Re: oss-fuzz - Berkeley Churchill

public inbox for elfutils@sourceware.org
 help / color / mirror / Atom feed

From: Berkeley Churchill <berkeleychurchill@gmail.com>
To: Mark Wielaard <mark@klomp.org>
Cc: elfutils-devel@sourceware.org
Subject: Re: oss-fuzz
Date: Mon, 23 Dec 2019 06:07:00 -0000	[thread overview]
Message-ID: <CAMT_tvi8qvmLde_BmLg6BpeLxuTStN2z+eYBru9toFtAOPT0yA@mail.gmail.com> (raw)
In-Reply-To: <93e5a9fb876eaa42acb92f259c1efc614c081053.camel@klomp.org>

Great, thanks for the feedback!

One of my first tasks will be to support llvm/clang builds.  I've seen some
prior discussion on what's needed for that, but if you have any extra tips
I'll take them.  I'll be sure to create a build target for the fuzzers so
they can be run standalone.

Berkeley

On Mon, Dec 23, 2019 at 3:12 AM Mark Wielaard <mark@klomp.org> wrote:

> Hi Berkeley,
>
> On Fri, 2019-12-20 at 17:21 +0200, Berkeley Churchill wrote:
> > Any interest in integrating with oss-fuzz?  It's a google project
> > that supports open source projects by fuzzing. It allows Google to
> > find and report bugs, especially security bugs, to the project.
> > I'm willing to work on writing fuzzers and performing the integration,
> > if this would be welcome by the maintainers.   Thoughts?
>
> Certainly interested. I have been running afl-fuzz on various utilities
> and test cases. That has found lots of issues. But it isn't very
> structured. And it often needs to go through a completely valid ELF
> file before fuzzing the more interesting data structures inside it.
>
> The only request I would have is that if the fuzzer targets are added
> to elfutils itself then they should also be made to work locally. So
> someone could also use them with e.g. afl-fuzz or some other fuzzing
> framework, or simply as extra testcase.
>
> Please also see:
> https://sourceware.org/git/?p=elfutils.git;f=CONTRIBUTING;hb=HEAD
>
> Cheers,
>
> Mark
>

next prev parent reply	other threads:[~2019-12-23  6:07 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-12-20 15:22 oss-fuzz Berkeley Churchill
2019-12-23  1:12 ` oss-fuzz Mark Wielaard
2019-12-23  6:07   ` Berkeley Churchill [this message]
2019-12-26 22:51     ` oss-fuzz Mark Wielaard
2020-01-06 13:17       ` oss-fuzz Matthias Maennich via elfutils-devel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAMT_tvi8qvmLde_BmLg6BpeLxuTStN2z+eYBru9toFtAOPT0yA@mail.gmail.com \
    --to=berkeleychurchill@gmail.com \
    --cc=elfutils-devel@sourceware.org \
    --cc=mark@klomp.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).