glib/fuzzing
Philip Withnall b1315988fc fuzzing: Fix test failure with G_DISABLE_ASSERT
https://gitlab.gnome.org/GNOME/glib/-/jobs/1875915
```
../fuzzing/fuzz_paths.c: In function ‘LLVMFuzzerTestOneInput’:
../fuzzing/fuzz_paths.c:7:16: error: variable ‘skipped_root’ set but not used [-Werror=unused-but-set-variable]
    7 |   const gchar *skipped_root;
      |                ^~~~~~~~~~~~
cc1: all warnings being treated as errors
```

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2022-03-08 11:52:30 +00:00
..
driver.c Fix small file leak in fuzzing driver 2021-04-01 14:27:03 -05:00
fuzz_bookmark.c Integrate oss-fuzz targets 2018-10-11 00:02:03 +00:00
fuzz_bookmark.corpus Integrate oss-fuzz targets 2018-10-11 00:02:03 +00:00
fuzz_canonicalize_filename.c fuzzing: Add fuzz tests for functions which parse paths 2021-03-24 11:16:49 +00:00
fuzz_date_parse.c fuzzing: Add more fuzzing tests for various string parsing functions 2020-12-08 11:07:43 +00:00
fuzz_date_time_new_from_iso8601.c fuzzing: Add more fuzzing tests for various string parsing functions 2020-12-08 11:07:43 +00:00
fuzz_dbus_message.c Fix wrong position for static qualifier warning in fuzzing/fuzz_dbus_message.c 2021-02-10 20:41:16 +01:00
fuzz_inet_address_mask_new_from_string.c fuzzing: Add more fuzzing tests for various string parsing functions 2020-12-08 11:07:43 +00:00
fuzz_inet_address_new_from_string.c fuzzing: Add more fuzzing tests for various string parsing functions 2020-12-08 11:07:43 +00:00
fuzz_inet_socket_address_new_from_string.c fuzzing: Add more fuzzing tests for various string parsing functions 2020-12-08 11:07:43 +00:00
fuzz_key.c fuzzing: Add more parsing flags to the GKeyFile test 2020-12-17 12:42:54 +00:00
fuzz_key.corpus Integrate oss-fuzz targets 2018-10-11 00:02:03 +00:00
fuzz_network_address_parse_uri.c fuzzing: Add more fuzzing tests for various string parsing functions 2020-12-08 11:07:43 +00:00
fuzz_network_address_parse.c fuzzing: Add more fuzzing tests for various string parsing functions 2020-12-08 11:07:43 +00:00
fuzz_paths.c fuzzing: Fix test failure with G_DISABLE_ASSERT 2022-03-08 11:52:30 +00:00
fuzz_resolver.c fuzzing: Add a fuzz test for parsing DNS records 2021-12-16 11:26:03 +00:00
fuzz_uri_escape.c uri: add a GError to the new g_uri_unescape_bytes() 2020-07-26 17:19:37 +04:00
fuzz_uri_parse_params.c uri: make g_uri_parse_params() take an error 2020-07-07 15:20:57 +04:00
fuzz_uri_parse.c fuzzing: Add more GUriFlags to the URI parsing test 2020-12-17 12:03:18 +00:00
fuzz_variant_binary.c Integrate oss-fuzz targets 2018-10-11 00:02:03 +00:00
fuzz_variant_text.c Integrate oss-fuzz targets 2018-10-11 00:02:03 +00:00
fuzz_variant_text.dict Integrate oss-fuzz targets 2018-10-11 00:02:03 +00:00
fuzz.h Integrate oss-fuzz targets 2018-10-11 00:02:03 +00:00
meson.build fuzzing: Add a fuzz test for parsing DNS records 2021-12-16 11:26:03 +00:00
README.md docs: Update various external links to use HEAD instead of master 2021-06-07 14:03:48 +01:00

Fuzz targets used by oss-fuzz.

Useful links: Dashboard (requires access), Build logs, Coverage

How to add new targets

Add fuzz_target_name.c and edit meson.build accordingly.

New targets are picked up by oss-fuzz automatically within a day. Targets must not be renamed once added.

Add (optional) fuzz_target_name.dict containing keywords and magic bytes.

Add (optional) fuzz_target_name.corpus with file names on separate lines. Wildcards ?, * and ** are supported. Examples below.

glib/*  # all files in directory glib
glib/** # all files in directory glib and sub-directories
**.xbel # all files ending with .xbel in the repository

Recommended reading: Fuzz Target, Dictionaries, Corpus

How to reproduce oss-fuzz bugs locally

Build with at least the following flags, choosing a sanitizer as needed. A somewhat recent version of clang is recommended.

$ CC=clang CXX=clang++ meson DIR -Db_sanitize=<address|undefined> -Db_lundef=false

Afterwards run the affected target against the provided test case.

$ DIR/fuzzing/fuzz_target_name FILE

FAQs

What about Memory Sanitizer (MSAN)?

Correct MSAN instrumentation is difficult to achieve locally, so false positives are very likely to mask the actual bug.

If need be, you can still reproduce those bugs with the oss-fuzz provided docker images.

There are no file/function names in the stack trace.

llvm-symbolizer must be in PATH.

UndefinedBehavior Sanitizer (UBSAN) doesn't provide a stack trace.

Set environment variable UBSAN_OPTIONS to print_stacktrace=1 prior to running the target.