL },
131 { 1, "invalid-google-142530197.ivf", NULL },
132 { 1, "invalid-google-142530197-1.ivf", NULL },
[all …]
|
| /external/oss-fuzz/docs/getting-started/new-project-guide/ |
| D | bazel.md | 1 ---
7 permalink: /getting-started/new-project-guide/bazel/
8 ---
13 - TOC
15 ---
20 build system with OSS-Fuzz is very similar to the general
21 [Setting up a new project]({{ site.baseurl }}/getting-started/new-project-guide/)
26 For Bazel-based projects, we recommend using the
28 for defining fuzz tests. `rules_fuzzing` provides support for building and running
29 fuzz tests under
[all …]
|
| D | rust_lang.md | 1 ---
7 permalink: /getting-started/new-project-guide/rust-lang/
8 ---
13 - TOC
15 ---
17 The process of integrating a project written in Rust with OSS-Fuzz is very
19 }}/getting-started/new-project-guide/) process. The key specifics of integrating
22 ## cargo-fuzz support
24 Rust integration with OSS-Fuzz is expected to use [`cargo
25 fuzz`](https://github.com/rust-fuzz/cargo-fuzz) to build fuzzers. The `cargo
[all …]
|
| D | go_lang.md | 1 ---
7 permalink: /getting-started/new-project-guide/go-lang/
8 ---
13 - TOC
15 ---
17 The process of integrating a project written in Go with OSS-Fuzz is very similar
19 [Setting up a new project]({{ site.baseurl }}/getting-started/new-project-guide/)
22 ## Go-fuzz support
24 OSS-Fuzz supports **go-fuzz** in the
25 [libFuzzer compatible mode](https://github.com/mdempsky/go114-fuzz-build)
[all …]
|
| D | python_lang.md | 1 ---
7 permalink: /getting-started/new-project-guide/python-lang/
8 ---
13 - TOC
15 ---
18 The process of integrating a project written in Python with OSS-Fuzz is very
20 [Setting up a new project]({{ site.baseurl }}/getting-started/new-project-guide/)
25 Python fuzzing in OSS-Fuzz depends on
27 `atheris` package, and dependencies are pre-installed on the OSS-Fuzz base
34 We recommend viewing [ujson](https://github.com/google/oss-fuzz/tree/master/projects/ujson) as an
[all …]
|
| /external/oss-fuzz/docs/oss-fuzz/ |
| D | architecture.md | 1 ---
6 parent: OSS-Fuzz
7 ---
10 
15 one or more [fuzz targets](http://libfuzzer.info/#fuzz-target)
16 and [integrates]({{ site.baseurl }}/advanced-topics/ideal-integration/) them
18 1. The project is [accepted to OSS-Fuzz]({{ site.baseurl }}/getting-started/accepting-new-projects/…
19 1. The OSS-Fuzz [builder](https://github.com/google/oss-fuzz/tree/master/infra/build) builds the pr…
20 1. The builder uploads the fuzz targets to the OSS-Fuzz GCS bucket.
21 1. [ClusterFuzz]({{ site.baseurl }}/further-reading/clusterfuzz) downloads the fuzz targets and beg…
[all …]
|
| /external/oss-fuzz/infra/cifuzz/ |
| D | cloudbuild.yaml | 2 - name: 'gcr.io/cloud-builders/docker'
4 - build
5 - '-t'
6 - gcr.io/oss-fuzz-base/cifuzz-base
7 - '-t'
8 - gcr.io/oss-fuzz-base/cifuzz-base:v1
9 - '-f'
10 - infra/cifuzz/cifuzz-base/Dockerfile
11 - .
12 - name: 'gcr.io/cloud-builders/docker'
[all …]
|
| /external/oss-fuzz/infra/build/functions/test_data/ |
| D | expected_build_steps.json | 5 "https://github.com/google/oss-fuzz.git",
6 "--depth",
9 "name": "gcr.io/cloud-builders/git"
12 "name": "gcr.io/cloud-builders/docker",
15 "-t",
16 "gcr.io/oss-fuzz/test-project",
19 "dir": "oss-fuzz/projects/test-project"
22 "name": "gcr.io/oss-fuzz/test-project",
25 "-c",
35 "name": "gcr.io/oss-fuzz/test-project",
[all …]
|
| D | expected_coverage_build_steps.json | 5 "https://github.com/google/oss-fuzz.git",
6 "--depth",
9 "name": "gcr.io/cloud-builders/git"
12 "name": "gcr.io/cloud-builders/docker",
15 "-t",
16 "gcr.io/oss-fuzz/test-project",
19 "dir": "oss-fuzz/projects/test-project"
22 "name": "gcr.io/oss-fuzz/test-project",
25 "-c",
35 "name": "gcr.io/oss-fuzz/test-project",
[all …]
|
| /external/oss-fuzz/docs/reference/ |
| D | useful_links.md | 1 ---
5 permalink: /reference/useful-links/
7 ---
11 - TOC
13 ---
17 * The main page: [oss-fuzz.com](https://oss-fuzz.com)
21 * [This page](https://oss-fuzz-build-logs.storage.googleapis.com/index.html)
26 * 2016-12-01 - Announcing OSS-Fuzz: Continuous fuzzing for open source software
27 ([Open Source](https://opensource.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.htm…
28 [Testing](https://testing.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html),
[all …]
|
| /external/oss-fuzz/docs/advanced-topics/ |
| D | ideal_integration.md | 1 ---
6 permalink: /advanced-topics/ideal-integration/
7 ---
9 # Ideal integration with OSS-Fuzz
12 OSS projects have different build and test systems. We can't expect them all to
13 implement and maintain fuzz targets or integrate them with OSS-Fuzz in the same
19 [example](https://github.com/google/oss-fuzz/tree/master/projects/example/my-api-repo)
22 - TOC
24 ---
28 Every [fuzz target](http://libfuzzer.info/#fuzz-target):
[all …]
|
| /external/golang-protobuf/internal/fuzz/ |
| D | README.md | 3 Fuzzing support using [go-fuzz](https://github.com/dvyukov/go-fuzz).
8 $ go install github.com/dvyukov/go-fuzz/go-fuzz
9 $ go install github.com/mdempsky/go114-fuzz-build
10 $ cd internal/fuzz/{fuzzer}
11 $ go114-fuzz-build google.golang.org/protobuf/internal/fuzz/{fuzzer}
12 $ go-fuzz
15 ## OSS-Fuzz section in Fuzzing
18 [OSS-Fuzz](https://github.com/google/oss-fuzz).
20 The OSS-Fuzz
21 [configuration](https://github.com/google/oss-fuzz/blob/master/projects/golang-protobuf/build.sh)
[all …]
|
| /external/python/cpython3/Modules/_xxtestfuzz/ |
| D | README.rst | 1 Fuzz Tests for CPython
4 These fuzz tests are designed to be included in Google's `oss-fuzz`_ project.
6 oss-fuzz works against a library exposing a function of the form
9 some toy values -- no fuzzing occurs in Python's test suite.
11 oss-fuzz will regularly pull from CPython, discover all the tests in
12 ``fuzz_tests.txt``, and run them -- so adding a new test here means it will
13 automatically be run in oss-fuzz, while also being smoke-tested as part of
16 Adding a new fuzz test
17 ----------------------
35 ``LLVMFuzzerTestOneInput`` will run in oss-fuzz, with each test in
[all …]
|
| /external/oss-fuzz/infra/base-images/ |
| D | all.sh | 1 #!/bin/bash -eux
8 # http://www.apache.org/licenses/LICENSE-2.0
18 docker build --pull -t gcr.io/oss-fuzz-base/base-image "$@" infra/base-images/base-image
19 docker build -t gcr.io/oss-fuzz-base/base-clang "$@" infra/base-images/base-clang
20 docker build -t gcr.io/oss-fuzz-base/base-builder "$@" infra/base-images/base-builder
21 docker build -t gcr.io/oss-fuzz-base/base-builder-go "$@" infra/base-images/base-builder-go
22 docker build -t gcr.io/oss-fuzz-base/base-builder-jvm "$@" infra/base-images/base-builder-jvm
23 docker build -t gcr.io/oss-fuzz-base/base-builder-python "$@" infra/base-images/base-builder-python
24 docker build -t gcr.io/oss-fuzz-base/base-builder-rust "$@" infra/base-images/base-builder-rust
25 docker build -t gcr.io/oss-fuzz-base/base-builder-swift "$@" infra/base-images/base-builder-swift
[all …]
|
| /external/oss-fuzz/projects/example/my-api-repo/ |
| D | README.md | 1 Example of [OSS-Fuzz ideal integration](https://google.github.io/oss-fuzz/advanced-topics/ideal-int…
3 …t has most of the traits of [ideal](https://google.github.io/oss-fuzz/advanced-topics/ideal-integr…
5 ## Files in my-api-repo
8 * [my_api.h](my_api.h): and [my_api.cpp](my_api.cpp) implement the API we want to test/fuzz. The fu…
10 * [do_stuff_fuzzer.cpp](do_stuff_fuzzer.cpp): is a [fuzz target](http://libfuzzer.info/#fuzz-target…
12 …ct): a [fuzzing dictionary file](https://google.github.io/oss-fuzz/getting-started/new-project-gui…
16 * builds the fuzz target(s) and their corpus archive(s)
17 …p) on [`do_stuff_test_data/*`](do_stuff_test_data), thus ensures that the fuzz target is up to dat…
18 …arget_runner.cpp): is a simple standalone runner for fuzz targets. You may use it to execute a fuz…
20 ## Files in OSS-Fuzz repository
[all …]
|
| /external/oss-fuzz/infra/build/functions/ |
| D | build_lib.py | 7 # http://www.apache.org/licenses/LICENSE-2.0
38 CORPUS_BACKUP_URL = ('/{project}-backup.clusterfuzz-external.appspot.com/'
52 EngineInfo(upload_bucket='clusterfuzz-builds',
56 EngineInfo(upload_bucket='clusterfuzz-builds-afl',
60 EngineInfo(upload_bucket='clusterfuzz-builds-honggfuzz',
64 EngineInfo(upload_bucket='clusterfuzz-builds-dataflow',
68 EngineInfo(upload_bucket='clusterfuzz-builds-no-engine',
91 bucket += '-' + architecture
93 bucket += '-testing'
115 # pylint: disable=no-member
[all …]
|
| /external/oss-fuzz/docs/clusterfuzzlite/ |
| D | build_integration.md | 1 ---
7 permalink: /clusterfuzzlite/build-integration/
8 ---
12 - TOC
14 ---
18 [libFuzzer targets]({{ site.baseurl }}/reference/glossary/#fuzz-target) on
21 We re-use the [OSS-Fuzz](https://github.com/google/oss-fuzz) toolchain to make
28 - [Integrate]({{ site.baseurl }}/advanced-topics/ideal-integration/) one or more [fuzz targets]({{ …
29 with the project you want to fuzz. For examples, see TODO.
30 - [Install Docker](https://docs.docker.com/engine/installation)
[all …]
|