Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update new_project_guide.md

This commit is contained in:
Abhishek Arya 2019-08-12 11:29:53 -07:00 committed by GitHub
parent c4202c2f48
commit 1d86ee21f5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
docs/getting-started/new_project_guide.md
View File

@ -281,31 +281,7 @@ of the supported build configurations with the above commands (build_fuzzers ->
[fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target)
in case you run into problems.
## Custom libFuzzer options for ClusterFuzz
By default, ClusterFuzz will run your fuzzer without any options. You can specify
custom options by creating a `my_fuzzer.options` file next to a `my_fuzzer` executable in `$OUT`:
```
[libfuzzer]
close_fd_mask = 3
only_ascii = 1
```
[List of available options](http://llvm.org/docs/LibFuzzer.html#options). Use of `max_len` is not recommended as other fuzzing engines may not support that option. Instead, if
you need to strictly enforce the input length limit, add a sanity check to the
beginning of your fuzz target:
```cpp
if (size < kMinInputLength || size > kMaxInputLength)
return 0;
```
For out of tree [fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target), you will likely add options file using docker's
`COPY` directive and will copy it into output in build script.
(example: [woff2](https://github.com/google/oss-fuzz/blob/master/projects/woff2/convert_woff2ttf_fuzzer.options)).
## Efficient fuzzing
### Seed Corpus
@ -345,6 +321,30 @@ It is common for several [fuzz targets]({{ site.baseurl }}/reference/glossary/#f
to reuse the same dictionary if they are fuzzing very similar inputs.
(example: [expat](https://github.com/google/oss-fuzz/blob/master/projects/expat/parse_fuzzer.options)).
### Custom libFuzzer options for ClusterFuzz
By default, ClusterFuzz will run your fuzzer without any options. You can specify
custom options by creating a `my_fuzzer.options` file next to a `my_fuzzer` executable in `$OUT`:
```
[libfuzzer]
close_fd_mask = 3
only_ascii = 1
```
[List of available options](http://llvm.org/docs/LibFuzzer.html#options). Use of `max_len` is not recommended as other fuzzing engines may not support that option. Instead, if
you need to strictly enforce the input length limit, add a sanity check to the
beginning of your fuzz target:
```cpp
if (size < kMinInputLength || size > kMaxInputLength)
return 0;
```
For out of tree [fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target), you will likely add options file using docker's
`COPY` directive and will copy it into output in build script.
(example: [woff2](https://github.com/google/oss-fuzz/blob/master/projects/woff2/convert_woff2ttf_fuzzer.options)).
## Checking in to OSS-Fuzz repository
Fork OSS-Fuzz, commit and push to the fork, and then create a pull request with