2016-11-07 21:08:44 +00:00
|
|
|
# Fuzzer environment on ClusterFuzz
|
|
|
|
|
2017-01-06 07:41:38 +00:00
|
|
|
Your fuzz targets will be run on a [Google Compute Engine](https://cloud.google.com/compute/) VM (Linux) with some security restrictions.
|
2016-11-07 21:08:44 +00:00
|
|
|
|
2017-01-10 20:44:14 +00:00
|
|
|
## Dependencies
|
|
|
|
|
|
|
|
You should not make any assumptions on the availability of dependent packages
|
|
|
|
and libraries in the execution environment. Make sure to statically link any
|
|
|
|
library dependencies with your fuzz target executable during build time
|
|
|
|
([example](https://github.com/google/oss-fuzz/blob/master/projects/tor/build.sh#L40)).
|
|
|
|
All build artifacts needed during fuzz target execution should be inside `$OUT`
|
|
|
|
directory, and other directories like `$WORK`, `$SRC`, etc will not be accessible.
|
|
|
|
You can ensure that the fuzz target works correctly by using `run_fuzzer` command
|
|
|
|
(see instructions [here](docs/new_project_guide.md#testing-locally)).
|
|
|
|
|
2016-11-07 21:08:44 +00:00
|
|
|
## Current working directory
|
|
|
|
|
2016-11-26 23:59:29 +00:00
|
|
|
You should not make any assumptions about the current working directory of your
|
2017-01-06 07:41:38 +00:00
|
|
|
fuzz target. If you need to load data files, please use `argv[0]` to get the
|
|
|
|
directory where your fuzz target executable is located.
|
2016-11-07 21:08:44 +00:00
|
|
|
|
2016-11-29 19:47:37 +00:00
|
|
|
## File system
|
2016-11-07 21:08:44 +00:00
|
|
|
|
2017-01-06 07:41:38 +00:00
|
|
|
Everything except `/tmp` is read-only, including the directory that your fuzz target
|
2017-01-10 20:44:14 +00:00
|
|
|
executable lives in.
|
2016-11-07 21:08:44 +00:00
|
|
|
|
2016-12-09 16:49:42 +00:00
|
|
|
`/dev` is also unavailable.
|
|
|
|
|
2016-11-07 21:08:44 +00:00
|
|
|
## Network access
|
|
|
|
|
|
|
|
There will be no network interfaces available (not even loopback).
|