From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 41728 invoked by alias); 23 Dec 2019 06:07:10 -0000 Mailing-List: contact elfutils-devel-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Post: List-Help: List-Subscribe: Sender: elfutils-devel-owner@sourceware.org Received: (qmail 41718 invoked by uid 89); 23 Dec 2019 06:07:09 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Checked: by ClamAV 0.100.3 on sourceware.org X-Virus-Found: No X-Spam-SWARE-Status: No, score=-3.1 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.1 spammy=Cheers, H*c:alternative, Google, google X-Spam-Status: No, score=-3.1 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on sourceware.org X-Spam-Level: X-HELO: mail-lj1-f181.google.com Received: from mail-lj1-f181.google.com (HELO mail-lj1-f181.google.com) (209.85.208.181) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 23 Dec 2019 06:07:08 +0000 Received: by mail-lj1-f181.google.com with SMTP id l2so16577736lja.6 for ; Sun, 22 Dec 2019 22:07:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=M9Whcq0O/8r3wFJ1CvhIFKorec89SBJDUonDaWAODmM=; b=EvWPFneKmbJm16yWNjDDZu5IW7JsB3KKI6UlBt5m7W8onC3Idi1i5v2FCymgedxUsP B5/KQNiYM5pvHnLpYv6qTQvNvWh1/SXIVRPYMfNkpRYqtxnWH1u8cQFGDfQd3g2+xFjJ ZIrwGugSizqi9uW4zNsiZClHmhrtPW0bHytFVEMSFmFzUPJsgpOh8ah1ZTr+9ZxxXtFO kYBHOIKRfKQyu6tCxD3UpmCyucSSAk3DNYkX8Hv1iHFkeufPIEXZI/WhG7YeEE9JL/UX blh8S/5kBFaxS1rxU7SxEJH350wIyOzDrAJARMvaHH5M+YMlZ56jXFSOPmtkf0r6j3Ks wl/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=M9Whcq0O/8r3wFJ1CvhIFKorec89SBJDUonDaWAODmM=; b=sS7+XT9Bt3XfInRHYOOPzH0pDkLeX3IBy35pePmivXBUbn0tWoRXMWd0GymbgBygeB wt/m33ZvQwsiAmJkpQ6D80jjZp0L0h1tvVlujh30IOcDXbjIiVjJZ+VIHqkd7wN2n1un lOAcQwd60Q5+X63kiVAPWo6RZxmzpj8NDVzsKHyqmtSDL6V/166UvnfEXg/hn2AhstMH SKU1vw0rF7ejIhM/um8NypVH7nUqKVpnYfLZS15eyYnmpfj385Aaxvo/z0TvbSP3wTA5 nN5eDaFk64zY8GVlHSBiImPdxnm2uE3GJvu/vEJQprCM3zVQ2feJosLy8rRFcZ8WkjlE mE1A== X-Gm-Message-State: APjAAAVp6pjaN42cHZkzrYBR9sBvOQBiDD5Bg4209tAvzMbbphYOmXPK sW+Gfrarn335YZoxJhbTZbCG/6tCzZcWs5WmWX/m63JZ X-Google-Smtp-Source: APXvYqxa3khtF8R0GXKNIMjjRvyJMZrq+bftfbR32WSBeLOBnyjtjMEcwc7ehowA3dMm3HPdhNXef9vX8uPNvMwLA5Y= X-Received: by 2002:a05:651c:111a:: with SMTP id d26mr15357976ljo.153.1577081225858; Sun, 22 Dec 2019 22:07:05 -0800 (PST) MIME-Version: 1.0 References: <93e5a9fb876eaa42acb92f259c1efc614c081053.camel@klomp.org> In-Reply-To: <93e5a9fb876eaa42acb92f259c1efc614c081053.camel@klomp.org> From: Berkeley Churchill Date: Mon, 23 Dec 2019 06:07:00 -0000 Message-ID: Subject: Re: oss-fuzz To: Mark Wielaard Cc: elfutils-devel@sourceware.org Content-Type: text/plain; charset="UTF-8" X-IsSubscribed: yes X-SW-Source: 2019-q4/txt/msg00284.txt.bz2 Great, thanks for the feedback! One of my first tasks will be to support llvm/clang builds. I've seen some prior discussion on what's needed for that, but if you have any extra tips I'll take them. I'll be sure to create a build target for the fuzzers so they can be run standalone. Berkeley On Mon, Dec 23, 2019 at 3:12 AM Mark Wielaard wrote: > Hi Berkeley, > > On Fri, 2019-12-20 at 17:21 +0200, Berkeley Churchill wrote: > > Any interest in integrating with oss-fuzz? It's a google project > > that supports open source projects by fuzzing. It allows Google to > > find and report bugs, especially security bugs, to the project. > > I'm willing to work on writing fuzzers and performing the integration, > > if this would be welcome by the maintainers. Thoughts? > > Certainly interested. I have been running afl-fuzz on various utilities > and test cases. That has found lots of issues. But it isn't very > structured. And it often needs to go through a completely valid ELF > file before fuzzing the more interesting data structures inside it. > > The only request I would have is that if the fuzzer targets are added > to elfutils itself then they should also be made to work locally. So > someone could also use them with e.g. afl-fuzz or some other fuzzing > framework, or simply as extra testcase. > > Please also see: > https://sourceware.org/git/?p=elfutils.git;f=CONTRIBUTING;hb=HEAD > > Cheers, > > Mark >