From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-io1-xd35.google.com (mail-io1-xd35.google.com [IPv6:2607:f8b0:4864:20::d35]) by sourceware.org (Postfix) with ESMTPS id 235C63858288 for ; Tue, 21 Feb 2023 16:40:48 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 235C63858288 Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=google.com Received: by mail-io1-xd35.google.com with SMTP id b14so2331802ior.1 for ; Tue, 21 Feb 2023 08:40:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=XrS8qd7PfQN00gb0R0N5qukXjOObOh65cm+c6yrm/rY=; b=Nl1QqJ2c5QamY2alWdj/moRwevCLOCmqvWfVluQDfwWEUSCGzJptCa90A62QF56PjL +9IYaRpdTCdXKmRhA7vus+kxWKGltsk7VrlXqJL3c9QffubIsa115DLRxZH1QytQLiqE moIJ8BqdrKspuf3+4gj7xU9UJSmo8HTMrjUCii2B5Ig1VR8vJw7WG5yVyAn9ORdF+EYR Zm/7yTXIxVL2ALXIrKuViv7nngkOZvcXyXPhrHYjD1eK9YnfG38b2CYQvGr3cDLXb2jt XTf2ZLI8DTxrGPXScR1WVqameTnDG9aKZy1tHs31apQoSL1FsWHhAkyJz+5hO3OTPCBv vJng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XrS8qd7PfQN00gb0R0N5qukXjOObOh65cm+c6yrm/rY=; b=3pPBUl0i3E1cH2uIMgKoEONCcmci+6/gNsjqQ8l2bLbKTxn6TRY0LHrR0zb6nH8zNi p3qNHgcuQY8z5Eswtjdt2VErphPR7DE/k/BzzKqS6GAJz4AihOiNuxRLD1AudMVLIc4F 6uovuDg6aO077qFC/7fzPF0OOHyktX+dNM+jp/I5aBjXV6RwfC66A/VXbune7bVh8G++ axaE9qebjPYLZqVAZkfM2yRx9XlIJnrP4ejOdvEqObSymS4oEiiOmwgqnpdc1WxoWcEv a6NA8hxo4FygIAkb8obKuPi77NsQOChJa1pzc+NuqX/cpJmnRHW/ijf6ghb6R5prExpA 3c4A== X-Gm-Message-State: AO0yUKXcEffpF6AoxIo06il97dEEozAnOclWk+JASeA8vwOKzoeFlYCN yXymG+ZdFNDFEmwS8qVkE7NSz+UKAHAyYN5OCM4s1/NnHrM2o74XdOg= X-Google-Smtp-Source: AK7set/aXNtC7XvrXwBDjFUme6fC1F0CFqQR85ptODT3VYO/mh8aU1C49ipXg3gQ+U6hEDCzuQg9nkJxz/5DBCojVB0= X-Received: by 2002:a02:9526:0:b0:3e1:d224:4170 with SMTP id y35-20020a029526000000b003e1d2244170mr360987jah.0.1676997647161; Tue, 21 Feb 2023 08:40:47 -0800 (PST) MIME-Version: 1.0 References: <20230220155518.86598-1-mark@klomp.org> <20230220155518.86598-3-mark@klomp.org> In-Reply-To: From: Aleksei Vetrov Date: Tue, 21 Feb 2023 16:40:35 +0000 Message-ID: Subject: Re: [PATCH 2/2] libdw: Use elf_rawdata when checking .debug section To: Evgeny Vereshchagin Cc: Mark Wielaard , elfutils-devel@sourceware.org Content-Type: multipart/alternative; boundary="0000000000000cc7a805f538712d" X-Spam-Status: No, score=-18.5 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,ENV_AND_HDR_SPF_MATCH,HK_RANDOM_ENVFROM,HK_RANDOM_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: --0000000000000cc7a805f538712d Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Evgeny, On Tue, Feb 21, 2023 at 2:29=E2=80=AFAM Evgeny Vereshchagin wrote: > Aleksei I wonder if it would be possible to add those fuzz targets to > OSS-Fuzz? There are blind spots there and I think it would be really great to > start covering at least some of them. We are fuzzing a tool named STG (https://android.googlesource.com/platform/external/stg/+/refs/heads/master ), which is using libdw and libdwfl from elfutils. And it already has support for execution through libFuzzer: https://android.googlesource.com/platform/external/stg/+/refs/heads/master/= fuzz/ The problem is in building infrastructure. STG as fuzzing target is built inside Google using internal build and fuzzing infrastructure, but in principle it does the same thing as OSS-Fuzz. An AOSP version of STG is built using Android build system, which doesn't support the same simplicity of building with libFuzzer and sanitizers. So it needs some work to integrate STG into OSS-Fuzz. --0000000000000cc7a805f538712d--