Adding elfutils to OSS-Fuzz

Adding elfutils to OSS-Fuzz

[Murtaza Izzee]

Hi all

Wanted to add elfutils to OSS-Fuzz. libelf is used in many distributions
and seems like a good target to have some fuzz testing on

https://github.com/google/oss-fuzz/pull/6670

Would love to hear your thoughts.

Thanks!

Re: Adding elfutils to OSS-Fuzz

[Mark Wielaard]

Hi Murtaza,

On Thu, Oct 28, 2021 at 09:47:40AM -0700, Murtaza Izzee via Elfutils-devel wrote:
> Wanted to add elfutils to OSS-Fuzz. libelf is used in many distributions
> and seems like a good target to have some fuzz testing on
> 
> https://github.com/google/oss-fuzz/pull/6670
> 
> Would love to hear your thoughts.

We have been using afl (American Fuzzy Lop) in an ad-hoc way to find
issues. I have used OSS-Fuzz for some other projects, but found it
very painful to get any results out if you don't have a google
account. If you can set it up so that it posts the results and
artifacts to the mailinglists that would be great.

If possible I would try write something a bit more specific than just
reusing eu-readelf. When using eu-readelf you'll basically first have
to go through libdwfl and libdw initialization, there are various
sanity checks that probably mean the fuzzer will not reach libelf for
more interesting input files. Take a peek at some of the simpler elf
tests (under test) if you want to really fuzz libelf itself. Maybe
using elfcpy and then elfcmp to make sure the copy is really identical
would make a fun fuzzcase.

Cheers,

Mark

Re: Adding elfutils to OSS-Fuzz

[Murtaza Izzee]

Hey Mark

This is useful. I did have to filter out some of the debug parsing from the
`libreadelf` I put together. I figured I could save some time by using some
existing client of libelf. I will take a look at those simpler tests, which
might make for a cleaner OSS-Fuzz target as well.

I can work on getting the results published. I have a Google account so I
can look into this.

Thanks for the response

Murtaza

On Thu, Oct 28, 2021 at 12:34 PM Mark Wielaard <mark@klomp.org> wrote:

> Hi Murtaza,
>
> On Thu, Oct 28, 2021 at 09:47:40AM -0700, Murtaza Izzee via Elfutils-devel
> wrote:
> > Wanted to add elfutils to OSS-Fuzz. libelf is used in many distributions
> > and seems like a good target to have some fuzz testing on
> >
> > https://github.com/google/oss-fuzz/pull/6670
> >
> > Would love to hear your thoughts.
>
> We have been using afl (American Fuzzy Lop) in an ad-hoc way to find
> issues. I have used OSS-Fuzz for some other projects, but found it
> very painful to get any results out if you don't have a google
> account. If you can set it up so that it posts the results and
> artifacts to the mailinglists that would be great.
>
> If possible I would try write something a bit more specific than just
> reusing eu-readelf. When using eu-readelf you'll basically first have
> to go through libdwfl and libdw initialization, there are various
> sanity checks that probably mean the fuzzer will not reach libelf for
> more interesting input files. Take a peek at some of the simpler elf
> tests (under test) if you want to really fuzz libelf itself. Maybe
> using elfcpy and then elfcmp to make sure the copy is really identical
> would make a fun fuzzcase.
>
> Cheers,
>
> Mark
>
>