• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Fuzzer for libresourcemanagerservice
2
3## Plugin Design Considerations
4The fuzzer plugin for libresourcemanagerservice is designed based on the
5understanding of the service and tries to achieve the following:
6
7##### Maximize code coverage
8The configuration parameters are not hardcoded, but instead selected based on
9incoming data. This ensures more code paths are reached by the fuzzer.
10
11Media Resource Manager supports the following parameters:
121. Media Resource Type (parameter name: `mediaResourceType`)
132. Media Resource SubType (parameter name: `mediaResourceSubType`)
14
15| Parameter| Valid Values| Configured Value|
16|------------- |-------------| ----- |
17| `mediaResourceType` | 0.`MediaResource::kSecureCodec` 1.`MediaResource::kNonSecureCodecC` 2.`MediaResource::kGraphicMemory` 3.`MediaResource::kCpuBoost`  4.`MediaResource::kBattery` 5.`MediaResource::kDrmSession`| Value obtained from FuzzedDataProvider |
18| `mediaResourceSubType`   | 0.`MediaResource::kAudioCodec` 1.`MediaResource::kVideoCodec` 2.`MediaResource::kUnspecifiedSubType`  | Value obtained from FuzzedDataProvider |
19
20This also ensures that the plugin is always deterministic for any given input.
21
22## Build
23
24This describes steps to build mediaresourcemanager_fuzzer binary.
25
26### Android
27
28#### Steps to build
29Build the fuzzer
30```
31  $ mm -j$(nproc) mediaresourcemanager_fuzzer
32```
33
34#### Steps to run
35Create a directory CORPUS_DIR and copy some files to that folder
36Push this directory to device.
37
38To run on device
39```
40  $ adb sync data
41  $ adb shell /data/fuzz/arm64/mediaresourcemanager_fuzzer/mediaresourcemanager_fuzzer CORPUS_DIR
42```
43
44## References:
45 * http://llvm.org/docs/LibFuzzer.html
46 * https://github.com/google/oss-fuzz
47