Fuzz targets used by oss-fuzz.
Add fuzz_target_name.c and edit
New targets are picked up by oss-fuzz automatically within a day. Targets must not be renamed once added.
Add (optional) fuzz_target_name.dict containing keywords and magic bytes.
Add (optional) fuzz_target_name.corpus with file names on separate lines. Wildcards
** are supported. Examples below.
glib/* # all files in directory glib glib/** # all files in directory glib and sub-directories **.xbel # all files ending with .xbel in the repository
Build with at least the following flags, choosing a sanitizer as needed. A somewhat recent version of clang is recommended.
$ CC=clang CXX=clang++ meson DIR -Db_sanitize=<address|undefined> -Db_lundef=false
Afterwards run the affected target against the provided test case.
$ DIR/fuzzing/fuzz_target_name FILE
Correct MSAN instrumentation is difficult to achieve locally, so false positives are very likely to mask the actual bug.
If need be, you can still reproduce those bugs with the oss-fuzz provided docker images.
llvm-symbolizer must be in
Set environment variable
print_stacktrace=1 prior to running the target.