| /external/oss-fuzz/projects/pygments/ |
| D | Dockerfile | 26 RUN git clone --depth 1 https://github.com/google/fuzzing
27 RUN cat fuzzing/dictionaries/aff.dict \
28 fuzzing/dictionaries/bash.dict \
29 fuzzing/dictionaries/creole.dict \
30 fuzzing/dictionaries/css.dict \
31 fuzzing/dictionaries/graphviz.dict \
32 fuzzing/dictionaries/fbs.dict \
33 fuzzing/dictionaries/html.dict \
34 fuzzing/dictionaries/jinja2.dict \
35 fuzzing/dictionaries/js.dict \
[all …]
|
| /external/bc/tests/fuzzing/ |
| D | bc_afl.yaml | 10 - rm -rf tests/fuzzing/bc_outputs1/
11 - rm -rf tests/fuzzing/bc_outputs2/
12 - rm -rf tests/fuzzing/dc_outputs/
28 …- afl-fuzz -i tests/fuzzing/bc_inputs1 -o tests/fuzzing/bc_outputs1 -p exploit -D -M bc11 bin/bc -…
44 …- afl-fuzz -i tests/fuzzing/bc_inputs1 -o tests/fuzzing/bc_outputs1 -p coe -S bc12 bin/bc -lqc -e …
60 …- afl-fuzz -i tests/fuzzing/bc_inputs1 -o tests/fuzzing/bc_outputs1 -p fast -S bc13 bin/bc -lqc -e…
76 …- afl-fuzz -i tests/fuzzing/bc_inputs1 -o tests/fuzzing/bc_outputs1 -p explore -S bc14 bin/bc -lqc…
92 …- afl-fuzz -i tests/fuzzing/bc_inputs1 -o tests/fuzzing/bc_outputs1 -p exploit -D -S bc15 bin/bc -…
108 …- afl-fuzz -i tests/fuzzing/bc_inputs2 -o tests/fuzzing/bc_outputs2 -p exploit -D -M bc21 bin/bc -…
124 …- afl-fuzz -i tests/fuzzing/bc_inputs2 -o tests/fuzzing/bc_outputs2 -p coe -S bc22 bin/bc -lqc -e …
[all …]
|
| D | bc_afl_continue.yaml | 26 …- afl-fuzz -i- -o tests/fuzzing/bc_outputs1 -p exploit -D -M bc11 bin/bc -lqc -e "seed = 128093714…
42 …- afl-fuzz -i- -o tests/fuzzing/bc_outputs1 -p coe -S bc12 bin/bc -lqc -e "seed = 1280937142.20981…
58 …- afl-fuzz -i- -o tests/fuzzing/bc_outputs1 -p fast -S bc13 bin/bc -lqc -e "seed = 1280937142.2098…
74 …- afl-fuzz -i- -o tests/fuzzing/bc_outputs1 -p explore -S bc14 bin/bc -lqc -e "seed = 1280937142.2…
90 …- afl-fuzz -i- -o tests/fuzzing/bc_outputs1 -p exploit -D -S bc15 bin/bc -lqC -e "seed = 128093714…
106 …- afl-fuzz -i- -o tests/fuzzing/bc_outputs2 -p exploit -D -M bc21 bin/bc -lqc -e "seed = 128093714…
122 …- afl-fuzz -i- -o tests/fuzzing/bc_outputs2 -p coe -S bc22 bin/bc -lqc -e "seed = 1280937142.20981…
138 …- afl-fuzz -i- -o tests/fuzzing/bc_outputs2 -p fast -S bc23 bin/bc -lqc -e "seed = 1280937142.2098…
154 …- afl-fuzz -i- -o tests/fuzzing/bc_outputs2 -p explore -S bc24 bin/bc -lqc -e "seed = 1280937142.2…
170 …- afl-fuzz -i- -o tests/fuzzing/bc_outputs2 -p exploit -D -S bc25 bin/bc -lqC -e "seed = 128093714…
[all …]
|
| /external/AFLplusplus/docs/ |
| D | README.md | 11 ## Fuzzing targets with the source code available
13 You can find a quickstart for fuzzing targets with the source code available in
14 the [README.md of the repository](../README.md#quick-start-fuzzing-with-afl).
16 For in-depth information on the steps of the fuzzing process, see
20 
8 * [Fuzzing a target with dlopen() instrumented libraries](#fuzzing-a-target-with-dlopen-instrumente…
9 * [Fuzzing a binary-only target](#fuzzing-a-binary-only-target)
10 * [Fuzzing a GUI program](#fuzzing-a-gui-program)
11 * [Fuzzing a network service](#fuzzing-a-network-service)
20 ### Fuzzing a target with source code available
25 ### Fuzzing a target with dlopen instrumented libraries
27 If a source code based fuzzing target loads instrumented libraries with
45 ### Fuzzing a binary-only target
50 ### Fuzzing a GUI program
[all …]
|
| D | fuzzing_in_depth.md | 1 # Fuzzing with AFL++
7 Fuzzing source code is a three-step process:
11 2. Prepare the fuzzing by selecting and optimizing the input corpus for the
13 3. Perform the fuzzing of the target by randomly mutating input and assessing if
19 tasks, fuzzing may put a strain on your hardware and on the OS. In particular:
23 automatically throttled. That said, especially when fuzzing on less suitable
30 that you shouldn't be fuzzing on systems where the prospect of data loss is
33 - Fuzzing involves billions of reads and writes to the filesystem. On modern
132 AFL++ which then tries to put these values into the fuzzing data at different
195 It is possible to use sanitizers when instrumenting targets for fuzzing, which
[all …]
|
| /external/cronet/testing/libfuzzer/ |
| D | README.md | 3 [go/chrome-fuzzing](https://goto.google.com/chrome-fuzzing)
5 [Fuzzing] is a testing technique that feeds auto-generated inputs to a piece
8 [go/fuzzing-success](http://go/fuzzing-success)). You can learn more about the
9 benefits of fuzzing at [go/why-fuzz](http://go/why-fuzz).
11 This documentation covers the in-process guided fuzzing approach employed by
12 different fuzzing engines, such as [libFuzzer] or [AFL]. To learn more about
13 out-of-process fuzzers, please refer to the [Blackbox fuzzing] page in the
21 automatically discovered by buildbots, built with different fuzzing engines,
22 then uploaded to the distributed [ClusterFuzz] fuzzing system to run at scale.
39 * [Fuzzing mojo interfaces] using automatically generated libprotobuf-mutator fuzzers.
[all …]
|
| /external/cronet/testing/libfuzzer/fuzzers/command_buffer_lpm_fuzzer/ |
| D | cmd_buf_lpm_fuzz.cc | 47 namespace gpu::cmdbuf::fuzzing { namespace
85 // Use SwiftShader so fuzzing can work without a physical GPU. in GfxInit()
97 // fuzzing, but it's a starting point. in GfxInit()
133 Data structures of particular interest to fuzzing include: in GfxInit()
197 gpu::SyncToken CmdBufFuzz::SyncTokenFromProto(fuzzing::SyncToken token_proto) { in SyncTokenFromProto()
207 gpu::cmdbuf::fuzzing::CommandBufferNamespaceIds::MAX_VALID); in SyncTokenFromProto()
216 /* Fuzzing happens here. */
217 void CmdBufFuzz::RunCommandBuffer(fuzzing::CmdBufSession session) { in RunCommandBuffer()
228 case fuzzing::Action::kCmdBufOp: { in RunCommandBuffer()
231 case fuzzing::InProcessCommandBufferOp::kGetLastState: { in RunCommandBuffer()
[all …]
|
| /external/oss-fuzz/docs/clusterfuzzlite/ |
| D | running_clusterfuzzlite.md | 32 ### Code Review Fuzzing
34 TODO(metzman): Work on a generic name for CIFuzz/PR fuzzing.
36 One of the core ways for ClusterFuzzLite to be used is for fuzzing code that is
40 To use Code Review Fuzzing, set the configuration option `clusterfuzzlite-task`
44 Code Review Fuzzing.
46 If [Batch Fuzzing] is enabled, Code Review Fuzzing will report only newly
47 introduced bugs and use the corpus developed during batch fuzzing.
48 If [Code Coverage Reporting] is enabled, Code Review Fuzzing will try to only
51 ### Batch Fuzzing
53 ClusterFuzzLite can also run in a batch fuzzing mode where all fuzzers are run
[all …]
|
| /external/flac/oss-fuzz/ |
| D | reencoder.cc | 28 #include <fuzzing/datasource/datasource.hpp>
29 #include <fuzzing/memory.hpp>
42 // fuzzing::datasource::Datasource& ds;
44 FuzzerStream(fuzzing::datasource::Datasource&) : in FuzzerStream()
48 fuzzing::memory::memory_test(buffer, bytes); in write_callback()
56 fuzzing::datasource::Datasource& ds;
59 … FuzzerDecoder(fuzzing::datasource::Datasource& dsrc, FLAC::Encoder::FuzzerStream& encoder_arg) : in FuzzerDecoder()
98 fuzzing::memory::memory_test(&(frame->header), sizeof(frame->header)); in write_callback()
99 fuzzing::memory::memory_test(&(frame->footer), sizeof(frame->footer)); in write_callback()
106 fuzzing::memory::memory_test(buffer[i], bytesPerChannel); in write_callback()
[all …]
|
| D | encoder.cc | 28 #include <fuzzing/datasource/datasource.hpp>
29 #include <fuzzing/memory.hpp>
38 // fuzzing::datasource::Datasource& ds;
40 FuzzerStream(fuzzing::datasource::Datasource&) : in FuzzerStream()
44 fuzzing::memory::memory_test(buffer, bytes); in write_callback()
59 fuzzing::datasource::Datasource ds(data, size); in LLVMFuzzerTestOneInput()
70 fuzzing::memory::memory_test(res); in LLVMFuzzerTestOneInput()
74 fuzzing::memory::memory_test(res); in LLVMFuzzerTestOneInput()
78 fuzzing::memory::memory_test(res); in LLVMFuzzerTestOneInput()
82 fuzzing::memory::memory_test(res); in LLVMFuzzerTestOneInput()
[all …]
|
| D | decoder.cc | 27 #include <fuzzing/datasource/datasource.hpp>
28 #include <fuzzing/memory.hpp>
34 template <> FLAC__MetadataType fuzzing::datasource::Base::Get<FLAC__MetadataType>(const uint64_t id… in Get()
64 fuzzing::datasource::Datasource& ds;
66 FuzzerStream(fuzzing::datasource::Datasource& dsrc) : in FuzzerStream()
96 fuzzing::memory::memory_test(&(frame->header), sizeof(frame->header)); in write_callback()
97 fuzzing::memory::memory_test(&(frame->footer), sizeof(frame->footer)); in write_callback()
104 fuzzing::memory::memory_test(buffer[i], bytesPerChannel); in write_callback()
117 fuzzing::memory::memory_test(status); in error_callback()
122 fuzzing::memory::memory_test(metadata->type); in metadata_callback()
[all …]
|
| /external/libcxx/fuzzing/ |
| D | fuzz_test.cpp | 11 // A simple program for running regressions on the fuzzing routines.
15 // clang++ -std=c++11 fuzz_test.cpp fuzzing.cpp
32 #include "fuzzing.h"
109 {"sort", fuzzing::sort},
110 {"stable_sort", fuzzing::stable_sort},
111 {"partition", fuzzing::partition},
112 {"partition_copy", fuzzing::partition_copy},
113 {"stable_partition", fuzzing::stable_partition},
114 {"unique", fuzzing::unique},
115 {"unique_copy", fuzzing::unique_copy},
[all …]
|
| /external/tpm2-tss/doc/ |
| D | fuzzing.md | 1 # Fuzzing chapter
6 Building fuzz tests can be enabled using the `--with-fuzzing=` option. For which
14 libFuzzer tests can be built natively or using the docker `fuzzing` target.
18 Build the fuzz tests by setting `--with-fuzzing=libfuzzer` and statically
19 linking to the fuzzing TCTI.
29 --with-fuzzing=libfuzzer \
30 --enable-tcti-fuzzing \
47 Build the fuzz targets and check that they work by building the `fuzzing` docker
51 docker build --target fuzzing -t tpm2-tss:fuzzing .
58 docker run --rm -ti tpm2-tss:fuzzing \
[all …]
|
| /external/oss-fuzz/projects/lotus/ |
| D | build.sh | 26 mkdir fuzzing
27 cp ../fuzzing-lotus/fuzz/fuzz.go fuzzing/
28 compile_go_fuzzer github.com/filecoin-project/lotus/fuzzing FuzzBlockMsg fuzz_block_msg || true
29 …compile_go_fuzzer github.com/filecoin-project/lotus/fuzzing FuzzBlockMsgStructural fuzz_block_msg_…
30 …compile_go_fuzzer github.com/filecoin-project/lotus/fuzzing FuzzBlockHeader fuzz_block_header || t…
31 …compile_go_fuzzer github.com/filecoin-project/lotus/fuzzing FuzzNodesForHeight fuzz_nodes_for_heig…
38 # Fuzzers from fuzzing-lotus
39 cd ../fuzzing-lotus/fuzz
41 go mod init github.com/filecoin-project/fuzzing-lotus/fuzz
43 compile_go_fuzzer github.com/filecoin-project/fuzzing-lotus/fuzz FuzzBlockMsg fuzz_block_msg
[all …]
|
| /external/oss-fuzz/projects/powerdns/ |
| D | build.sh | 27 # build fuzzing targets
40 # copy the fuzzing target binaries
44 cp ../regression-tests/zones/* ../fuzzing/corpus/zones/
47 if [ -d ../fuzzing/corpus/raw-dns-packets/ ]; then
48 zip -j "${OUT}/fuzz_target_dnsdistcache_seed_corpus.zip" ../fuzzing/corpus/raw-dns-packets/*
50 if [ -d ../fuzzing/corpus/txt-records/ ]; then
51 …zip -j "${OUT}/fuzz_target_dnslabeltext_parseRFC1035CharString_seed_corpus.zip" ../fuzzing/corpus/…
53 if [ -d ../fuzzing/corpus/raw-dns-packets/ ]; then
54 zip -j "${OUT}/fuzz_target_moadnsparser_seed_corpus.zip" ../fuzzing/corpus/raw-dns-packets/*
56 if [ -d ../fuzzing/corpus/raw-dns-packets/ ]; then
[all …]
|
| /external/oss-fuzz/projects/quic-go/ |
| D | build.sh | 23 compile_go_fuzzer github.com/marten-seemann/qpack/fuzzing Fuzz qpack_fuzzer
29 compile_go_fuzzer github.com/lucas-clemente/quic-go/fuzzing/frames Fuzz frame_fuzzer
30 compile_go_fuzzer github.com/lucas-clemente/quic-go/fuzzing/header Fuzz header_fuzzer
31 compile_go_fuzzer github.com/lucas-clemente/quic-go/fuzzing/transportparameters Fuzz transportparam…
32 compile_go_fuzzer github.com/lucas-clemente/quic-go/fuzzing/tokens Fuzz token_fuzzer
33 compile_go_fuzzer github.com/lucas-clemente/quic-go/fuzzing/handshake Fuzz handshake_fuzzer
40 go generate ./fuzzing/...
42 zip --quiet -r $OUT/header_fuzzer_seed_corpus.zip fuzzing/header/corpus
43 zip --quiet -r $OUT/frame_fuzzer_seed_corpus.zip fuzzing/frames/corpus
44 zip --quiet -r $OUT/transportparameter_fuzzer_seed_corpus.zip fuzzing/transportparameters/corpus
[all …]
|
| /external/oss-fuzz/docs/reference/ |
| D | glossary.md | 11 For general fuzzing terms, see the [glossary] from [google/fuzzing] project.
13 [glossary]: https://github.com/google/fuzzing/blob/master/docs/glossary.md
14 [google/fuzzing]: https://github.com/google/fuzzing
24 A scalable fuzzing infrastructure that is used for OSS-Fuzz backend.
34 [general definition](https://github.com/google/fuzzing/blob/master/docs/glossary.md#fuzz-target),
45 [project](#project), is run with a specific [fuzzing engine], in a specific
67 [fuzz targets]: https://github.com/google/fuzzing/blob/master/docs/glossary.md#fuzz-target
68 [fuzzing engine]: https://github.com/google/fuzzing/blob/master/docs/glossary.md#fuzzing-engine
69 [sanitizer]: https://github.com/google/fuzzing/blob/master/docs/glossary.md#sanitizer
70 [test input]: https://github.com/google/fuzzing/blob/master/docs/glossary.md#test-input
[all …]
|
| /external/oss-fuzz/projects/sleuthkit/ |
| D | buildcorpus.sh | 23 # The Fuzzing Project: https://fuzzing-project.org/resources.html
33 ["ext"]="https://files.fuzzing-project.org/filesystems/ext2.img"
34 …fuzzing-project.org/filesystems/exfat.img https://files.fuzzing-project.org/filesystems/fat12.img …
35 ["hfs"]="https://files.fuzzing-project.org/filesystems/hfsplus.img"
36 ["iso9660"]="https://files.fuzzing-project.org/discimages/iso9660.iso"
37 ["ntfs"]="https://files.fuzzing-project.org/filesystems/ntfs.img"
42 ["dos"]="https://files.fuzzing-project.org/discimages/partition-dos"
43 ["gpt"]="https://files.fuzzing-project.org/discimages/partition-gpt"
44 ["mac"]="https://files.fuzzing-project.org/discimages/partition-mac"
|
| /external/oss-fuzz/docs/ |
| D | index.md | 15 vulnerabilities and stability bugs by deploying [guided in-process fuzzing of
22 [guided in-process fuzzing of Chrome components]: https://security.googleblog.com/2016/08/guided-in…
26 combining modern fuzzing techniques with scalable, distributed execution.
31 We support the [libFuzzer], [AFL++], and [Honggfuzz] fuzzing engines in
42 languages supported by [LLVM] may work too. OSS-Fuzz supports fuzzing x86_64
47 ## Learn more about fuzzing
50 project. To learn more about fuzzing in general, we recommend reading [libFuzzer
51 tutorial] and the other docs in [google/fuzzing] repository. These and some
54 [google/fuzzing]: https://github.com/google/fuzzing/tree/master/docs
55 [libFuzzer tutorial]: https://github.com/google/fuzzing/blob/master/tutorial/libFuzzerTutorial.md
|
| D | faq.md | 15 ## Where can I learn more about fuzzing?
17 We recommend reading [libFuzzer tutorial] and the other docs in [google/fuzzing]
21 [google/fuzzing]: https://github.com/google/fuzzing/tree/master/docs
22 [libFuzzer tutorial]: https://github.com/google/fuzzing/blob/master/tutorial/libFuzzerTutorial.md
58 on. ClusterFuzz is an open-source fuzzing infrastructure that you can deploy in
74 Our [ClusterFuzz]({{ site.baseurl }}/further-reading/clusterfuzz) fuzzing
97 since they significantly reduce the efficiency of fuzzing.
99 Remember that fuzzing is executed with AddressSanitizer or other
141 fuzzing engine(s) are not able to go deeper based on the existing seeds.
143 - There is some crypto/crc stuff in the code that will prevent any fuzzing
[all …]
|
| /external/oss-fuzz/ |
| D | README.md | 1 # OSS-Fuzz: Continuous Fuzzing for Open Source Software
6 vulnerabilities and stability bugs by deploying [guided in-process fuzzing of
13 [guided in-process fuzzing of Chrome components]: https://security.googleblog.com/2016/08/guided-in…
17 combining modern fuzzing techniques with scalable, distributed execution.
22 We support the [libFuzzer], [AFL++], and [Honggfuzz] fuzzing engines in
33 supported by [LLVM] may work too. OSS-Fuzz supports fuzzing x86_64 and i386
54 * 2016-12-01 - [Announcing OSS-Fuzz: Continuous fuzzing for open source software]
57 * 2020-10-09 - [Fuzzing internships for Open Source Software]
60 …S-Fuzz: Continuous fuzzing for open source software]: https://opensource.googleblog.com/2016/12/an…
63 [Fuzzing internships for Open Source Software]: https://security.googleblog.com/2020/10/fuzzing-int…
|
| /external/tensorflow/tensorflow/security/fuzzing/ |
| D | tf_fuzzing.bzl | 3 # TensorFlow fuzzing can be done in open source too.
8 # - dictionaries/${FUZZ}.dict : fuzzing dictionary for the fuzzer
13 # across multiple fuzzers (for example fuzzing ops), we can store it in other
15 # on a case by case basis, for now the ops fuzzing harness resides under
16 # tensorflow/core/kernels/fuzzing.
19 # mutators to do structure aware fuzzing) or any other type of content that is
22 # tf_cc_fuzz_target is a cc_test modified to include fuzzing support.
25 # Fuzzing specific arguments
60 deps: An optional list of dependencies for the code you're fuzzing.
83 # tf_py_fuzz_target is a py_test modified to include fuzzing support.
[all …]
|
| /external/oss-fuzz/infra/build/functions/ |
| D | update_build_status_test.py | 161 update_build_status.update_last_successful_build(project, 'fuzzing')
165 ndb.Key(LastSuccessfulBuild, 'test-project-fuzzing').get().build_id)
171 LastSuccessfulBuild(id='test-project-fuzzing',
172 build_tag='fuzzing',
177 update_build_status.update_last_successful_build(project, 'fuzzing')
197 LastSuccessfulBuild(id='test-project-fuzzing',
198 build_tag='fuzzing',
203 update_build_status.update_last_successful_build(project, 'fuzzing')
207 ndb.Key(LastSuccessfulBuild, 'test-project-fuzzing').get().build_id)
239 BuildsHistory(id='test-project-1-fuzzing',
[all …]
|