From b5833a7826b6b389993ff28c5bd0dc9be08c5ea4 Mon Sep 17 00:00:00 2001
From: Max Moroz <mmoroz@chromium.org>
Date: Tue, 17 Apr 2018 15:33:27 -0700
Subject: [PATCH] [docs] Deprecate use of max_len, recommend sanity check that
 returns 0 (cc #1324).

---
 docs/new_project_guide.md | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/docs/new_project_guide.md b/docs/new_project_guide.md
index 671e61c31..a7ce80f7a 100644
--- a/docs/new_project_guide.md
+++ b/docs/new_project_guide.md
@@ -204,10 +204,18 @@ custom options by creating a `my_fuzzer.options` file next to a `my_fuzzer` exec
 
 ```
 [libfuzzer]
-max_len = 1024
+close_fd_mask = 3
+only_ascii = 1
 ```
 
-[List of available options](http://llvm.org/docs/LibFuzzer.html#options). Use of `max_len` is highly recommended.
+[List of available options](http://llvm.org/docs/LibFuzzer.html#options). Use of `max_len` is not recommended as other fuzzing engines may not support that option. Instead, if
+you need to strictly enforce the input length limit, add a sanity check to the
+beginning of your fuzz target:
+
+```cpp
+if (size < kMinInputLength || size > kMaxInputLength)
+  return 0;
+```
 
 For out of tree [fuzz targets](glossary.md#fuzz-target), you will likely add options file using docker's
 `COPY` directive and will copy it into output in build script.