Skip to content

Commit e2720e1

Browse files
firewavefirewave
authored
added targets for local fuzzing to oss-fuzz/Makefile (#6185)
1 parent eba8c40 commit e2720e1

File tree

3 files changed

+49
-2
lines changed

3 files changed

+49
-2
lines changed

.gitignore

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -129,3 +129,8 @@ compile_commands.json
129129

130130
#vs code
131131
/.vscode
132+
133+
# fuzzing output
134+
/oss-fuzz/corpus
135+
/oss-fuzz/corpus_
136+
/oss-fuzz/samples

oss-fuzz/Makefile

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# This file is generated by dmake, do not edit.
22

3-
# CXX=clang++ MATCHCOMPILER=yes CXXFLAGS="-O1 -fno-omit-frame-pointer -gline-tables-only -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-address-use-after-scope -DHAVE_BOOST" LIB_FUZZING_ENGINE="-fsanitize=fuzzer" oss-fuzz-client
3+
# make CXX=clang++ MATCHCOMPILER=yes CXXFLAGS="-O1 -fno-omit-frame-pointer -gline-tables-only -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-address-use-after-scope -DHAVE_BOOST" LIB_FUZZING_ENGINE="-fsanitize=fuzzer" oss-fuzz-client
44

55
MATCHCOMPILER=yes
66
ifndef MATCHCOMPILER
@@ -112,6 +112,27 @@ translate: translate.o type2.o
112112
clean:
113113
rm -f *.o build/*.o oss-fuzz-client no-fuzz translate
114114

115+
preprare-samples:
116+
rm -rf samples
117+
mkdir -p samples
118+
cp -R ../samples .
119+
find ./samples -type f -name '*.txt' -exec rm -vf {} \;
120+
121+
do-fuzz: oss-fuzz-client preprare-samples
122+
mkdir -p corpus
123+
./oss-fuzz-client -only_ascii=1 -timeout=3 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout
124+
125+
dedup-corpus: oss-fuzz-client preprare-samples
126+
mv corpus corpus_
127+
mkdir -p corpus
128+
./oss-fuzz-client -only_ascii=1 -timeout=3 -detect_leaks=0 corpus corpus_ samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout -merge=1
129+
130+
# jobs:
131+
# ./oss-fuzz-client -only_ascii=1 -timeout=3 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout -workers=12 -jobs=9
132+
133+
# minimize:
134+
# ./oss-fuzz-client -only_ascii=1 -timeout=3 -detect_leaks=0 -minimize_crash=1 crash-0123456789abcdef
135+
115136
simplecpp.o: ../externals/simplecpp/simplecpp.cpp ../externals/simplecpp/simplecpp.h
116137
$(CXX) ${LIB_FUZZING_ENGINE} $(CPPFLAGS) $(CXXFLAGS) -w -c -o $@ ../externals/simplecpp/simplecpp.cpp
117138

tools/dmake/dmake.cpp

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -343,7 +343,7 @@ static void write_ossfuzz_makefile(std::vector<std::string> libfiles_prio, std::
343343

344344
fout << "# This file is generated by dmake, do not edit.\n";
345345
fout << '\n';
346-
fout << "# CXX=clang++ MATCHCOMPILER=yes CXXFLAGS=\"-O1 -fno-omit-frame-pointer -gline-tables-only -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-address-use-after-scope -DHAVE_BOOST\" LIB_FUZZING_ENGINE=\"-fsanitize=fuzzer\" oss-fuzz-client\n";
346+
fout << "# make CXX=clang++ MATCHCOMPILER=yes CXXFLAGS=\"-O1 -fno-omit-frame-pointer -gline-tables-only -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-address-use-after-scope -DHAVE_BOOST\" LIB_FUZZING_ENGINE=\"-fsanitize=fuzzer\" oss-fuzz-client\n";
347347
fout << '\n';
348348
fout << "MATCHCOMPILER=yes\n"; // always need to enable the matchcompiler so the library files are being copied
349349
makeMatchcompiler(fout, "../", "--read-dir ../lib");
@@ -367,6 +367,27 @@ static void write_ossfuzz_makefile(std::vector<std::string> libfiles_prio, std::
367367
fout << "clean:\n";
368368
fout << "\trm -f *.o build/*.o oss-fuzz-client no-fuzz translate\n";
369369
fout << '\n';
370+
fout << "preprare-samples:\n";
371+
fout << "\trm -rf samples\n";
372+
fout << "\tmkdir -p samples\n";
373+
fout << "\tcp -R ../samples .\n";
374+
fout << "\tfind ./samples -type f -name '*.txt' -exec rm -vf {} \\;\n";
375+
fout << '\n';
376+
fout << "do-fuzz: oss-fuzz-client preprare-samples\n";
377+
fout << "\tmkdir -p corpus\n";
378+
fout << "\t./oss-fuzz-client -only_ascii=1 -timeout=3 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout\n";
379+
fout << '\n';
380+
fout << "dedup-corpus: oss-fuzz-client preprare-samples\n";
381+
fout << "\tmv corpus corpus_\n";
382+
fout << "\tmkdir -p corpus\n";
383+
fout << "\t./oss-fuzz-client -only_ascii=1 -timeout=3 -detect_leaks=0 corpus corpus_ samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout -merge=1\n";
384+
fout << '\n';
385+
fout << "# jobs:\n";
386+
fout << "# ./oss-fuzz-client -only_ascii=1 -timeout=3 -detect_leaks=0 corpus samples ../test/cli/fuzz-crash ../test/cli/fuzz-timeout -workers=12 -jobs=9\n";
387+
fout << '\n';
388+
fout << "# minimize:\n";
389+
fout << "# ./oss-fuzz-client -only_ascii=1 -timeout=3 -detect_leaks=0 -minimize_crash=1 crash-0123456789abcdef\n";
390+
fout << '\n';
370391

371392
compilefiles(fout, extfiles, "${LIB_FUZZING_ENGINE}");
372393
compilefiles(fout, libfiles_prio, "${LIB_FUZZING_ENGINE}");

0 commit comments

Comments
 (0)