oss-fuzz/docs/reference.md

# Reference

## Sanitizers

Fuzzers are usually built with one or more  [sanitizer](https://github.com/google/sanitizers) enabled. 
You can select sanitizer configuration by specifying `$SANITIZER` build environment variable using `-e` option:

```bash
python infra/helper.py build_fuzzers -e SANITIZER=undefined json
```

Supported sanitizers:

| `$SANITIZER` | Description
| ------------ | ----------
| `address` *(default)* | [Address Sanitizer](https://github.com/google/sanitizers/wiki/AddressSanitizer) with [Leak Sanitizer](https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer).
| `undefined` | [Undefined Behavior Sanitizer](http://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html).
| `memory` | [Memory Sanitizer](https://github.com/google/sanitizers/wiki/MemorySanitizer).<br/>*NOTE: It is critical that you build __all__ the code in your program (including libraries it uses) with Memory Sanitizer. Otherwise, you will see false positive crashes due to an inability to see initializations in uninstrumented code.*

Compiler flag values for predefined configurations are specified in the [Dockerfile](../infra/base-images/base-builder/Dockerfile). 
These flags can be overriden by specifying `$SANITIZER_FLAGS` directly.

You can choose which configurations to automatically run your fuzzers with in `project.yaml` file (e.g. [sqlite3](../projects/sqlite3/project.yaml)):

```yaml
sanitizers:
  - address
  - undefined
 ```
Create reference.md 2016-12-29 22:31:38 +00:00			`# Reference`

			`## Sanitizers`

Update reference.md 2016-12-30 06:06:54 +00:00			`Fuzzers are usually built with one or more [sanitizer](https://github.com/google/sanitizers) enabled.`
Fix typos and clarify grammar and word choice throughout the OSS-Fuzz docs. (#363) 2017-02-08 03:15:53 +00:00			You can select sanitizer configuration by specifying `$SANITIZER` build environment variable using `-e` option:
Create reference.md 2016-12-29 22:31:38 +00:00
			```bash
			`python infra/helper.py build_fuzzers -e SANITIZER=undefined json`
			```

			`Supported sanitizers:`

			\| `$SANITIZER` \| Description
			`\| ------------ \| ----------`
			\| `address` (default) \| [Address Sanitizer](https://github.com/google/sanitizers/wiki/AddressSanitizer) with [Leak Sanitizer](https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer).
			\| `undefined` \| [Undefined Behavior Sanitizer](http://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html).
Fix typos and clarify grammar and word choice throughout the OSS-Fuzz docs. (#363) 2017-02-08 03:15:53 +00:00			\| `memory` \| [Memory Sanitizer](https://github.com/google/sanitizers/wiki/MemorySanitizer).<br/>NOTE: It is critical that you build __all__ the code in your program (including libraries it uses) with Memory Sanitizer. Otherwise, you will see false positive crashes due to an inability to see initializations in uninstrumented code.
Create reference.md 2016-12-29 22:31:38 +00:00
Update reference.md 2016-12-29 22:33:51 +00:00			`Compiler flag values for predefined configurations are specified in the [Dockerfile](../infra/base-images/base-builder/Dockerfile).`
Create reference.md 2016-12-29 22:31:38 +00:00			These flags can be overriden by specifying `$SANITIZER_FLAGS` directly.

Update reference.md 2016-12-29 22:34:20 +00:00			You can choose which configurations to automatically run your fuzzers with in `project.yaml` file (e.g. [sqlite3](../projects/sqlite3/project.yaml)):
Update reference.md 2016-12-29 22:32:42 +00:00
			```yaml
			`sanitizers:`
			`- address`
			`- undefined`
			```