mirror of
https://github.com/samba-team/samba.git
synced 2025-01-10 01:18:15 +03:00
f57c0238e9
We work hard to put the primary logic for oss-fuzz here, and where possible into waf, so that only a tiny stub needs to be maintained in the Google oss-fuzz repo. This will be called by build.sh (not copied directly because it is too easy to forget to copy in an updated version when doing development in the docker image). Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Uri Simchoni <uri@samba.org> |
||
|---|---|---|
| .. | ||
| oss-fuzz | ||
| fuzz_ldap_decode.c | ||
| fuzz_ldb_parse_tree.c | ||
| fuzz_lzxpress.c | ||
| fuzz_oLschema2ldif.c | ||
| fuzz_reg_parse.c | ||
| fuzz_regfio.c | ||
| fuzz_tiniparser.c | ||
| fuzzing.c | ||
| fuzzing.h | ||
| README.md | ||
| wscript_build | ||
Fuzzing Samba
Fuzzing supplies valid, invalid, unexpected or random data as input to a piece of code. Instrumentation, usually compiler-implemented, is used to monitor for exceptions such as crashes, assertions or memory corruption.
See Wikipedia article on fuzzing for more information.
Configure with fuzzing
Example command line to build binaries for use with honggfuzz:
buildtools/bin/waf -C --without-gettext --enable-debug --enable-developer \
--address-sanitizer --enable-libfuzzer \
CC=.../honggfuzz/hfuzz_cc/hfuzz-clang configure \
LINK_CC=.../honggfuzz/hfuzz_cc/hfuzz-clang
Fuzzing tiniparser
Example for fuzzing tiniparser using honggfuzz (see --help for more
options):
buildtools/bin/waf --targets=fuzz_tiniparser build && \
.../honggfuzz/honggfuzz --sanitizers --timeout 3 --max_file_size 256 \
--rlimit_rss 100 -f .../tiniparser-corpus -- bin/fuzz_tiniparser