1This directory contains source code and build scripts for coverage-guided 2fuzzers. 3 4Detailed instructions are available at: 5 6 https://github.com/google/oss-fuzz/blob/master/docs/ 7 8Quick start: 9 10 Build a container 11 12 $ docker build -t ossfuzz/tpm2 -f fuzz/Dockerfile . 13 14 Build fuzzers 15 16 $ docker run -ti --rm -v $(pwd):/src/tpm2 -v /tmp/fuzzers:/out \ 17 ossfuzz/tpm2 18 19 Look in /tmp/fuzzers to see the executables. Run them like so: 20 21 $ docker run -ti -v $(pwd)/fuzz/corpus-execute-command:/corpus \ 22 -v /tmp/fuzzers:/out ossfuzz/libfuzzer-runner \ 23 /out/tpm2_execute_command_fuzzer /corpus -runs=100 24 25To reproduce a crash under gdb: 26 27 Build a container 28 29 $ docker build -t ossfuzz/tpm2 -f fuzz/Dockerfile . 30 31 Build fuzzers 32 33 $ docker run -ti --rm -v $(pwd):/src/tpm2 -v /tmp/fuzzers:/out \ 34 ossfuzz/tpm2 35 or 36 37 $ docker run -ti --rm -v $(pwd):/src/tpm2 -v /tmp/fuzzers:/out \ 38 -e FUZZING_ENGINE=libfuzzer \ 39 -e SANITIZER=<address/memory/undefined> \ 40 ossfuzz/tpm2 41 42 Get a shell in the container 43 44 $ docker run -ti --privileged \ 45 -v <crash_testcase>:/testcase \ 46 -v /tmp/fuzzers:/out \ 47 -v $(pwd):/src/tpm2 \ 48 -t ossfuzz/libfuzzer-runner 49 50 In the container 51 52 # gdb /out/tpm2_execute_command_fuzzer 53 54 In gdb 55 56 (gdb) r /testcase 57