Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
oss-fuzz/docs/reference.md

1.4 KiB
Raw Blame History

Reference

Sanitizers

Fuzzers are usually built with one or more sanitizer enabled. You can select sanitizer configuration by specifying $SANITIZER build environment varible using -e option:

python infra/helper.py build_fuzzers -e SANITIZER=undefined json

Supported sanitizers:

$SANITIZER Description
address (default) Address Sanitizer with Leak Sanitizer.
undefined Undefined Behavior Sanitizer.
memory Memory Sanitizer.
NOTE: It is critical that you build all the code in your program (including libraries it uses) with memory sanitizer. Otherwise, you will see false positive crashes due to inability to see initializations in uninstrumented code.

Compiler flag values for predefined configurations are specified in the Dockerfile. These flags can be overriden by specifying $SANITIZER_FLAGS directly.

You can choose which configurations to automatically run your fuzzers with in project.yaml file (e.g. sqlite3):

sanitizers:
  - address
  - undefined