diff options
| author | Abhishek Arya <inferno@chromium.org> | 2019-08-12 11:29:53 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-08-12 11:29:53 -0700 |
| commit | 1d86ee21f5e56e2bd7a5c7c65190c064ecf1259a (patch) | |
| tree | 3b6c84ff6a657a485a69007c83d356608fc0f805 /docs | |
| parent | c4202c2f48c0bbeb6beb0cb4db51769c9c9db5ce (diff) | |
| download | oss-fuzz-1d86ee21f5e56e2bd7a5c7c65190c064ecf1259a.tar.gz | |
Update new_project_guide.md
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/getting-started/new_project_guide.md | 50 |
1 files changed, 25 insertions, 25 deletions
diff --git a/docs/getting-started/new_project_guide.md b/docs/getting-started/new_project_guide.md index 24f366525..3c735975f 100644 --- a/docs/getting-started/new_project_guide.md +++ b/docs/getting-started/new_project_guide.md @@ -281,31 +281,7 @@ of the supported build configurations with the above commands (build_fuzzers -> [fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target) in case you run into problems. - -## Custom libFuzzer options for ClusterFuzz - -By default, ClusterFuzz will run your fuzzer without any options. You can specify -custom options by creating a `my_fuzzer.options` file next to a `my_fuzzer` executable in `$OUT`: - -``` -[libfuzzer] -close_fd_mask = 3 -only_ascii = 1 -``` - -[List of available options](http://llvm.org/docs/LibFuzzer.html#options). Use of `max_len` is not recommended as other fuzzing engines may not support that option. Instead, if -you need to strictly enforce the input length limit, add a sanity check to the -beginning of your fuzz target: - -```cpp -if (size < kMinInputLength || size > kMaxInputLength) - return 0; -``` - -For out of tree [fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target), you will likely add options file using docker's -`COPY` directive and will copy it into output in build script. -(example: [woff2](https://github.com/google/oss-fuzz/blob/master/projects/woff2/convert_woff2ttf_fuzzer.options)). - +## Efficient fuzzing ### Seed Corpus @@ -345,6 +321,30 @@ It is common for several [fuzz targets]({{ site.baseurl }}/reference/glossary/#f to reuse the same dictionary if they are fuzzing very similar inputs. (example: [expat](https://github.com/google/oss-fuzz/blob/master/projects/expat/parse_fuzzer.options)). +### Custom libFuzzer options for ClusterFuzz + +By default, ClusterFuzz will run your fuzzer without any options. You can specify +custom options by creating a `my_fuzzer.options` file next to a `my_fuzzer` executable in `$OUT`: + +``` +[libfuzzer] +close_fd_mask = 3 +only_ascii = 1 +``` + +[List of available options](http://llvm.org/docs/LibFuzzer.html#options). Use of `max_len` is not recommended as other fuzzing engines may not support that option. Instead, if +you need to strictly enforce the input length limit, add a sanity check to the +beginning of your fuzz target: + +```cpp +if (size < kMinInputLength || size > kMaxInputLength) + return 0; +``` + +For out of tree [fuzz targets]({{ site.baseurl }}/reference/glossary/#fuzz-target), you will likely add options file using docker's +`COPY` directive and will copy it into output in build script. +(example: [woff2](https://github.com/google/oss-fuzz/blob/master/projects/woff2/convert_woff2ttf_fuzzer.options)). + ## Checking in to OSS-Fuzz repository Fork OSS-Fuzz, commit and push to the fork, and then create a pull request with |