[ots] Add ots_fuzzer with seed corpus from Chromium repository.

targets/ots/Dockerfile

@@ -0,0 +1,22 @@
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM ossfuzz/base-libfuzzer
+MAINTAINER mmoroz@chromium.org
+RUN apt-get install -y make autoconf automake libtool pkg-config zlib1g-dev
+RUN git clone https://github.com/khaledhosny/ots.git
+COPY build.sh ots_fuzzer.* /src/
+COPY seed_corpus /src/seed_corpus

targets/ots/Jenkinsfile

@@ -0,0 +1,22 @@
+// Copyright 2016 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+def libfuzzerBuild = fileLoader.fromGit('infra/libfuzzer-pipeline.groovy',
+                                        'https://github.com/google/oss-fuzz.git')
+
+libfuzzerBuild {
+  git = "put git url here"
+}

targets/ots/build.sh

@@ -0,0 +1,34 @@
+#!/bin/bash -eu
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+cd /src/ots
+
+# Build the target.
+./autogen.sh
+./configure
+
+#export LDFLAGS=$FUZZER_LDFLAGS
+make libots.a libwoff2.a libbrotli.a
+
+# Build the fuzzer.
+$CXX $CXXFLAGS -std=c++11 -Iinclude \
+    /src/ots_fuzzer.cc -o /out/ots_fuzzer \
+    -lfuzzer -lz /src/ots/libots.a /src/ots/libwoff2.a /src/ots/libbrotli.a \
+    $FUZZER_LDFLAGS
+
+cp /src/ots_fuzzer.options /out/
+zip /out/ots_fuzzer_seed_corpus.zip /src/seed_corpus/*

targets/ots/ots_fuzzer.cc

@@ -0,0 +1,19 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include "opentype-sanitiser.h"
+#include "ots-memory-stream.h"
+
+static uint8_t buffer[256 * 1024] = { 0 };
+
+// Entry point for LibFuzzer.
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  ots::OTSContext context;
+  ots::MemoryStream stream(static_cast<void*>(buffer), sizeof(buffer));
+  context.Process(&stream, data, size);
+  return 0;
+}

targets/ots/ots_fuzzer.options

@@ -0,0 +1,2 @@
+[libfuzzer]
+max_len = 16800