├── .gitignore ├── CONTRIBUTING ├── LICENSE ├── README.md ├── docs ├── CNAME ├── clusterfuzz.md ├── corpora.md ├── debugging.md ├── faq.md ├── fuzzer_environment.md ├── glossary.md ├── ideal_integration.md ├── images │ ├── corpus_path.png │ ├── crash_stats.png │ ├── expat_performance_analyzer.png │ ├── freetype_coverage_1.png │ ├── freetype_coverage_2.png │ ├── freetype_stats.png │ ├── pcre2_testcase.png │ ├── process.png │ └── viewing_corpus.png ├── installing_docker.md ├── new_project_guide.md ├── reference.md └── reproducing.md ├── infra ├── .pylintrc ├── README.md ├── base-images │ ├── Jenkinsfile │ ├── README.md │ ├── all.sh │ ├── base-builder │ │ ├── Dockerfile │ │ ├── README.md │ │ ├── compile │ │ ├── compile_afl │ │ ├── compile_aflgo │ │ ├── compile_honggfuzz │ │ ├── compile_libfuzzer │ │ ├── coverage_report │ │ └── srcmap │ ├── base-clang │ │ ├── Dockerfile │ │ └── checkout_build_install_llvm.sh │ ├── base-image │ │ └── Dockerfile │ ├── base-runner-debug │ │ └── Dockerfile │ └── base-runner │ │ ├── Dockerfile │ │ ├── README.md │ │ ├── bad_build_check │ │ ├── llvm-symbolizer │ │ ├── reproduce │ │ ├── run_fuzzer │ │ ├── sancov │ │ ├── test_all │ │ └── test_report ├── gcb │ ├── .gitignore │ ├── build.py │ ├── build_base_images.py │ ├── builds_status.py │ ├── cancel.py │ ├── jenkins_config │ │ └── base_job.xml │ ├── requirements.txt │ ├── sync.py │ ├── templates │ │ ├── bower.json │ │ ├── deploy.sh │ │ ├── index.html │ │ ├── manifest.json │ │ ├── polymer.json │ │ ├── src │ │ │ └── build-status │ │ │ │ └── build-status.html │ │ └── status_template.html │ └── wait_for_build.py ├── helper.py ├── jenkins-cluster │ ├── deployment-jenkins.yaml │ ├── ingress-jenkins-https.yaml │ ├── server │ │ └── Dockerfile │ ├── service-jenkins-http.yaml │ └── service-jenkins-master.yaml ├── templates.py └── uploader │ └── Dockerfile └── projects ├── all.sh ├── arduinojson ├── Dockerfile ├── build.sh └── project.yaml ├── bad_example ├── Dockerfile ├── bad_example_fuzzer.cc ├── build.sh └── project.yaml ├── boringssl ├── Dockerfile ├── build.sh └── project.yaml ├── botan ├── Dockerfile ├── build.sh └── project.yaml ├── brotli ├── Dockerfile ├── build.sh └── project.yaml ├── c-ares ├── Dockerfile ├── build.sh └── project.yaml ├── cmark ├── Dockerfile ├── build.sh ├── cmark_fuzzer.options └── project.yaml ├── coreutils └── project.yaml ├── cpython2 └── project.yaml ├── cpython3 └── project.yaml ├── curl ├── Dockerfile ├── build.sh ├── curl_fuzzer.cc ├── curl_fuzzer.options ├── http.dict └── project.yaml ├── dlplibs ├── Dockerfile ├── abw.dict ├── abwfuzzer.options ├── build.sh ├── project.yaml ├── vdxfuzzer.options └── vsdxfuzzer.options ├── dropbear ├── Dockerfile ├── build.sh └── project.yaml ├── example ├── Dockerfile ├── build.sh ├── my-api-repo │ ├── Makefile │ ├── README.md │ ├── do_stuff_fuzzer.cpp │ ├── do_stuff_fuzzer.dict │ ├── do_stuff_test_data │ │ ├── 410c23d234e7f97a2dd6265eb2909324deb8c13a │ │ ├── 7a74862169c3375f4149daff75187cbca7372a38 │ │ ├── a835d6f1c6b2ae4a35e8c0a4a0576715c8b27283 │ │ ├── e8fb273916196a5e29967af0b5826daffb9b3765 │ │ └── fc09d362f05ab97efdfcd873dacad6a9c29e57ff │ ├── do_stuff_unittest.cpp │ ├── my_api.cpp │ ├── my_api.h │ └── standalone_fuzz_target_runner.cpp └── project.yaml ├── expat ├── Dockerfile ├── build.sh ├── parse_fuzzer.cc ├── project.yaml ├── xml.dict ├── xml_UTF_16.dict ├── xml_UTF_16BE.dict └── xml_UTF_16LE.dict ├── ffmpeg ├── Dockerfile ├── build.sh ├── group_seed_corpus.py └── project.yaml ├── file ├── Dockerfile ├── build.sh ├── magic_fuzzer.cc └── project.yaml ├── freetype2 ├── Dockerfile ├── build.sh ├── ftfuzzer.options └── project.yaml ├── fuchsia_fidl ├── Dockerfile ├── build.sh └── project.yaml ├── gdal ├── Dockerfile ├── NC4_put_propattr_leak_fix.patch ├── build.sh ├── libnetcdf_fix_undefined_left_shift_in_ncx_get_size_t.patch └── project.yaml ├── gnutls ├── Dockerfile ├── build.sh └── project.yaml ├── grpc ├── Dockerfile ├── build.sh └── project.yaml ├── guetzli ├── Dockerfile ├── build.sh └── project.yaml ├── h2o ├── Dockerfile ├── build.sh ├── h2o-fuzzer-http1.options ├── h2o-fuzzer-http2.options ├── h2o-fuzzer-url.options └── project.yaml ├── harfbuzz ├── Dockerfile ├── build.sh └── project.yaml ├── icu ├── Dockerfile ├── break_iterator_fuzzer.cc ├── break_iterator_utf32_fuzzer.cc ├── build.sh ├── converter_fuzzer.cc ├── fuzzer_utils.h ├── number_format_fuzzer.cc ├── project.yaml ├── regex.dict ├── ucasemap_fuzzer.cc ├── unicode_string_codepage_create_fuzzer.cc ├── uregex_open_fuzzer.cc └── uregex_open_fuzzer.options ├── irssi ├── Dockerfile ├── build.sh ├── irssi-fuzz.options └── project.yaml ├── json ├── Dockerfile ├── build.sh ├── fuzzer-parse.options └── project.yaml ├── jsoncpp └── project.yaml ├── lcms ├── Dockerfile ├── build.sh ├── cmsIT8_load_fuzzer.c ├── cmsIT8_load_fuzzer.options ├── cms_transform_fuzzer.c ├── cms_transform_fuzzer.options ├── icc.dict └── project.yaml ├── libarchive ├── Dockerfile ├── build.sh ├── libarchive_fuzzer.cc └── project.yaml ├── libass ├── Dockerfile ├── ass.dict ├── build.sh ├── libass_fuzzer.cc ├── libass_fuzzer.options └── project.yaml ├── libchewing ├── Dockerfile ├── build.sh ├── chewing_default_fuzzer.c ├── chewing_dynamic_config_fuzzer.c ├── chewing_fuzzer_common.c ├── chewing_fuzzer_common.h ├── chewing_random_init_fuzzer.c └── project.yaml ├── libidn ├── Dockerfile ├── build.sh └── project.yaml ├── libidn2 ├── Dockerfile ├── build.sh └── project.yaml ├── libjpeg-turbo ├── Dockerfile ├── build.sh ├── constructFuzzer.sh ├── libjpeg_turbo_fuzzer.cc └── project.yaml ├── libmicrohttpd └── project.yaml ├── libplist ├── Dockerfile ├── build.sh └── project.yaml ├── libpng ├── Dockerfile ├── build.sh ├── libpng_read_fuzzer.cc ├── libpng_read_fuzzer.options ├── png.dict └── project.yaml ├── libprotobuf-mutator ├── Dockerfile ├── build.sh ├── expat_example.options ├── libxml2_example.options ├── project.yaml └── xml.dict ├── libpsl ├── Dockerfile ├── build.sh └── project.yaml ├── librawspeed ├── Dockerfile ├── build.sh └── project.yaml ├── libreoffice ├── Dockerfile ├── build.sh └── project.yaml ├── libssh ├── Dockerfile ├── build.sh ├── libssh_server_fuzzer.cc └── project.yaml ├── libteken ├── Dockerfile ├── build.sh ├── libteken_fuzzer.c └── project.yaml ├── libtsm ├── Dockerfile ├── build.sh ├── libtsm_fuzzer.c └── project.yaml ├── libxml2 ├── Dockerfile ├── build.sh ├── libxml2_xml_read_memory_fuzzer.cc ├── libxml2_xml_read_memory_fuzzer.options ├── libxml2_xml_regexp_compile_fuzzer.cc ├── libxml2_xml_regexp_compile_fuzzer.options ├── patch.diff ├── project.yaml └── xml.dict ├── libxslt └── project.yaml ├── libyaml ├── Dockerfile ├── build.sh ├── libyaml_fuzzer.cc ├── libyaml_fuzzer.options ├── project.yaml └── yaml.dict ├── llvm_libcxxabi ├── Dockerfile ├── build.sh └── project.yaml ├── mosh └── project.yaml ├── netdata └── project.yaml ├── nghttp2 ├── Dockerfile ├── build.sh ├── nghttp2_fuzzer.options └── project.yaml ├── nginx └── project.yaml ├── nodejs └── project.yaml ├── nss ├── Dockerfile ├── build.sh └── project.yaml ├── open62541 ├── Dockerfile ├── build.sh └── project.yaml ├── openjpeg ├── Dockerfile ├── build.sh └── project.yaml ├── openssl ├── Dockerfile ├── bignum.options ├── build.sh └── project.yaml ├── openthread ├── Dockerfile ├── build.sh └── project.yaml ├── opus ├── Dockerfile ├── build.sh └── project.yaml ├── ots ├── Dockerfile ├── build.sh ├── ots-fuzzer.options └── project.yaml ├── pcre2 ├── Dockerfile ├── build.sh └── project.yaml ├── pidgin └── project.yaml ├── postgis ├── Dockerfile ├── build.sh └── project.yaml ├── postgresql └── project.yaml ├── proj4 ├── Dockerfile ├── build.sh └── project.yaml ├── qpid-proton └── project.yaml ├── qubes-os ├── Dockerfile ├── build.sh ├── libqubes-rpc-filecopy.options └── project.yaml ├── re2 ├── Dockerfile ├── build.sh └── project.yaml ├── realm-core └── project.yaml ├── resiprocate ├── Dockerfile ├── build.sh └── project.yaml ├── skia ├── BUILD.gn.diff ├── Dockerfile ├── build.sh ├── project.yaml ├── region_deserialize.cpp └── region_deserialize.options ├── speex └── project.yaml ├── sqlite3 ├── Dockerfile ├── build.sh ├── ossfuzz.options ├── project.yaml └── sql.dict ├── strongswan ├── Dockerfile ├── build.sh └── project.yaml ├── tensorflow └── project.yaml ├── tor ├── Dockerfile ├── build.sh └── project.yaml ├── tpm2 ├── Dockerfile └── project.yaml ├── util-linux └── project.yaml ├── weechat └── project.yaml ├── wget2 ├── Dockerfile ├── build.sh └── project.yaml ├── wireshark ├── Dockerfile ├── build.sh └── project.yaml ├── woff2 ├── Dockerfile ├── build.sh ├── convert_woff2ttf_fuzzer.options ├── convert_woff2ttf_fuzzer_new_entry.options ├── corpus │ ├── Ahem.woff2 │ ├── AhemSpaceLigature.woff2 │ ├── DejaVuSerif-webfont.woff2 │ ├── DejaVuSerif.woff2 │ ├── EzraSIL.woff2 │ ├── LinLibertineO.woff2 │ ├── MEgalopolisExtra.woff2 │ ├── OpenSans.woff2 │ ├── mplus-1p-regular.woff2 │ └── tcu-font.woff2 └── project.yaml ├── wolfssl ├── Dockerfile ├── build.sh └── project.yaml ├── xbps └── project.yml └── zlib ├── Dockerfile ├── build.sh ├── project.yaml └── zlib_uncompress_fuzzer.cc /.gitignore: -------------------------------------------------------------------------------- 1 | .vscode/ 2 | *.pyc 3 | build/ 4 | -------------------------------------------------------------------------------- /docs/CNAME: -------------------------------------------------------------------------------- 1 | oss-fuzz.com -------------------------------------------------------------------------------- /docs/debugging.md: -------------------------------------------------------------------------------- 1 | ## Debugging Build Scripts 2 | 3 | While developing your build script, it may be useful to run bash within the 4 | container: 5 | 6 | ```bash 7 | $ python infra/helper.py shell $PROJECT_NAME # runs /bin/bash within container 8 | $ compile # run compilation manually 9 | ``` 10 | 11 | ## Debugging Fuzzers with GDB 12 | 13 | If you decide to debug a fuzzer with gdb (which is already installed in base-runner-debug image), 14 | you will need to start a container in privileged mode: 15 | 16 | ```bash 17 | docker run -ti --privileged -v /tmp/out:/out gcr.io/oss-fuzz-base/base-runner-debug gdb /out/ 18 | ``` 19 | -------------------------------------------------------------------------------- /docs/images/corpus_path.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/docs/images/corpus_path.png -------------------------------------------------------------------------------- /docs/images/crash_stats.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/docs/images/crash_stats.png -------------------------------------------------------------------------------- /docs/images/expat_performance_analyzer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/docs/images/expat_performance_analyzer.png -------------------------------------------------------------------------------- /docs/images/freetype_coverage_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/docs/images/freetype_coverage_1.png -------------------------------------------------------------------------------- /docs/images/freetype_coverage_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/docs/images/freetype_coverage_2.png -------------------------------------------------------------------------------- /docs/images/freetype_stats.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/docs/images/freetype_stats.png -------------------------------------------------------------------------------- /docs/images/pcre2_testcase.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/docs/images/pcre2_testcase.png -------------------------------------------------------------------------------- /docs/images/process.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/docs/images/process.png -------------------------------------------------------------------------------- /docs/images/viewing_corpus.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/docs/images/viewing_corpus.png -------------------------------------------------------------------------------- /docs/installing_docker.md: -------------------------------------------------------------------------------- 1 | # Installing Docker 2 | 3 | Follow the [Official Guide](https://docs.docker.com/engine/installation). 4 | 5 | Googlers: [go/installdocker](https://goto.google.com/installdocker). 6 | 7 | [Why Docker?](faq.md#why-do-you-use-docker) 8 | 9 | *NOTE: (Optional) If you want to run `docker` without `sudo`, follow the [Create a docker group](https://docs.docker.com/engine/installation/linux/ubuntulinux/#/create-a-docker-group) section.* 10 | 11 | *NOTE: Docker images can consume significant disk space. Run* 12 | *[docker-cleanup](https://gist.github.com/mikea/d23a839cba68778d94e0302e8a2c200f)* 13 | *periodically to garbage collect unused images.* 14 | 15 | -------------------------------------------------------------------------------- /infra/.pylintrc: -------------------------------------------------------------------------------- 1 | [FORMAT] 2 | indent-string = " " -------------------------------------------------------------------------------- /infra/README.md: -------------------------------------------------------------------------------- 1 | # infra 2 | > OSS-Fuzz project infrastructure 3 | 4 | Core infrastructure: 5 | * [`base-images`](base-images/) - docker images for building fuzz targets & corresponding jenkins 6 | pipeline. 7 | 8 | Continuous Integration infrastracture: 9 | 10 | * [`libfuzzer-pipeline.groovy`](libfuzzer-pipeline.groovy/) - jenkins pipeline that runs for each OSS-Fuzz 11 | project. 12 | * [`docker-cleanup`](docker-cleanup/) - jenkins pipeline to clean stale docker images & processes. 13 | * [`push-images`](push-images/) - jenkins pipeline to push built base images. 14 | * [`jenkins-cluster`](jenkins-cluster/) - kubernetes cluster definition for our jenkins-based build (not operational yet, 15 | [#10](https://github.com/google/oss-fuzz/issues/10)). 16 | 17 | ## helper.py 18 | > script to automate common docker operations 19 | 20 | | Command | Description | 21 | |---------|------------- 22 | | `generate` | Generates skeleton files for a new project | 23 | | `build_image` | Builds a docker image for a given project | 24 | | `build_fuzzers` | Builds fuzz targets for a given project | 25 | | `run_fuzzer` | Runs a fuzz target in a docker container | 26 | | `coverage` | Runs a fuzz target in a docker container and computes a coverage report | 27 | | `reproduce` | Runs a testcase to reproduce a crash | 28 | | `shell` | Starts a shell inside the docker image for a project | 29 | -------------------------------------------------------------------------------- /infra/base-images/Jenkinsfile: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | // 15 | //////////////////////////////////////////////////////////////////////////////// 16 | 17 | // Jenkins build script for base images. 18 | node { 19 | git url: 'https://github.com/google/oss-fuzz/' 20 | 21 | stage("infra/base-images/all.sh") { 22 | sh "infra/base-images/all.sh --no-cache" 23 | } 24 | 25 | stage("docker push") { 26 | def images = ['ossfuzz/base-image', 'ossfuzz/base-clang', 'ossfuzz/base-libfuzzer', 27 | 'ossfuzz/base-runner', 'ossfuzz/base-runner-debug', 28 | 'ossfuzz/base-builder',] 29 | 30 | docker.withRegistry('', 'docker-login') { 31 | for (int i = 0; i < images.size(); i++) { 32 | def image = images[i] 33 | docker.image(image).push() 34 | } 35 | } 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /infra/base-images/README.md: -------------------------------------------------------------------------------- 1 | Building all infra images: 2 | 3 | ```bash 4 | # run from project root 5 | infra/base-images/all.sh 6 | ``` 7 | -------------------------------------------------------------------------------- /infra/base-images/all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eux 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | docker build --pull -t gcr.io/oss-fuzz-base/base-image $@ infra/base-images/base-image 19 | docker build -t gcr.io/oss-fuzz-base/base-clang $@ infra/base-images/base-clang 20 | docker build -t gcr.io/oss-fuzz-base/base-builder -t gcr.io/oss-fuzz/base-libfuzzer $@ infra/base-images/base-builder 21 | docker build -t gcr.io/oss-fuzz-base/base-runner $@ infra/base-images/base-runner 22 | docker build -t gcr.io/oss-fuzz-base/base-runner-debug $@ infra/base-images/base-runner-debug 23 | -------------------------------------------------------------------------------- /infra/base-images/base-builder/compile_afl: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | echo -n "Compiling afl to $LIB_FUZZING_ENGINE ..." 19 | 20 | # afl needs its special coverage flags 21 | export COVERAGE_FLAGS="-fsanitize-coverage=trace-pc-guard" 22 | 23 | pushd $SRC/afl > /dev/null 24 | CFLAGS="" CXXFLAGS="" make 25 | popd > /dev/null 26 | pushd $SRC/afl/llvm_mode > /dev/null 27 | CFLAGS="" CXXFLAGS="" make 28 | popd > /dev/null 29 | 30 | mkdir -p $WORK/afl 31 | pushd $WORK/afl > /dev/null 32 | $SRC/afl/afl-clang-fast++ $CXXFLAGS -std=c++11 -O2 -c $SRC/libfuzzer/afl/*.cpp -I$SRC/libfuzzer 33 | ar r $LIB_FUZZING_ENGINE $WORK/afl/*.o 34 | popd > /dev/null 35 | rm -rf $WORK/afl 36 | 37 | echo " done." 38 | -------------------------------------------------------------------------------- /infra/base-images/base-builder/compile_aflgo: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | 19 | # afl needs its special coverage flags 20 | export COVERAGE_FLAGS="-fsanitize-coverage=trace-pc-guard" 21 | 22 | echo "" 23 | echo "Checking out aflgo .." 24 | pushd $SRC >/dev/null 25 | git clone --depth 1 https://github.com/aflgo/aflgo.git 26 | cd aflgo && CFLAGS="" CXXFLAGS="" make 27 | cd llvm_mode && CFLAGS="" CXXFLAGS="" make 28 | popd > /dev/null 29 | 30 | echo "Compiling aflgo to $LIB_FUZZING_ENGINE ..." 31 | mkdir -p $WORK/afl 32 | pushd $WORK/afl > /dev/null 33 | #$CC $CFLAGS -c $SRC/aflgo/llvm_mode/afl-llvm-rt.o.c 34 | $SRC/aflgo/afl-clang-fast++ $CXXFLAGS -std=c++11 -O2 -c $SRC/libfuzzer/afl/afl_driver.cpp -I$SRC/libfuzzer 35 | ar r $LIB_FUZZING_ENGINE $WORK/afl/*.o 36 | popd > /dev/null 37 | rm -rf $WORK/afl 38 | 39 | echo " done." 40 | -------------------------------------------------------------------------------- /infra/base-images/base-builder/compile_honggfuzz: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | echo -n "Compiling honggfuzz to $LIB_FUZZING_ENGINE ..." 19 | 20 | pushd $SRC/honggfuzz > /dev/null 21 | make clean 22 | CC=clang CFLAGS= make 23 | # libhfuzz.a will be added by CC/CXX linker directly during linking, 24 | # but it's defined here to satisfy the build infrastructure 25 | cp libhfuzz/libhfuzz.a $LIB_FUZZING_ENGINE 26 | cp honggfuzz $OUT/ 27 | popd > /dev/null 28 | 29 | # Relevant coverage flags are added by the compiler/linker 30 | export COVERAGE_FLAGS= 31 | export CC=$SRC/honggfuzz/hfuzz_cc/hfuzz-clang 32 | export CXX=$SRC/honggfuzz/hfuzz_cc/hfuzz-clang++ 33 | 34 | echo " done." 35 | -------------------------------------------------------------------------------- /infra/base-images/base-builder/compile_libfuzzer: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | echo -n "Compiling libFuzzer to $LIB_FUZZING_ENGINE ..." 19 | mkdir -p $WORK/libfuzzer 20 | pushd $WORK/libfuzzer > /dev/null 21 | $CXX $CXXFLAGS -std=c++11 -O2 $SANITIZER_FLAGS -fno-sanitize=vptr \ 22 | -c $SRC/libfuzzer/*.cpp -I$SRC/libfuzzer 23 | ar r $LIB_FUZZING_ENGINE $WORK/libfuzzer/*.o 24 | popd > /dev/null 25 | rm -rf $WORK/libfuzzer 26 | echo " done." 27 | -------------------------------------------------------------------------------- /infra/base-images/base-builder/coverage_report: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | BINARY=$1 19 | 20 | sancov -symbolize *.sancov -strip_path_prefix=/ $BINARY > cov.symcov 21 | 22 | (sleep 3; echo ; echo "Navigate to see coverage: http://127.0.0.1:8001/"; echo) & 23 | /usr/local/bin/coverage-report-server.py --host 0.0.0.0 --symcov cov.symcov --srcpath / 24 | 25 | -------------------------------------------------------------------------------- /infra/base-images/base-image/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | # Base image for all other images. 18 | 19 | FROM ubuntu:16.04 20 | MAINTAINER mike.aizatsky@gmail.com 21 | ENV DEBIAN_FRONTEND noninteractive 22 | RUN apt-get update && apt-get upgrade -y && apt-get autoremove -y 23 | 24 | ENV OUT=/out 25 | ENV SRC=/src 26 | ENV WORK=/work 27 | ENV PATH="$PATH:/out" 28 | 29 | RUN mkdir -p $OUT $SRC $WORK && chmod a+rwx $OUT $SRC $WORK 30 | -------------------------------------------------------------------------------- /infra/base-images/base-runner-debug/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-runner 18 | MAINTAINER mike.aizatsky@gmail.com 19 | RUN apt-get install -y gdb valgrind zip 20 | 21 | -------------------------------------------------------------------------------- /infra/base-images/base-runner/README.md: -------------------------------------------------------------------------------- 1 | # base-runner 2 | > Base image for fuzzer runners. 3 | 4 | ```bash 5 | docker run -ti gcr.io/oss-fuzz-base/base-runner 6 | ``` 7 | 8 | ## Commands 9 | 10 | | Command | Description | 11 | |---------|-------------| 12 | | `reproduce ` | build all fuzz targets and run specified one with testcase `/testcase` and given options. 13 | | `run_fuzzer ` | runs specified fuzzer combining options with `.options` file | 14 | | `test_all` | runs every binary in `/out` as a fuzzer for a while to ensure it works. | 15 | 16 | # Examples 17 | 18 | - *Reproduce using latest OSS-Fuzz build:* 19 | 20 | 
21 | docker run --rm -ti -v <testcase_path>:/testcase gcr.io/oss-fuzz/$PROJECT_NAME reproduce <fuzzer_name>
22 |
23 | 24 | - *Reproduce using local source checkout:* 25 | 26 | 
27 |     docker run --rm -ti -v <source_path>:/src/$PROJECT_NAME \
28 |                         -v <testcase_path>:/testcase gcr.io/oss-fuzz/$PROJECT_NAME reproduce <fuzzer_name>
29 |
30 | -------------------------------------------------------------------------------- /infra/base-images/base-runner/llvm-symbolizer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/infra/base-images/base-runner/llvm-symbolizer -------------------------------------------------------------------------------- /infra/base-images/base-runner/reproduce: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eux 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | DEBUGGER=${DEBUGGER:-} 19 | FUZZER=$1 20 | shift 21 | TESTCASE="/testcase" 22 | 23 | if [ ! -f $TESTCASE ]; then 24 | echo "Error: $TESTCASE not found, use: docker run -v :$TESTCASE ..." 25 | exit 1 26 | fi 27 | 28 | export PATH=$OUT:$PATH 29 | cd $OUT 30 | $DEBUGGER $OUT/$FUZZER $FUZZER_ARGS $@ $TESTCASE 31 | 32 | -------------------------------------------------------------------------------- /infra/base-images/base-runner/sancov: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/infra/base-images/base-runner/sancov -------------------------------------------------------------------------------- /infra/gcb/.gitignore: -------------------------------------------------------------------------------- 1 | default/ 2 | -------------------------------------------------------------------------------- /infra/gcb/cancel.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python2 2 | 3 | """Cancels project build on Google Cloud Builder. 4 | 5 | Usage: cancel.py 6 | """ 7 | 8 | import base64 9 | import collections 10 | import datetime 11 | import os 12 | import subprocess 13 | import sys 14 | import time 15 | import urllib 16 | import yaml 17 | 18 | from oauth2client.client import GoogleCredentials 19 | from oauth2client.service_account import ServiceAccountCredentials 20 | from googleapiclient.discovery import build 21 | 22 | def usage(): 23 | sys.stderr.write( 24 | "Usage: " + sys.argv[0] + " \n") 25 | exit(1) 26 | 27 | 28 | def main(): 29 | if len(sys.argv) != 2: 30 | usage() 31 | 32 | build_id = sys.argv[1] 33 | 34 | credentials = GoogleCredentials.get_application_default() 35 | cloudbuild = build('cloudbuild', 'v1', credentials=credentials) 36 | print cloudbuild.projects().builds().cancel( 37 | projectId='oss-fuzz', id=build_id, body={}).execute() 38 | 39 | 40 | if __name__ == "__main__": 41 | main() 42 | -------------------------------------------------------------------------------- /infra/gcb/requirements.txt: -------------------------------------------------------------------------------- 1 | google-api-python-client 2 | PyYAML 3 | google-cloud-pubsub 4 | google-cloud-logging 5 | google-cloud-storage 6 | jinja2 7 | python-jenkins 8 | python-dateutil 9 | -------------------------------------------------------------------------------- /infra/gcb/templates/bower.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "build-status", 3 | "main": "index.html", 4 | "dependencies": { 5 | "polymer": "Polymer/polymer#^2.0.0-rc.3", 6 | "paper-item": "PolymerElements/paper-item#2.0-preview", 7 | "app-layout": "PolymerElements/app-layout#2.0-preview", 8 | "paper-card": "PolymerElements/paper-card#2.0-preview", 9 | "iron-icons": "PolymerElements/iron-icons#2.0-preview", 10 | "iron-ajax": "PolymerElements/iron-ajax#2.0-preview", 11 | "iron-flex-layout": "PolymerElements/iron-flex-layout#2.0-preview", 12 | "paper-icon-button": "PolymerElements/paper-icon-button#2.0-preview" 13 | }, 14 | "devDependencies": { 15 | "web-component-tester": "^6.0.0-prerelease.5", 16 | "webcomponentsjs": "webcomponents/webcomponentsjs#^1.0.0-rc.7" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /infra/gcb/templates/deploy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | gsutil -m cp -r bower_components index.html src manifest.json gs://oss-fuzz-build-logs 4 | -------------------------------------------------------------------------------- /infra/gcb/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | OSS-Fuzz build status 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 24 | 25 | 26 | 27 | 28 | 29 | -------------------------------------------------------------------------------- /infra/gcb/templates/manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "build-status", 3 | "short_name": "build-status", 4 | "start_url": "/", 5 | "display": "standalone" 6 | } 7 | -------------------------------------------------------------------------------- /infra/gcb/templates/polymer.json: -------------------------------------------------------------------------------- 1 | { 2 | "lint": { 3 | "rules": [ 4 | "polymer-2" 5 | ] 6 | } 7 | } 8 | -------------------------------------------------------------------------------- /infra/gcb/templates/status_template.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | OSS Fuzz Build Status 5 | 6 | 7 |

Failing builds

8 |
    9 | {% for project in failures -%} 10 |
  • {{project.name}}
    • 11 | {% endfor -%} 12 |
13 |

Healthy builds

14 |
    15 | {% for project in successes -%} 16 |
  • {{project.name}}
    • 17 | {% endfor -%} 18 |
19 |

Last updated {{ last_updated }} (UTC)

20 | 21 | -------------------------------------------------------------------------------- /infra/jenkins-cluster/ingress-jenkins-https.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: jenkins-https-ingress 5 | spec: 6 | backend: 7 | serviceName: jenkins-master 8 | servicePort: 8080 9 | tls: 10 | - secretName: tls 11 | -------------------------------------------------------------------------------- /infra/jenkins-cluster/server/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM jenkins/jenkins:lts 2 | USER root 3 | 4 | RUN mkdir /var/secrets 5 | RUN apt-get -y update && apt-get -y upgrade && apt-get -y install python-dev virtualenv python-pip build-essential 6 | 7 | WORKDIR / 8 | RUN wget https://dl.google.com/dl/cloudsdk/release/google-cloud-sdk.zip 9 | RUN unzip google-cloud-sdk.zip 10 | 11 | RUN /google-cloud-sdk/install.sh --usage-reporting=false --bash-completion=false --disable-installation-options 12 | RUN /google-cloud-sdk/bin/gcloud -q components install alpha beta 13 | RUN /google-cloud-sdk/bin/gcloud -q components update 14 | 15 | RUN chown -R jenkins:jenkins /google-cloud-sdk 16 | 17 | USER jenkins 18 | ENV JENKINS_OPTS --httpPort=8080 --httpsPort=8082 --httpsCertificate=/var/secrets/cert.pem --httpsPrivateKey=/var/secrets/cert.key 19 | ENV PATH=$PATH:/google-cloud-sdk/bin 20 | -------------------------------------------------------------------------------- /infra/jenkins-cluster/service-jenkins-http.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: jenkins-https 5 | spec: 6 | type: LoadBalancer 7 | selector: 8 | app: jenkins-master 9 | ports: 10 | - port: 443 11 | targetPort: 8082 12 | name: https 13 | -------------------------------------------------------------------------------- /infra/jenkins-cluster/service-jenkins-master.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: jenkins-master 5 | labels: 6 | app: jenkins-master 7 | spec: 8 | type: NodePort 9 | selector: 10 | app: jenkins-master 11 | ports: 12 | - name: agent 13 | port: 50000 14 | - name: http 15 | port: 8080 16 | targetPort: 8080 17 | -------------------------------------------------------------------------------- /infra/uploader/Dockerfile: -------------------------------------------------------------------------------- 1 | from ubuntu:16.04 2 | 3 | RUN apt-get update && apt-get upgrade -y 4 | RUN apt-get install -y curl 5 | 6 | ENTRYPOINT ["curl", "-X", "PUT", "-T"] 7 | 8 | -------------------------------------------------------------------------------- /projects/all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # 3 | # Copyright 2016 Google Inc. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | ################################################################################ 18 | 19 | for project in projects/*; do 20 | if [[ -f $project ]]; then continue; fi 21 | echo "@ Building $project" 22 | docker build -t gcr.io/oss-fuzz/$project $project/ 23 | 24 | # Execute command ($1) if any 25 | case ${1-} in 26 | "") 27 | ;; 28 | compile) 29 | docker run --rm -ti gcr.io/oss-fuzz/$project $@ 30 | ;; 31 | *) 32 | echo $"Usage: $0 {|compile}" 33 | exit 1 34 | esac 35 | 36 | done 37 | -------------------------------------------------------------------------------- /projects/arduinojson/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER oss-fuzz@benoitblanchon.fr 19 | RUN apt-get update && apt-get install -y make zip git 20 | RUN git clone --depth 1 https://github.com/bblanchon/ArduinoJson.git arduinojson 21 | WORKDIR arduinojson 22 | COPY build.sh $SRC/ 23 | -------------------------------------------------------------------------------- /projects/arduinojson/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # build fuzzers 19 | cd fuzzing 20 | make 21 | -------------------------------------------------------------------------------- /projects/arduinojson/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/bblanchon/ArduinoJson" 2 | primary_contact: "benoit.blanchon@gmail.com" 3 | sanitizers: 4 | - address 5 | - memory 6 | - undefined 7 | -------------------------------------------------------------------------------- /projects/bad_example/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mmoroz@chromium.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool 20 | 21 | # Using a real zlib project, but with broken build script and/or fuzz target. 22 | 23 | RUN git clone --depth 1 https://github.com/madler/zlib.git 24 | WORKDIR zlib 25 | COPY build.sh bad_example_fuzzer.cc $SRC/ 26 | -------------------------------------------------------------------------------- /projects/bad_example/bad_example_fuzzer.cc: -------------------------------------------------------------------------------- 1 | // Copyright 2017 The Chromium Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style license that can be 3 | // found in the LICENSE file. 4 | 5 | #include 6 | #include 7 | #include 8 | 9 | #include 10 | #include 11 | 12 | #include "zlib.h" 13 | 14 | static Bytef buffer[256 * 1024] = { 0 }; 15 | 16 | 17 | #ifdef INTENTIONAL_STARTUP_CRASH 18 | void bad_term_handler(int signum) { 19 | _exit(0); 20 | } 21 | #endif 22 | 23 | // Entry point for LibFuzzer. 24 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 25 | #ifdef INTENTIONAL_STARTUP_CRASH 26 | // Simulates the worst case, fuzz target silently dies without any error. 27 | struct sigaction action = { 0 }; 28 | action.sa_handler = bad_term_handler; 29 | sigaction(SIGTERM, &action, NULL); 30 | 31 | // Cannot call _exit(0) directly, as it's even worse -- sancov does not print 32 | // any coverage information in that case. 33 | kill(getpid(), SIGTERM); 34 | #endif 35 | 36 | uLongf buffer_length = static_cast(sizeof(buffer)); 37 | if (Z_OK != uncompress(buffer, &buffer_length, data, 38 | static_cast(size))) { 39 | return 0; 40 | } 41 | return 0; 42 | } 43 | -------------------------------------------------------------------------------- /projects/bad_example/project.yaml: -------------------------------------------------------------------------------- 1 | disabled: True 2 | homepage: "http://www.zlib.net/" 3 | sanitizers: 4 | - address 5 | - memory 6 | - undefined 7 | -------------------------------------------------------------------------------- /projects/boringssl/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mike.aizatsky@gmail.com 19 | RUN apt-get update && apt-get install -y cmake ninja-build golang 20 | 21 | RUN git clone --depth 1 https://boringssl.googlesource.com/boringssl 22 | COPY build.sh $SRC/ 23 | -------------------------------------------------------------------------------- /projects/boringssl/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://boringssl.googlesource.com/boringssl/" 2 | primary_contact: "agl@google.com" 3 | auto_ccs: 4 | - "davidben@google.com" 5 | - "svaldez@google.com" 6 | sanitizers: 7 | - address 8 | - undefined 9 | - memory 10 | -------------------------------------------------------------------------------- /projects/botan/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER jack@randombit.net 19 | RUN apt-get update && apt-get install -y make python 20 | RUN git clone --depth 1 https://github.com/randombit/botan.git botan 21 | RUN git clone --depth 1 https://github.com/randombit/crypto-corpus.git crypto-corpus 22 | WORKDIR botan 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/botan/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | cd $SRC/botan 19 | 20 | # This assumes $CC is set to either 'clang' or 'gcc' 21 | ./configure.py --cc=$CC --cc-bin=$CXX --cc-abi-flags="$CXXFLAGS" \ 22 | --unsafe-fuzzer-mode --disable-shared --disable-modules=locking_allocator 23 | make -j$(nproc) libbotan-2.a 24 | 25 | jigs=$(find $SRC/botan/src/extra_tests/fuzzers/jigs -name "*.cpp") 26 | 27 | for fuzzer_src in $jigs; do 28 | fuzzer=$(basename $fuzzer_src .cpp) 29 | $CXX $CXXFLAGS -DUSE_LLVM_FUZZER -std=c++11 -I$SRC/botan/build/include \ 30 | -o $OUT/$fuzzer $fuzzer_src -L$SRC/botan -lbotan-2 -lFuzzingEngine 31 | 32 | if [ -d "$SRC/crypto-corpus/${fuzzer}" ]; then 33 | zip -j $OUT/${fuzzer}_seed_corpus.zip $SRC/crypto-corpus/${fuzzer}/* 34 | fi 35 | done 36 | 37 | -------------------------------------------------------------------------------- /projects/botan/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://botan.randombit.net" 2 | primary_contact: "jack.lloyd@gmail.com" 3 | auto_ccs: 4 | - "r.korthaus@sirrix.com" 5 | - "d.neus@sirrix.com" 6 | sanitizers: 7 | - address 8 | - memory 9 | - undefined 10 | fuzzing_engines: 11 | - libfuzzer 12 | - afl 13 | -------------------------------------------------------------------------------- /projects/brotli/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER eustas@chromium.org 19 | RUN apt-get update && apt-get install -y cmake libtool make 20 | 21 | RUN git clone --depth 1 https://github.com/google/brotli.git 22 | WORKDIR brotli 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/brotli/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | 3 | cmake . -DBUILD_SHARED_LIBS=OFF -DBUILD_TESTING=OFF 4 | make clean 5 | make -j$(nproc) brotlidec 6 | 7 | $CXX $CXXFLAGS -std=c++11 -I. \ 8 | c/fuzz/decode_fuzzer.cc -I./c/include -o $OUT/decode_fuzzer \ 9 | -lFuzzingEngine ./libbrotlidec.a ./libbrotlicommon.a 10 | 11 | cp java/org/brotli/integration/fuzz_data.zip $OUT/decode_fuzzer_seed_corpus.zip 12 | chmod a-x $OUT/decode_fuzzer_seed_corpus.zip # we will try to run it otherwise 13 | -------------------------------------------------------------------------------- /projects/brotli/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/google/brotli" 2 | primary_contact: "eustas@chromium.org" 3 | sanitizers: 4 | - address 5 | - memory 6 | - undefined 7 | -------------------------------------------------------------------------------- /projects/c-ares/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mmoroz@chromium.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool 20 | RUN git clone --depth 1 https://github.com/c-ares/c-ares.git 21 | WORKDIR c-ares 22 | COPY build.sh $SRC/ 23 | -------------------------------------------------------------------------------- /projects/c-ares/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://c-ares.haxx.se/" 2 | primary_contact: "drysdale@google.com" 3 | sanitizers: 4 | - address 5 | - memory 6 | - undefined 7 | -------------------------------------------------------------------------------- /projects/cmark/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER philipturnbull@github.com 19 | RUN apt-get update && apt-get install -y make cmake 20 | RUN git clone --depth 1 https://github.com/jgm/cmark.git cmark 21 | WORKDIR cmark 22 | COPY build.sh *.dict *.options $SRC/ 23 | -------------------------------------------------------------------------------- /projects/cmark/cmark_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = cmark.dict 3 | max_len = 256 4 | -------------------------------------------------------------------------------- /projects/cmark/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://commonmark.org" 2 | primary_contact: "jgm@berkeley.edu" 3 | auto_ccs: 4 | - "kivikakk@github.com" 5 | sanitizers: 6 | - address 7 | - memory 8 | - undefined 9 | -------------------------------------------------------------------------------- /projects/coreutils/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.gnu.org/software/coreutils/" 2 | primary_contact: "P@draigBrady.com" 3 | -------------------------------------------------------------------------------- /projects/cpython2/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://python.org/" 2 | primary_contact: "gps@google.com" 3 | auto_ccs: 4 | - "jeanpierreda@google.com" 5 | - "alex.gaynor@gmail.com" 6 | -------------------------------------------------------------------------------- /projects/cpython3/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://python.org/" 2 | primary_contact: "gps@google.com" 3 | auto_ccs: 4 | - "jeanpierreda@google.com" 5 | - "alex.gaynor@gmail.com" 6 | -------------------------------------------------------------------------------- /projects/curl/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER dvyukov@google.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool libssl-dev zlib1g-dev 20 | 21 | RUN git clone --depth 1 https://github.com/curl/curl.git 22 | WORKDIR curl 23 | COPY build.sh curl_fuzzer.cc *.options *.dict $SRC/ 24 | 25 | -------------------------------------------------------------------------------- /projects/curl/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | ./buildconf 19 | ./configure --disable-shared --enable-debug --enable-maintainer-mode --disable-symbol-hiding --disable-threaded-resolver --enable-ipv6 --with-random=/dev/null 20 | make -j$(nproc) 21 | 22 | # Build the fuzzer. 23 | $CXX $CXXFLAGS $SRC/curl_fuzzer.cc -Iinclude lib/.libs/libcurl.a \ 24 | -o $OUT/curl_fuzzer \ 25 | -Wl,-Bstatic -lssl -lcrypto -lz -lFuzzingEngine -Wl,-Bdynamic 26 | 27 | # Copy dictionary and options file to $OUT. 28 | cp $SRC/*.dict $SRC/*.options $OUT/ 29 | 30 | # Archive and copy to $OUT seed corpus if the build succeeded. 31 | zip -j $OUT/curl_fuzzer_seed_corpus.zip $SRC/curl/tests/data/test* 32 | -------------------------------------------------------------------------------- /projects/curl/curl_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 10000 3 | dict = http.dict 4 | -------------------------------------------------------------------------------- /projects/curl/http.dict: -------------------------------------------------------------------------------- 1 | "\x0a\x0d" 2 | "HTTP/1.0" 3 | "HTTP/1.1" 4 | "100" 5 | "200" 6 | "301" 7 | "400" 8 | "Server:" 9 | "Last-Modified:" 10 | "Content-Type:" 11 | "text/html" 12 | "charset=UTF-8" 13 | "Accept-Ranges:" 14 | "bytes" 15 | "Content-Length:" 16 | "Transfer-Encoding:" 17 | "compress" 18 | "exi" 19 | "gzip" 20 | "identity" 21 | "pack200-gzip" 22 | "br" 23 | "deflate" 24 | "bzip2" 25 | "lzma" 26 | "xz" 27 | "Content-Encoding:" 28 | "chunked" 29 | "Connection:" 30 | "close" 31 | "Date:" 32 | "Expires:" 33 | "Fri, 31 Dec 1999 23:59:59 GMT" 34 | "Cache-Control:" 35 | "no-cache" 36 | "no-store" 37 | "must-revalidate" 38 | "Pragma:" 39 | "no-cache" 40 | "Host:" 41 | 42 | -------------------------------------------------------------------------------- /projects/curl/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://curl.haxx.se/" 2 | primary_contact: "daniel@haxx.se" 3 | auto_ccs: 4 | - "daniel.haxx@gmail.com" 5 | sanitizers: 6 | - address 7 | - undefined 8 | -------------------------------------------------------------------------------- /projects/dlplibs/abwfuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = abw.dict 3 | -------------------------------------------------------------------------------- /projects/dlplibs/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.documentliberation.org" 2 | primary_contact: "dtardon@redhat.com" 3 | -------------------------------------------------------------------------------- /projects/dlplibs/vdxfuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = vdx.dict 3 | -------------------------------------------------------------------------------- /projects/dlplibs/vsdxfuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = vsdx.dict 3 | -------------------------------------------------------------------------------- /projects/dropbear/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER matt@ucc.asn.au 19 | RUN apt-get update && apt-get install -y libz-dev autoconf mercurial 20 | RUN hg clone -b fuzz https://secure.ucc.asn.au/hg/dropbear dropbear 21 | RUN hg clone https://secure.ucc.asn.au/hg/dropbear-fuzzcorpus dropbear/corpus 22 | WORKDIR dropbear 23 | COPY build.sh *.options $SRC/ 24 | 25 | -------------------------------------------------------------------------------- /projects/dropbear/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | 19 | pushd $SRC/dropbear 20 | autoconf 21 | autoheader 22 | popd 23 | 24 | $SRC/dropbear/configure --enable-fuzz --disable-harden 25 | # force static zlib 26 | sed -i 's@-lz@/usr/lib/x86_64-linux-gnu/libz.a@' Makefile 27 | 28 | make -j$(nproc) fuzz-targets FUZZLIB=$LIB_FUZZING_ENGINE 29 | 30 | TARGETS="$(make list-fuzz-targets)" 31 | 32 | make -C $SRC/dropbear/corpus 33 | 34 | cp -v $TARGETS $OUT/ 35 | cp -v *.options $OUT/ 36 | cp -v $SRC/dropbear/corpus/*.zip $OUT/ 37 | -------------------------------------------------------------------------------- /projects/dropbear/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://matt.ucc.asn.au/dropbear/dropbear.html" 2 | primary_contact: "matt@ucc.asn.au" 3 | -------------------------------------------------------------------------------- /projects/example/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | RUN apt-get update && apt-get install -y make 19 | 20 | # Get *your* source code here. 21 | RUN git clone https://github.com/google/oss-fuzz.git my-git-repo 22 | WORKDIR my-git-repo 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/example/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2017 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | cd projects/example/my-api-repo 19 | make clean # Not strictly necessary, since we are building in a fresh dir. 20 | make -j$(nproc) all # Build the fuzz targets. 21 | make -j$(nproc) check # Sanity check, not strictly required, but nice to have. 22 | 23 | # Copy the fuzzer executables, zip-ed corpora, option and dictionary files to $OUT 24 | find . -name '*_fuzzer' -exec cp -v '{}' $OUT ';' 25 | find . -name '*_fuzzer.dict' -exec cp -v '{}' $OUT ';' # If you have dictionaries. 26 | find . -name '*_fuzzer.options' -exec cp -v '{}' $OUT ';' # If you have custom options. 27 | find . -name '*_fuzzer_seed_corpus.zip' -exec cp -v '{}' $OUT ';' # If you have seed corpora (you better have them!) 28 | -------------------------------------------------------------------------------- /projects/example/my-api-repo/do_stuff_fuzzer.cpp: -------------------------------------------------------------------------------- 1 | // Copyright 2017 Google Inc. All Rights Reserved. 2 | // Licensed under the Apache License, Version 2.0 (the "License"); 3 | #include "my_api.h" 4 | 5 | #include 6 | 7 | // Simple fuzz target for DoStuff(). 8 | // See http://libfuzzer.info for details. 9 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 10 | std::string str(reinterpret_cast(data), size); 11 | DoStuff(str); // Disregard the output. 12 | return 0; 13 | } 14 | -------------------------------------------------------------------------------- /projects/example/my-api-repo/do_stuff_fuzzer.dict: -------------------------------------------------------------------------------- 1 | # A dictionary for more efficient fuzzing of DoStuff(). 2 | # If the inputs contain multi-byte tokens, list them here. 3 | # See http://libfuzzer.info#dictionaries 4 | "foo" 5 | "bar" 6 | "ouch" 7 | -------------------------------------------------------------------------------- /projects/example/my-api-repo/do_stuff_test_data/410c23d234e7f97a2dd6265eb2909324deb8c13a: -------------------------------------------------------------------------------- 1 | fomgo -------------------------------------------------------------------------------- /projects/example/my-api-repo/do_stuff_test_data/7a74862169c3375f4149daff75187cbca7372a38: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/example/my-api-repo/do_stuff_test_data/7a74862169c3375f4149daff75187cbca7372a38 -------------------------------------------------------------------------------- /projects/example/my-api-repo/do_stuff_test_data/a835d6f1c6b2ae4a35e8c0a4a0576715c8b27283: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/example/my-api-repo/do_stuff_test_data/a835d6f1c6b2ae4a35e8c0a4a0576715c8b27283 -------------------------------------------------------------------------------- /projects/example/my-api-repo/do_stuff_test_data/e8fb273916196a5e29967af0b5826daffb9b3765: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/example/my-api-repo/do_stuff_test_data/e8fb273916196a5e29967af0b5826daffb9b3765 -------------------------------------------------------------------------------- /projects/example/my-api-repo/do_stuff_test_data/fc09d362f05ab97efdfcd873dacad6a9c29e57ff: -------------------------------------------------------------------------------- 1 | _oouch -------------------------------------------------------------------------------- /projects/example/my-api-repo/do_stuff_unittest.cpp: -------------------------------------------------------------------------------- 1 | // Copyright 2017 Google Inc. All Rights Reserved. 2 | // Licensed under the Apache License, Version 2.0 (the "License"); 3 | 4 | // Simple unit test for DoStuff(). 5 | // This unit test does not cover the existing bug in DoStuff(), 6 | // unless you pass an extra parameter ("BUG"). 7 | #include "my_api.h" 8 | 9 | #include 10 | #include 11 | 12 | void TestDoStuff(const std::string &str, size_t Expected) { 13 | size_t Result = DoStuff(str); 14 | std::cerr << str << " => " << Result << std::endl; 15 | assert(Result == Expected); 16 | } 17 | 18 | int main(int argc, char **argv) { 19 | // Test some simple inputs, verify the output. 20 | TestDoStuff("", 0); 21 | TestDoStuff("foo", 1); 22 | TestDoStuff("omg", 1); 23 | TestDoStuff("bar", 1); 24 | TestDoStuff("ouch", 1); 25 | TestDoStuff("foobar", 3); 26 | TestDoStuff("foouchbar", 4); 27 | if (argc == 2 && std::string(argv[1]) == "BUG") { 28 | // This is the missing test that actually triggers the bug. 29 | TestDoStuff("foouchbaromg", 4); 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /projects/example/my-api-repo/my_api.cpp: -------------------------------------------------------------------------------- 1 | // Copyright 2017 Google Inc. All Rights Reserved. 2 | // Licensed under the Apache License, Version 2.0 (the "License"); 3 | 4 | // Implementation of "my_api". 5 | #include "my_api.h" 6 | 7 | #include 8 | 9 | // Do some computations with 'str', return the result. 10 | // This function contains a bug. Can you spot it? 11 | size_t DoStuff(const std::string &str) { 12 | std::vector Vec({0, 1, 2, 3, 4}); 13 | size_t Idx = 0; 14 | if (str.size() > 5) 15 | Idx++; 16 | if (str.find("foo") != std::string::npos) 17 | Idx++; 18 | if (str.find("bar") != std::string::npos) 19 | Idx++; 20 | if (str.find("ouch") != std::string::npos) 21 | Idx++; 22 | if (str.find("omg") != std::string::npos) 23 | Idx++; 24 | return Vec[Idx]; 25 | } 26 | -------------------------------------------------------------------------------- /projects/example/my-api-repo/my_api.h: -------------------------------------------------------------------------------- 1 | // Copyright 2017 Google Inc. All Rights Reserved. 2 | // Licensed under the Apache License, Version 2.0 (the "License"); 3 | 4 | // A library that does ... stuff. 5 | // Serves as an example of good fuzz testing and OSS-Fuzz integration. 6 | #include 7 | 8 | size_t DoStuff(const std::string &str); 9 | -------------------------------------------------------------------------------- /projects/example/project.yaml: -------------------------------------------------------------------------------- 1 | # Provide the home page for *your* project: 2 | homepage: "https://my-api.example.com" 3 | # Provide the e-mail for the primary contact: 4 | primary_contact: "primary-my-api-maintainer@example.com" 5 | auto_ccs: 6 | - "secondary-my-api-maintainer@example.com" 7 | - "tertiary-my-api-maintainer@example.com" 8 | 9 | # We don't run this example project for real. (Don't use this flag for your project) 10 | disabled: true 11 | -------------------------------------------------------------------------------- /projects/expat/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mike.aizatsky@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool docbook2x docbook 20 | 21 | RUN git clone --depth 1 https://github.com/libexpat/libexpat expat 22 | WORKDIR expat 23 | COPY build.sh parse_fuzzer.* *.dict $SRC/ 24 | -------------------------------------------------------------------------------- /projects/expat/parse_fuzzer.cc: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Chromium Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style license that can be 3 | // found in the LICENSE file. 4 | 5 | #include 6 | #include 7 | 8 | #include "expat.h" 9 | 10 | const char* kEncoding = 11 | #if defined(ENCODING_UTF_16) 12 | "UTF-16" 13 | #elif defined(ENCODING_UTF_8) 14 | "UTF-8" 15 | #elif defined(ENCODING_ISO_8859_1) 16 | "ISO-8859-1" 17 | #elif defined(ENCODING_US_ASCII) 18 | "US-ASCII" 19 | #elif defined(ENCODING_UTF_16BE) 20 | "UTF-16BE" 21 | #elif defined(ENCODING_UTF_16LE) 22 | "UTF-16LE" 23 | #else 24 | #error Encoding type is not specified. 25 | #endif 26 | ; 27 | 28 | // Entry point for LibFuzzer. 29 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 30 | for (int use_ns = 0; use_ns <= 1; ++use_ns) { 31 | XML_Parser parser = 32 | use_ns ? XML_ParserCreateNS(kEncoding, '\n') : 33 | XML_ParserCreate(kEncoding); 34 | XML_Parse(parser, reinterpret_cast(data), size, true); 35 | XML_ParserFree(parser); 36 | } 37 | return 0; 38 | } 39 | -------------------------------------------------------------------------------- /projects/expat/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/libexpat/libexpat" 2 | primary_contact: "sebastian@pipping.org" 3 | auto_ccs: 4 | - "rhodri@kynesim.co.uk" 5 | - "hanno@hboeck.de" 6 | - "webmaster@hartwork.org" 7 | sanitizers: 8 | - address 9 | - memory 10 | - undefined 11 | 12 | -------------------------------------------------------------------------------- /projects/ffmpeg/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.ffmpeg.org/" 2 | primary_contact: "ffmpeg-security@ffmpeg.org" 3 | auto_ccs: 4 | - "michaelni@gmx.at" 5 | - "jrummell@google.com" 6 | - "tfoucu@google.com" 7 | -------------------------------------------------------------------------------- /projects/file/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mike.aizatsky@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool shtool 20 | RUN git clone --depth 1 https://github.com/file/file.git 21 | WORKDIR file 22 | COPY build.sh magic_fuzzer.cc $SRC/ 23 | -------------------------------------------------------------------------------- /projects/file/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | autoreconf -i 19 | ./configure --enable-static 20 | make V=1 all 21 | 22 | $CXX $CXXFLAGS -std=c++11 -Isrc/ \ 23 | $SRC/magic_fuzzer.cc -o $OUT/magic_fuzzer \ 24 | -lFuzzingEngine ./src/.libs/libmagic.a 25 | 26 | cp ./magic/magic.mgc $OUT/ 27 | 28 | -------------------------------------------------------------------------------- /projects/file/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.darwinsys.com/file/" 2 | primary_contact: "zoulasc@gmail.com" 3 | sanitizers: 4 | - address 5 | - memory 6 | - undefined 7 | 8 | -------------------------------------------------------------------------------- /projects/freetype2/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mike.aizatsky@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf libtool libarchive-dev 20 | 21 | # Get some files for the seed corpus 22 | ADD https://github.com/adobe-fonts/adobe-variable-font-prototype/releases/download/1.001/AdobeVFPrototype.otf $SRC/font-corpus/ 23 | RUN git clone https://github.com/unicode-org/text-rendering-tests.git && cp text-rendering-tests/fonts/* $SRC/font-corpus 24 | 25 | RUN git clone --depth 1 git://git.sv.nongnu.org/freetype/freetype2.git 26 | WORKDIR freetype2 27 | COPY build.sh *.options $SRC/ 28 | -------------------------------------------------------------------------------- /projects/freetype2/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eux 2 | # 3 | # Copyright 2016 Google Inc. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | ################################################################################ 18 | 19 | ./autogen.sh 20 | sync 21 | ./configure 22 | make -j$(nproc) clean 23 | make -j$(nproc) all 24 | 25 | $CXX $CXXFLAGS -std=c++11 \ 26 | -I./include -I. \ 27 | ./src/tools/ftfuzzer/ftfuzzer.cc -o $OUT/ftfuzzer \ 28 | ./objs/*.o -lFuzzingEngine \ 29 | /usr/lib/x86_64-linux-gnu/libarchive.a \ 30 | ./objs/.libs/libfreetype.a 31 | 32 | zip -j $OUT/ftfuzzer_seed_corpus.zip $SRC/font-corpus/* 33 | cp $SRC/*.options $OUT/ 34 | -------------------------------------------------------------------------------- /projects/freetype2/ftfuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 30000 3 | -------------------------------------------------------------------------------- /projects/freetype2/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.freetype.org/" 2 | primary_contact: "lemzwerg@gmail.com" 3 | auto_ccs: 4 | - "darnold@adobe.com" 5 | - "lemzwerg@googlemail.com" 6 | - "HinTak.Leung@gmail.com" 7 | sanitizers: 8 | - address 9 | - undefined 10 | -------------------------------------------------------------------------------- /projects/fuchsia_fidl/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER aarongreen@google.com 19 | RUN apt-get update && apt-get install -y golang git build-essential curl unzip texinfo libglib2.0-dev autoconf libtool libsdl-dev 20 | 21 | RUN curl -s "https://fuchsia.googlesource.com/jiri/+/master/scripts/bootstrap_jiri?format=TEXT" | base64 -d | bash -s fuchsia 22 | WORKDIR fuchsia 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/fuchsia_fidl/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | JIRI_HOME=`pwd`/.jiri_root/bin 4 | $JIRI_HOME/jiri import fidl https://fuchsia.googlesource.com/manifest 5 | $JIRI_HOME/jiri update 6 | ./scripts/build-magenta.sh 7 | ./packages/gn/gen.py -m fidl --ignore-skia --args=enable_ossfuzz=true 8 | ./buildtools/ninja -C out/debug-x86-64 9 | 10 | cp out/debug-x86-64/host_x64/fidl-fuzzer $OUT/fuchsia_fidl_fuzzer 11 | zip -j $OUT/fuchsia_fidl_seed_corpus.zip lib/fidl/fuzz/input_corpus/* magenta/system/host/fidl/examples/* 12 | -------------------------------------------------------------------------------- /projects/fuchsia_fidl/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://fuchsia.googlesource.com/magenta/+/master/system/host/fidl/" 2 | primary_contact: "aarongreen@google.com" 3 | auto_ccs: 4 | - "hariri@google.com" 5 | - "phosek@google.com" 6 | - "kulakowski@google.com" 7 | fuzzing_engines: 8 | - afl 9 | - libfuzzer 10 | -------------------------------------------------------------------------------- /projects/gdal/NC4_put_propattr_leak_fix.patch: -------------------------------------------------------------------------------- 1 | --- libsrc4/nc4info.c.ori 2017-06-07 10:28:11.478130590 +0200 2 | +++ libsrc4/nc4info.c 2017-06-07 10:28:29.670268763 +0200 3 | @@ -174,11 +174,8 @@ 4 | herr = 0; 5 | } 6 | done: 7 | - if(ncstat != NC_NOERR) { 8 | - if(text != NULL) { 9 | - free(text); 10 | - text = NULL; 11 | - } 12 | + if(text != NULL) { 13 | + free(text); 14 | } 15 | 16 | if(attid >= 0) HCHECK((H5Aclose(attid))); 17 | -------------------------------------------------------------------------------- /projects/gdal/libnetcdf_fix_undefined_left_shift_in_ncx_get_size_t.patch: -------------------------------------------------------------------------------- 1 | --- libsrc/ncx.m4.ori 2017-06-15 12:45:29.461345214 +0200 2 | +++ libsrc/ncx.m4 2017-06-23 12:14:29.263652717 +0200 3 | @@ -726,7 +726,11 @@ 4 | { 5 | const uchar *cp = (const uchar *) xp; 6 | 7 | +#if INT_MAX >= X_INT_MAX 8 | + *ip = (ix_int)((unsigned)(*cp++) << 24); 9 | +#else 10 | *ip = *cp++ << 24; 11 | +#endif 12 | #if SIZEOF_IX_INT > X_SIZEOF_INT 13 | if(*ip & 0x80000000) 14 | { 15 | @@ -1883,7 +1887,7 @@ 16 | /* similar to get_ix_int */ 17 | const uchar *cp = (const uchar *) *xpp; 18 | 19 | - *ulp = (unsigned)(*cp++ << 24); 20 | + *ulp = (unsigned)(*cp++) << 24; 21 | *ulp |= (*cp++ << 16); 22 | *ulp |= (*cp++ << 8); 23 | *ulp |= *cp; 24 | --- libsrc/ncx.c.ori 2017-06-15 12:38:29.769770935 +0200 25 | +++ libsrc/ncx.c 2017-06-23 12:10:38.359973119 +0200 26 | @@ -1031,7 +1031,11 @@ 27 | { 28 | const uchar *cp = (const uchar *) xp; 29 | 30 | +#if INT_MAX >= X_INT_MAX 31 | + *ip = (ix_int)((unsigned)(*cp++) << 24); 32 | +#else 33 | *ip = *cp++ << 24; 34 | +#endif 35 | #if SIZEOF_IX_INT > X_SIZEOF_INT 36 | if(*ip & 0x80000000) 37 | { 38 | @@ -3451,7 +3455,7 @@ 39 | /* similar to get_ix_int */ 40 | const uchar *cp = (const uchar *) *xpp; 41 | 42 | - *ulp = (unsigned)(*cp++ << 24); 43 | + *ulp = (unsigned)(*cp++) << 24; 44 | *ulp |= (*cp++ << 16); 45 | *ulp |= (*cp++ << 8); 46 | *ulp |= *cp; 47 | -------------------------------------------------------------------------------- /projects/gdal/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://gdal.org" 2 | primary_contact: "even.rouault@gmail.com" 3 | auto_ccs: 4 | - "schwehr@gmail.com" 5 | - "mateusz@loskot.net" 6 | - "bishop.dev@gmail.com" 7 | -------------------------------------------------------------------------------- /projects/gnutls/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER alex.gaynor@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool autopoint pkg-config gperf bison autogen texinfo curl 20 | 21 | RUN git clone --depth=1 https://gitlab.com/gnutls/gnutls.git 22 | RUN cd gnutls && git clone --depth=1 https://git.lysator.liu.se/nettle/nettle.git 23 | 24 | WORKDIR gnutls 25 | COPY build.sh $SRC/ 26 | -------------------------------------------------------------------------------- /projects/gnutls/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.gnutls.org" 2 | primary_contact: "n.mavrogiannopoulos@gmail.com" 3 | auto_ccs: 4 | - "alex.gaynor@gmail.com" 5 | - "daiki.ueno@gmail.com" 6 | - "rockdaboot@gmail.com" 7 | sanitizers: 8 | - address 9 | - memory 10 | - undefined 11 | -------------------------------------------------------------------------------- /projects/grpc/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.grpc.io/" 2 | primary_contact: "mattkwong@google.com" 3 | auto_ccs: 4 | - "ctiller@google.com" 5 | - "dgq@google.com" 6 | - "roth@google.com" 7 | - "ncteisen@google.com" 8 | - "nnoble@google.com" 9 | - "sreek@google.com" 10 | - "vpai@google.com" 11 | - "yangg@google.com" 12 | - "yuxuanli@google.com" 13 | - "zyc@google.com" 14 | -------------------------------------------------------------------------------- /projects/guetzli/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER robryk@google.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool libpng-dev pkg-config curl 20 | 21 | RUN mkdir afl-testcases 22 | RUN cd afl-testcases/ && curl http://lcamtuf.coredump.cx/afl/demo/afl_testcases.tgz | tar -xz 23 | RUN zip guetzli_fuzzer_seed_corpus.zip afl-testcases/jpeg/full/images/* afl-testcases/jpeg_turbo/full/images/* $SRC/libjpeg-turbo/testimages/ 24 | 25 | RUN git clone --depth=1 https://github.com/google/guetzli guetzli 26 | WORKDIR guetzli 27 | COPY build.sh $SRC/ 28 | -------------------------------------------------------------------------------- /projects/guetzli/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | make guetzli_static 19 | $CXX $CXXFLAGS -std=c++11 -I. fuzz_target.cc -lFuzzingEngine \ 20 | -o $OUT/guetzli_fuzzer bin/Release/libguetzli_static.a 21 | 22 | cp $SRC/guetzli_fuzzer_seed_corpus.zip $OUT/ 23 | -------------------------------------------------------------------------------- /projects/guetzli/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/google/guetzli" 2 | primary_contact: "robryk@google.com" 3 | auto_ccs: 4 | - "szabadka@google.com" 5 | sanitizers: 6 | - address 7 | - memory 8 | - undefined 9 | -------------------------------------------------------------------------------- /projects/h2o/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER jonathan.foote@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool cmake zlib1g-dev pkg-config libssl-dev 20 | RUN git clone https://github.com/h2o/h2o 21 | WORKDIR h2o 22 | COPY build.sh $SRC/ 23 | COPY *.options $SRC/ 24 | -------------------------------------------------------------------------------- /projects/h2o/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | pushd $SRC/h2o 19 | cmake -DBUILD_FUZZER=ON -DOSS_FUZZ=ON -DOPENSSL_USE_STATIC_LIBS=TRUE . 20 | make 21 | cp ./h2o-fuzzer-* $OUT/ 22 | 23 | zip -jr $OUT/h2o-fuzzer-http1_seed_corpus.zip $SRC/h2o/fuzz/http1-corpus 24 | zip -jr $OUT/h2o-fuzzer-http2_seed_corpus.zip $SRC/h2o/fuzz/http2-corpus 25 | zip -jr $OUT/h2o-fuzzer-url_seed_corpus.zip $SRC/h2o/fuzz/url-corpus 26 | 27 | cp $SRC/*.options $SRC/h2o/fuzz/*.dict $OUT/ 28 | popd 29 | -------------------------------------------------------------------------------- /projects/h2o/h2o-fuzzer-http1.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | close_fd_mask = 3 3 | max_len = 16384 4 | dict = http.dict 5 | -------------------------------------------------------------------------------- /projects/h2o/h2o-fuzzer-http2.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | close_fd_mask = 3 3 | max_len = 16384 4 | dict = http.dict 5 | -------------------------------------------------------------------------------- /projects/h2o/h2o-fuzzer-url.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | close_fd_mask = 3 3 | -------------------------------------------------------------------------------- /projects/h2o/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/h2o/h2o" 2 | primary_contact: "jonathan.foote@gmail.com" 3 | auto_ccs: 4 | - "frederik.deweerdt@gmail.com" 5 | - "kazuhooku@gmail.com" 6 | - "security@fastly.com" 7 | -------------------------------------------------------------------------------- /projects/harfbuzz/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mmoroz@chromium.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool ragel pkg-config 20 | 21 | RUN git clone --depth 1 https://anongit.freedesktop.org/git/harfbuzz.git 22 | WORKDIR harfbuzz 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/harfbuzz/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # Disable: 19 | # 1. UBSan vptr since target built with -fno-rtti. 20 | # 2. UBSan function to avoid crashes with void* cast crashes. 21 | export CFLAGS="$CFLAGS -fno-sanitize=function,vptr" 22 | export CXXFLAGS="$CXXFLAGS -fno-sanitize=function,vptr" 23 | 24 | # Build the library. 25 | ./autogen.sh 26 | ./configure 27 | make clean 28 | make -j$(nproc) V=1 all 29 | make -C src V=1 fuzzing 30 | 31 | # Build the fuzzer. 32 | $CXX $CXXFLAGS -std=c++11 -Isrc \ 33 | ./test/fuzzing/hb-fuzzer.cc -o $OUT/hb-fuzzer \ 34 | -lFuzzingEngine ./src/.libs/libharfbuzz-fuzzing.a 35 | 36 | # Archive and copy to $OUT seed corpus if the build succeeded. 37 | zip -j -r $OUT/hb-fuzzer_seed_corpus.zip $SRC/harfbuzz/test/shaping/fonts 38 | 39 | -------------------------------------------------------------------------------- /projects/harfbuzz/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.harfbuzz.org/" 2 | primary_contact: "behdad@google.com" 3 | sanitizers: 4 | - address 5 | - undefined 6 | - memory 7 | -------------------------------------------------------------------------------- /projects/icu/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mike.aizatsky@gmail.com 19 | RUN apt-get update && apt-get install -y make 20 | 21 | RUN svn co http://source.icu-project.org/repos/icu/trunk/icu4c/ icu 22 | COPY build.sh *.cc *.h *.dict *.options $SRC/ 23 | -------------------------------------------------------------------------------- /projects/icu/converter_fuzzer.cc: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Chromium Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style license that can be 3 | // found in the LICENSE file. 4 | 5 | #include 6 | #include 7 | 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | #include "fuzzer_utils.h" 14 | #include "unicode/unistr.h" 15 | #include "unicode/ucnv.h" 16 | 17 | IcuEnvironment* env = new IcuEnvironment(); 18 | 19 | template 20 | using deleted_unique_ptr = std::unique_ptr>; 21 | 22 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 23 | UErrorCode status = U_ZERO_ERROR; 24 | auto rng = CreateRng(data, size); 25 | icu::UnicodeString str(UnicodeStringFromUtf8(data, size)); 26 | 27 | const char* converter_name = 28 | ucnv_getAvailableName(rng() % ucnv_countAvailable()); 29 | 30 | deleted_unique_ptr converter(ucnv_open(converter_name, &status), 31 | &ucnv_close); 32 | 33 | if (U_FAILURE(status)) 34 | return 0; 35 | 36 | static const size_t dest_buffer_size = 1024 * 1204; 37 | static const std::unique_ptr dest_buffer(new char[dest_buffer_size]); 38 | 39 | str.extract(dest_buffer.get(), dest_buffer_size, converter.get(), status); 40 | 41 | if (U_FAILURE(status)) 42 | return 0; 43 | 44 | return 0; 45 | } 46 | -------------------------------------------------------------------------------- /projects/icu/number_format_fuzzer.cc: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Chromium Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style license that can be 3 | // found in the LICENSE file. 4 | 5 | // Fuzzer for NumberFormat::parse. 6 | 7 | #include 8 | #include 9 | #include 10 | #include "fuzzer_utils.h" 11 | #include "unicode/numfmt.h" 12 | 13 | IcuEnvironment* env = new IcuEnvironment(); 14 | 15 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 16 | UErrorCode status = U_ZERO_ERROR; 17 | 18 | auto rng = CreateRng(data, size); 19 | const icu::Locale& locale = GetRandomLocale(&rng); 20 | 21 | std::unique_ptr fmt( 22 | icu::NumberFormat::createInstance(locale, status)); 23 | if (U_FAILURE(status)) return 0; 24 | 25 | icu::UnicodeString str(UnicodeStringFromUtf8(data, size)); 26 | icu::Formattable result; 27 | fmt->parse(str, result, status); 28 | 29 | return 0; 30 | } 31 | -------------------------------------------------------------------------------- /projects/icu/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://site.icu-project.org/" 2 | auto_ccs: 3 | - "icu-team@google.com" 4 | sanitizers: 5 | - address 6 | - memory 7 | 8 | -------------------------------------------------------------------------------- /projects/icu/regex.dict: -------------------------------------------------------------------------------- 1 | # Copyright 2016 The Chromium Authors. All rights reserved. 2 | # Use of this source code is governed by a BSD-style license that can be 3 | # found in the LICENSE file. 4 | 5 | "\\a" 6 | "\\A" 7 | "\\b" 8 | "\\B" 9 | "\\cX" 10 | "\\cC" 11 | "\\cZ" 12 | "\\d" 13 | "\\D" 14 | "\\e" 15 | "\\u001B" 16 | "\\E" 17 | "\\f" 18 | "\\u000C" 19 | "\\G" 20 | "\\h" 21 | "\\u0009" 22 | "\\H" 23 | "\\k" 24 | "\\n" 25 | "\\N" 26 | "\\p" 27 | "\\P" 28 | "{" 29 | "}" 30 | "\\Q" 31 | "\\r" 32 | "\\u000D" 33 | "\\R" 34 | "\\u000a" 35 | "\\u000b" 36 | "\\u000c" 37 | "\\u000d" 38 | "\\u0085" 39 | "\\u2028" 40 | "\\u2029" 41 | "\\s" 42 | "[\\t\\n\\f\\r\\p{Z}]" 43 | "\\S" 44 | "\\t" 45 | "\\u0009" 46 | "\\u" 47 | "\\uf0ff" 48 | "\\U" 49 | "\\U0010ffff." 50 | "\\v" 51 | "\\V" 52 | "\\w" 53 | "\\W" 54 | "\\x" 55 | "\\xhh" 56 | "\\X" 57 | "\\Z" 58 | "\\z" 59 | "\\n" 60 | "\\0" 61 | "\\0ooo" 62 | "." 63 | "^" 64 | "$" 65 | "\\" 66 | "|" 67 | "*" 68 | "+" 69 | "?" 70 | "," 71 | "*?" 72 | "+?" 73 | "??" 74 | "*+" 75 | "++" 76 | "?+" 77 | "(" 78 | "(?:" 79 | "(?>" 80 | "(?#" 81 | "(?=" 82 | "(?!" 83 | "(?<=" 84 | "(? 6 | #include 7 | 8 | #include "fuzzer_utils.h" 9 | #include "unicode/regex.h" 10 | 11 | IcuEnvironment* env = new IcuEnvironment(); 12 | 13 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 14 | UParseError pe = { 0 }; 15 | UErrorCode status = U_ZERO_ERROR; 16 | URegularExpression* re = uregex_open(reinterpret_cast(data), 17 | static_cast(size) / sizeof(UChar), 18 | 0, &pe, &status); 19 | if (re) 20 | uregex_close(re); 21 | 22 | return 0; 23 | } 24 | -------------------------------------------------------------------------------- /projects/icu/uregex_open_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = regex.dict 3 | -------------------------------------------------------------------------------- /projects/irssi/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER joseph.bisch@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config libglib2.0-dev libncurses5-dev libssl-dev openssl lynx 20 | RUN git clone https://github.com/irssi/irssi 21 | 22 | WORKDIR irssi 23 | COPY build.sh *.options $SRC/ 24 | -------------------------------------------------------------------------------- /projects/irssi/irssi-fuzz.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 2048 3 | -------------------------------------------------------------------------------- /projects/irssi/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/irssi/irssi" 2 | primary_contact: "ahf@irssi.org" 3 | auto_ccs: 4 | - "dx@dxzone.com.ar" 5 | - "staff@irssi.org" 6 | sanitizers: 7 | - address 8 | - memory: 9 | experimental: True 10 | - undefined 11 | -------------------------------------------------------------------------------- /projects/json/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER vitalybuka@chromium.org 19 | RUN apt-get update && apt-get install -y binutils make 20 | 21 | RUN git clone --depth 1 -b develop https://github.com/nlohmann/json.git 22 | WORKDIR json/ 23 | COPY build.sh *.options $SRC/ 24 | -------------------------------------------------------------------------------- /projects/json/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | make FUZZER_ENGINE="-lFuzzingEngine" fuzzers -Ctest 19 | 20 | FUZZER_FILES=$(find test/ -maxdepth 1 -executable -type f) 21 | for F in $FUZZER_FILES; do 22 | cp $F $OUT/ 23 | FUZZER=$(basename $F .cpp) 24 | cp $SRC/fuzzer-parse.options $OUT/$FUZZER.options 25 | done 26 | -------------------------------------------------------------------------------- /projects/json/fuzzer-parse.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 456 3 | timeout = 10 4 | -------------------------------------------------------------------------------- /projects/json/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/nlohmann/json" 2 | primary_contact: "niels.lohmann@gmail.com" 3 | sanitizers: 4 | - address 5 | - undefined 6 | - memory 7 | -------------------------------------------------------------------------------- /projects/jsoncpp/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/open-source-parsers/jsoncpp/" 2 | primary_contact: "cdunn2001@gmail.com" 3 | -------------------------------------------------------------------------------- /projects/lcms/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER kcwu@google.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool 20 | RUN git clone --depth 1 https://github.com/mm2/Little-CMS.git lcms 21 | WORKDIR lcms 22 | COPY build.sh cmsIT8_load_fuzzer.* cms_transform_fuzzer.* icc.dict $SRC/ 23 | -------------------------------------------------------------------------------- /projects/lcms/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # build the target. 19 | ./configure 20 | make -j$(nproc) all 21 | 22 | # build your fuzzer(s) 23 | FUZZERS="cmsIT8_load_fuzzer cms_transform_fuzzer" 24 | for F in $FUZZERS; do 25 | $CC $CFLAGS -c -Iinclude \ 26 | $SRC/$F.c -o $SRC/$F.o 27 | $CXX $CXXFLAGS \ 28 | $SRC/$F.o -o $OUT/$F \ 29 | -lFuzzingEngine src/.libs/liblcms2.a 30 | done 31 | 32 | cp $SRC/icc.dict $SRC/*.options $OUT/ 33 | -------------------------------------------------------------------------------- /projects/lcms/cmsIT8_load_fuzzer.c: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | // 15 | //////////////////////////////////////////////////////////////////////////////// 16 | 17 | #include 18 | 19 | #include "lcms2.h" 20 | 21 | // The main sink 22 | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 23 | if (size == 0) 24 | return 0; 25 | 26 | cmsHANDLE handle = cmsIT8LoadFromMem(0, (void *)data, size); 27 | if (handle) 28 | cmsIT8Free(handle); 29 | 30 | return 0; 31 | } 32 | -------------------------------------------------------------------------------- /projects/lcms/cmsIT8_load_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = icc.dict 3 | -------------------------------------------------------------------------------- /projects/lcms/cms_transform_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = icc.dict 3 | -------------------------------------------------------------------------------- /projects/lcms/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.littlecms.com/" 2 | primary_contact: "marti.maria.s@gmail.com" 3 | sanitizers: 4 | - address 5 | - memory: 6 | experimental: True 7 | - undefined 8 | -------------------------------------------------------------------------------- /projects/libarchive/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER kcwu@google.com 19 | 20 | # Installing optional libraries can utilize more code path and/or improve 21 | # performance (avoid calling external programs). 22 | RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config \ 23 | libbz2-dev liblzo2-dev liblzma-dev liblz4-dev libz-dev \ 24 | libxml2-dev libssl-dev libacl1-dev libattr1-dev 25 | RUN git clone --depth 1 https://github.com/libarchive/libarchive.git 26 | WORKDIR libarchive 27 | COPY build.sh libarchive_fuzzer.cc $SRC/ 28 | -------------------------------------------------------------------------------- /projects/libarchive/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # build the project 19 | ./build/autogen.sh 20 | ./configure 21 | make -j$(nproc) all 22 | 23 | # build fuzzer(s) 24 | $CXX $CXXFLAGS -Ilibarchive \ 25 | $SRC/libarchive_fuzzer.cc -o $OUT/libarchive_fuzzer \ 26 | -lFuzzingEngine .libs/libarchive.a \ 27 | -Wl,-Bstatic -lbz2 -llzo2 -lxml2 -llzma -lz -lcrypto -llz4 -licuuc \ 28 | -licudata -Wl,-Bdynamic 29 | -------------------------------------------------------------------------------- /projects/libarchive/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/libarchive/libarchive" 2 | primary_contact: "joerg.sonnenberger@googlemail.com" 3 | auto_ccs: 4 | - "kientzle@gmail.com" 5 | - "martin@matuska.org" 6 | sanitizers: 7 | - address 8 | - memory: 9 | experimental: True 10 | - undefined 11 | -------------------------------------------------------------------------------- /projects/libass/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER eugeni.stepanov@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config libfreetype6-dev libfontconfig1-dev 20 | 21 | RUN git clone --depth 1 https://github.com/libass/libass.git 22 | RUN git clone --depth 1 https://github.com/behdad/fribidi.git 23 | 24 | COPY build.sh libass_fuzzer.cc *.dict *.options $SRC/ 25 | -------------------------------------------------------------------------------- /projects/libass/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eux 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | cd $SRC/fribidi 19 | ./bootstrap 20 | ./configure --enable-static=yes --enable-shared=no --with-pic=yes --prefix=/work/ 21 | # Don't run "make": it's broken. Run "make install". 22 | make install 23 | 24 | cd $SRC/libass 25 | 26 | export PKG_CONFIG_PATH=/work/lib/pkgconfig 27 | ./autogen.sh 28 | ./configure --disable-asm 29 | make -j$(nproc) 30 | 31 | $CXX $CXXFLAGS -std=c++11 -I$SRC/libass -L/work/lib \ 32 | $SRC/libass_fuzzer.cc -o $OUT/libass_fuzzer \ 33 | -lFuzzingEngine libass/.libs/libass.a \ 34 | -Wl,-Bstatic -lfontconfig -lfribidi -lfreetype -lz -lpng12 \ 35 | -lexpat -Wl,-Bdynamic 36 | 37 | cp $SRC/*.dict $SRC/*.options $OUT/ 38 | -------------------------------------------------------------------------------- /projects/libass/libass_fuzzer.cc: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | #include 5 | 6 | static ASS_Library *ass_library; 7 | static ASS_Renderer *ass_renderer; 8 | 9 | void msg_callback(int level, const char *fmt, va_list va, void *data) { 10 | } 11 | 12 | static const int kFrameWidth = 1280; 13 | static const int kFrameHeight = 720; 14 | 15 | static bool init(int frame_w, int frame_h) { 16 | ass_library = ass_library_init(); 17 | if (!ass_library) { 18 | printf("ass_library_init failed!\n"); 19 | exit(1); 20 | } 21 | 22 | ass_set_message_cb(ass_library, msg_callback, NULL); 23 | 24 | ass_renderer = ass_renderer_init(ass_library); 25 | if (!ass_renderer) { 26 | printf("ass_renderer_init failed!\n"); 27 | exit(1); 28 | } 29 | 30 | ass_set_frame_size(ass_renderer, frame_w, frame_h); 31 | ass_set_fonts(ass_renderer, nullptr, "sans-serif", 32 | ASS_FONTPROVIDER_AUTODETECT, nullptr, 1); 33 | return true; 34 | } 35 | 36 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 37 | static bool initialized = init(kFrameWidth, kFrameHeight); 38 | 39 | ASS_Track *track = ass_read_memory(ass_library, (char *)data, size, nullptr); 40 | if (!track) return 0; 41 | 42 | for (int i = 0; i < track->n_events; ++i) { 43 | ASS_Event &ev = track->events[i]; 44 | long long tm = ev.Start + ev.Duration / 2; 45 | ass_render_frame(ass_renderer, track, tm, nullptr); 46 | } 47 | ass_free_track(track); 48 | return 0; 49 | } 50 | -------------------------------------------------------------------------------- /projects/libass/libass_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = ass.dict 3 | -------------------------------------------------------------------------------- /projects/libass/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/libass/libass" 2 | primary_contact: "greg@kinoho.net" 3 | auto_ccs: 4 | - "rodger.combs@gmail.com" 5 | - "nfxjfg@gmail.com" 6 | - "chortos@inbox.lv" 7 | - "vabnick@gmail.com" 8 | sanitizers: 9 | - address 10 | - memory: 11 | experimental: True 12 | - undefined 13 | -------------------------------------------------------------------------------- /projects/libchewing/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER kcwu@csie.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool texinfo 20 | 21 | RUN git clone --depth 1 https://github.com/chewing/libchewing.git 22 | WORKDIR libchewing 23 | COPY build.sh chewing_fuzzer_common.[ch] chewing_*_fuzzer.c $SRC/ 24 | -------------------------------------------------------------------------------- /projects/libchewing/chewing_default_fuzzer.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include "chewing_fuzzer_common.h" 4 | 5 | int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 6 | fuzz_input = fuzz_ptr = data; 7 | fuzz_size = size; 8 | 9 | const char* stress_argv[] = { 10 | "./chewing_fuzzer", "-loop", "1", NULL, 11 | }; 12 | stress_main(sizeof(stress_argv) / sizeof(stress_argv[0]) - 1, 13 | (char**)stress_argv); 14 | return 0; 15 | } 16 | -------------------------------------------------------------------------------- /projects/libchewing/chewing_dynamic_config_fuzzer.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include "chewing_fuzzer_common.h" 4 | 5 | int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 6 | fuzz_input = fuzz_ptr = data; 7 | fuzz_size = size; 8 | 9 | const char* stress_argv[] = { 10 | "./chewing_fuzzer", "-loop", "1", "-extra", NULL, 11 | }; 12 | stress_main(sizeof(stress_argv) / sizeof(stress_argv[0]) - 1, 13 | (char**)stress_argv); 14 | return 0; 15 | } 16 | -------------------------------------------------------------------------------- /projects/libchewing/chewing_fuzzer_common.c: -------------------------------------------------------------------------------- 1 | #include "chewing_fuzzer_common.h" 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | static char userphrase_path[] = "/tmp/chewing_userphrase.db.XXXXXX"; 9 | 10 | int LLVMFuzzerInitialize(int* argc, char*** argv) { 11 | char* exe_path = (*argv)[0]; 12 | 13 | // dirname() can modify its argument. 14 | char* exe_path_copy = strdup(exe_path); 15 | char* dir = dirname(exe_path_copy); 16 | 17 | // Assume data files are at the same location as executable. 18 | setenv("CHEWING_PATH", dir, 0); 19 | free(exe_path_copy); 20 | 21 | // Specify user db of this process. So we can run multiple fuzzers at the 22 | // same time. 23 | mktemp(userphrase_path); 24 | setenv("TEST_USERPHRASE_PATH", userphrase_path, 0); 25 | return 0; 26 | } 27 | 28 | int get_fuzz_input() { 29 | if (fuzz_ptr - fuzz_input >= fuzz_size) 30 | return EOF; 31 | return *fuzz_ptr++; 32 | } 33 | -------------------------------------------------------------------------------- /projects/libchewing/chewing_fuzzer_common.h: -------------------------------------------------------------------------------- 1 | #ifndef CHEWING_FUZZER_COMMON_H 2 | #define CHEWING_FUZZER_COMMON_H 3 | 4 | #include 5 | #include 6 | 7 | const uint8_t* fuzz_ptr; 8 | const uint8_t* fuzz_input; 9 | size_t fuzz_size; 10 | 11 | int stress_main(int argc, char** argv); 12 | 13 | #endif 14 | -------------------------------------------------------------------------------- /projects/libchewing/chewing_random_init_fuzzer.c: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include "chewing_fuzzer_common.h" 4 | 5 | int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 6 | fuzz_input = fuzz_ptr = data; 7 | fuzz_size = size; 8 | 9 | const char* stress_argv[] = { 10 | "./chewing_fuzzer", "-loop", "1", "-init", NULL, 11 | }; 12 | stress_main(sizeof(stress_argv) / sizeof(stress_argv[0]) - 1, 13 | (char**)stress_argv); 14 | return 0; 15 | } 16 | -------------------------------------------------------------------------------- /projects/libchewing/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://chewing.im/" 2 | disabled: true 3 | -------------------------------------------------------------------------------- /projects/libidn/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER rockdaboot@gmail.com 19 | RUN apt-get update && apt-get install -y \ 20 | pkg-config \ 21 | autopoint \ 22 | autoconf \ 23 | automake \ 24 | libtool \ 25 | gettext gengetopt curl gperf 26 | 27 | RUN git clone --depth=1 https://git.savannah.gnu.org/git/libidn.git 28 | 29 | WORKDIR libidn 30 | COPY build.sh $SRC/ 31 | -------------------------------------------------------------------------------- /projects/libidn/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # avoid iconv() memleak on Ubuntu 16.04 image (breaks test suite) 19 | export ASAN_OPTIONS=detect_leaks=0 20 | 21 | make CFGFLAGS="--enable-static --disable-doc" 22 | make clean 23 | make -j1 24 | make -j$(nproc) check 25 | 26 | cd fuzz 27 | make oss-fuzz 28 | find . -name '*_fuzzer.dict' -exec cp -v '{}' $OUT ';' 29 | find . -name '*_fuzzer.options' -exec cp -v '{}' $OUT ';' 30 | 31 | for fuzzer in *_fuzzer; do 32 | cp -p "${fuzzer}" "$OUT" 33 | 34 | if [ -f "$SRC/${fuzzer}_seed_corpus.zip" ]; then 35 | cp "$SRC/${fuzzer}_seed_corpus.zip" "$OUT/" 36 | fi 37 | 38 | if [ -d "${fuzzer}.in/" ]; then 39 | zip -rj "$OUT/${fuzzer}_seed_corpus.zip" "${fuzzer}.in/" 40 | fi 41 | done 42 | -------------------------------------------------------------------------------- /projects/libidn/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.gnu.org/software/libidn/" 2 | primary_contact: "rockdaboot@gmail.com" 3 | auto_ccs: 4 | - "tim.ruehsen@gmx.de" 5 | - "simon@josefsson.org" 6 | -------------------------------------------------------------------------------- /projects/libidn2/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER rockdaboot@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake gettext libtool autopoint pkg-config gengetopt curl gperf 20 | 21 | RUN git clone --depth=1 --recursive https://gitlab.com/libidn/libidn2.git 22 | 23 | WORKDIR libidn2 24 | COPY build.sh $SRC/ 25 | -------------------------------------------------------------------------------- /projects/libidn2/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | ./bootstrap 19 | # switch off leak detection for ./configure run to detect iconv() correctly 20 | ASAN_OPTIONS=detect_leaks=0 ./configure --enable-static --disable-shared --disable-doc --disable-gcc-warnings 21 | make clean 22 | make -j$(nproc) check 23 | 24 | cd fuzz 25 | make oss-fuzz 26 | find . -name '*_fuzzer' -exec cp -v '{}' $OUT ';' 27 | find . -name '*_fuzzer.dict' -exec cp -v '{}' $OUT ';' 28 | find . -name '*_fuzzer.options' -exec cp -v '{}' $OUT ';' 29 | 30 | for dir in *_fuzzer.in; do 31 | fuzzer=$(basename $dir .in) 32 | zip -rj "$OUT/${fuzzer}_seed_corpus.zip" "${dir}/" 33 | done 34 | -------------------------------------------------------------------------------- /projects/libidn2/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://gitlab.com/libidn/libidn2" 2 | primary_contact: "rockdaboot@gmail.com" 3 | auto_ccs: 4 | - "n.mavrogiannopoulos@gmail.com" 5 | - "simon@josefsson.org" 6 | -------------------------------------------------------------------------------- /projects/libjpeg-turbo/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER alex.gaynor@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool nasm curl 20 | RUN git clone --depth 1 https://github.com/libjpeg-turbo/libjpeg-turbo 21 | 22 | RUN mkdir afl-testcases 23 | RUN cd afl-testcases/ && curl http://lcamtuf.coredump.cx/afl/demo/afl_testcases.tgz | tar -xz 24 | RUN zip libjpeg_turbo_fuzzer_seed_corpus.zip afl-testcases/jpeg/full/images/* afl-testcases/jpeg_turbo/full/images/* $SRC/libjpeg-turbo/testimages/* 25 | 26 | WORKDIR libjpeg-turbo 27 | COPY build.sh constructFuzzer.sh libjpeg_turbo_fuzzer.cc $SRC/ 28 | -------------------------------------------------------------------------------- /projects/libjpeg-turbo/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | autoreconf -fiv 19 | ./configure 20 | make "-j$(nproc)" 21 | 22 | $SRC/constructFuzzer.sh $SRC/libjpeg_turbo_fuzzer2.cc 23 | 24 | if [ -f ./.libs/libturbojpeg.a ]; then 25 | $CXX $CXXFLAGS -std=c++11 -I. \ 26 | $SRC/libjpeg_turbo_fuzzer2.cc -o $OUT/libjpeg_turbo_fuzzer \ 27 | -lFuzzingEngine ./.libs/libturbojpeg.a 28 | else 29 | $CXX $CXXFLAGS -std=c++11 -I. \ 30 | $SRC/libjpeg_turbo_fuzzer2.cc -o $OUT/libjpeg_turbo_fuzzer \ 31 | -lFuzzingEngine ./.libs/libjpeg.a 32 | fi 33 | 34 | cp $SRC/libjpeg_turbo_fuzzer_seed_corpus.zip $OUT/ 35 | -------------------------------------------------------------------------------- /projects/libjpeg-turbo/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/libjpeg-turbo/libjpeg-turbo" 2 | sanitizers: 3 | - address 4 | - memory 5 | - undefined 6 | -------------------------------------------------------------------------------- /projects/libmicrohttpd/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.gnu.org/s/libmicrohttpd/" 2 | primary_contact: "christian@grothoff.org" 3 | auto_ccs: 4 | - "k2k@narod.ru" 5 | -------------------------------------------------------------------------------- /projects/libplist/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER nikias@gmx.li 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config 20 | 21 | RUN git clone --depth 1 https://github.com/libimobiledevice/libplist 22 | WORKDIR libplist 23 | 24 | COPY build.sh $SRC/ 25 | -------------------------------------------------------------------------------- /projects/libplist/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # 3 | # Copyright 2016 Google Inc. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | ################################################################################ 18 | 19 | ./autogen.sh --without-cython --enable-debug 20 | make -j$(nproc) clean 21 | make -j$(nproc) all 22 | 23 | for fuzzer in bplist_fuzzer xplist_fuzzer; do 24 | $CXX $CXXFLAGS -std=c++11 -Iinclude/ \ 25 | fuzz/$fuzzer.cc -o $OUT/$fuzzer \ 26 | -lFuzzingEngine src/.libs/libplist.a 27 | done 28 | 29 | zip -j $OUT/bplist_fuzzer_seed_corpus.zip test/data/*.bplist 30 | zip -j $OUT/xplist_fuzzer_seed_corpus.zip test/data/*.plist 31 | 32 | cp fuzz/*.dict fuzz/*.options $OUT/ 33 | -------------------------------------------------------------------------------- /projects/libplist/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/libimobiledevice/libplist" 2 | primary_contact: "nikias.bassen@gmail.com" 3 | auto_ccs: 4 | - "nikias@gmx.li" 5 | sanitizers: 6 | - address 7 | - memory 8 | - undefined 9 | -------------------------------------------------------------------------------- /projects/libpng/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mmoroz@chromium.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool zlib1g-dev 20 | 21 | RUN git clone --depth 1 https://github.com/glennrp/libpng.git 22 | WORKDIR libpng 23 | COPY build.sh libpng_read_fuzzer.* png.dict $SRC/ 24 | -------------------------------------------------------------------------------- /projects/libpng/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # Disable logging via library build configuration control. 19 | cat scripts/pnglibconf.dfa | sed -e "s/option STDIO/option STDIO disabled/" \ 20 | > scripts/pnglibconf.dfa.temp 21 | mv scripts/pnglibconf.dfa.temp scripts/pnglibconf.dfa 22 | 23 | # build the library. 24 | autoreconf -f -i 25 | ./configure 26 | make -j$(nproc) clean 27 | make -j$(nproc) all 28 | 29 | # build libpng_read_fuzzer. 30 | $CXX $CXXFLAGS -std=c++11 -I. -lz \ 31 | $SRC/libpng_read_fuzzer.cc -o $OUT/libpng_read_fuzzer \ 32 | -lFuzzingEngine .libs/libpng16.a 33 | 34 | # add seed corpus. 35 | find $SRC/libpng -name "*.png" | xargs zip $OUT/libpng_read_fuzzer_seed_corpus.zip 36 | 37 | cp $SRC/*.dict $SRC/*.options $OUT/ 38 | -------------------------------------------------------------------------------- /projects/libpng/libpng_read_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = png.dict 3 | -------------------------------------------------------------------------------- /projects/libpng/png.dict: -------------------------------------------------------------------------------- 1 | # 2 | # AFL dictionary for PNG images 3 | # ----------------------------- 4 | # 5 | # Just the basic, standard-originating sections; does not include vendor 6 | # extensions. 7 | # 8 | # Created by Michal Zalewski 9 | # 10 | 11 | header_png="\x89PNG\x0d\x0a\x1a\x0a" 12 | 13 | section_IDAT="IDAT" 14 | section_IEND="IEND" 15 | section_IHDR="IHDR" 16 | section_PLTE="PLTE" 17 | section_bKGD="bKGD" 18 | section_cHRM="cHRM" 19 | section_eXIf="eXIf" 20 | section_fRAc="fRAc" 21 | section_gAMA="gAMA" 22 | section_gIFg="gIFg" 23 | section_gIFt="gIFt" 24 | section_gIFx="gIFx" 25 | section_hIST="hIST" 26 | section_iCCP="iCCP" 27 | section_iTXt="iTXt" 28 | section_oFFs="oFFs" 29 | section_pCAL="pCAL" 30 | section_pHYs="pHYs" 31 | section_sBIT="sBIT" 32 | section_sCAL="sCAL" 33 | section_sPLT="sPLT" 34 | section_sRGB="sRGB" 35 | section_sTER="sTER" 36 | section_tEXt="tEXt" 37 | section_tIME="tIME" 38 | section_tRNS="tRNS" 39 | section_zTXt="zTXt" 40 | -------------------------------------------------------------------------------- /projects/libpng/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.libpng.org/pub/png/libpng.html" 2 | primary_contact: "glennrp@gmail.com" 3 | sanitizers: 4 | - address 5 | - memory: 6 | experimental: True 7 | - undefined 8 | -------------------------------------------------------------------------------- /projects/libprotobuf-mutator/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER vitalybuka@chromium.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config cmake \ 20 | ninja-build liblzma-dev libz-dev docbook2x 21 | 22 | RUN git clone --depth 1 https://github.com/google/libprotobuf-mutator.git 23 | WORKDIR libprotobuf-mutator 24 | 25 | COPY build.sh *.dict *.options $SRC/ 26 | -------------------------------------------------------------------------------- /projects/libprotobuf-mutator/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # 3 | # Copyright 2017 Google Inc. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | ################################################################################ 18 | 19 | cp -f $SRC/*.dict $SRC/*.options $OUT/ 20 | 21 | mkdir -p build 22 | pushd build 23 | rm -rf * 24 | cmake .. -GNinja -DCMAKE_BUILD_TYPE=Release \ 25 | -DLIB_PROTO_MUTATOR_DOWNLOAD_PROTOBUF=ON \ 26 | -DLIB_PROTO_MUTATOR_FUZZER_LIBRARIES=FuzzingEngine 27 | ninja libxml2_example expat_example 28 | cp -f examples/libxml2/libxml2_example $OUT/ 29 | cp -f examples/expat/expat_example $OUT/ 30 | popd 31 | -------------------------------------------------------------------------------- /projects/libprotobuf-mutator/expat_example.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = xml.dict 3 | max_len=1024 4 | -------------------------------------------------------------------------------- /projects/libprotobuf-mutator/libxml2_example.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = xml.dict 3 | max_len=1000 4 | detect_leaks=0 5 | -------------------------------------------------------------------------------- /projects/libprotobuf-mutator/project.yaml: -------------------------------------------------------------------------------- 1 | auto_ccs: 2 | - "vitalybuka@chromium.org" 3 | -------------------------------------------------------------------------------- /projects/libprotobuf-mutator/xml.dict: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | "" 18 | "" 19 | "&a;" 20 | "<" 21 | "1.0" 22 | "ANY" 23 | "ATTLIST" 24 | "CDATA" 25 | "DOCTYPE" 26 | "EBCDIC" 27 | "ELEMENT" 28 | "EMPTY" 29 | "ENTITIES" 30 | "ENTITY" 31 | "FIXED" 32 | "ID" 33 | "IDREF" 34 | "IDREFS" 35 | "IGNORE" 36 | "IMPLIED" 37 | "INCLUDE" 38 | "ISO-8859-1" 39 | "NDATA" 40 | "NMTOKENS" 41 | "NOTATION" 42 | "PCDATA" 43 | "PUBLIC" 44 | "REQUIRED" 45 | "SYSTEM" 46 | "UCS-4" 47 | "US-ASCII" 48 | "UTF-16" 49 | "UTF-16BE" 50 | "UTF-16LE" 51 | "UTF-8" 52 | "\"http://www.w3.org/1999/xhtml\"" 53 | "\"http://www.w3.org/2000/xmlns\"" 54 | "\"http://www.w3.org/XML/1998/namespace\"" 55 | "fallback" 56 | "http://" 57 | "https://" 58 | "include" 59 | "schema" 60 | "xml" 61 | "xml:lang" 62 | "xml:space" 63 | "xmlns" 64 | "xmlns:" 65 | -------------------------------------------------------------------------------- /projects/libpsl/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/rockdaboot/libpsl" 2 | primary_contact: "rockdaboot@gmail.com" 3 | auto_ccs: 4 | - "tim.ruehsen@gmx.de" 5 | -------------------------------------------------------------------------------- /projects/librawspeed/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER lebedev.ri@gmail.com 19 | RUN apt-get update && apt-get install -y cmake make 20 | RUN git clone --depth 1 https://github.com/darktable-org/rawspeed.git librawspeed 21 | WORKDIR librawspeed 22 | COPY build.sh $SRC/ 23 | -------------------------------------------------------------------------------- /projects/librawspeed/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2017 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | set -e 19 | 20 | cd "$WORK" 21 | mkdir build 22 | cd build 23 | 24 | cmake \ 25 | -G"Unix Makefiles" -DBINARY_PACKAGE_BUILD=ON \ 26 | -DWITH_PTHREADS=OFF -DWITH_OPENMP=OFF \ 27 | -DWITH_PUGIXML=OFF -DUSE_XMLLINT=OFF -DWITH_JPEG=OFF -DWITH_ZLIB=OFF \ 28 | -DBUILD_TESTING=OFF -DBUILD_TOOLS=OFF -DBUILD_BENCHMARKING=OFF \ 29 | -DCMAKE_BUILD_TYPE=FUZZ -DBUILD_FUZZERS=ON \ 30 | -DLIBFUZZER_ARCHIVE:FILEPATH="$LIB_FUZZING_ENGINE" \ 31 | -DCMAKE_INSTALL_PREFIX:PATH="$OUT" -DCMAKE_INSTALL_BINDIR:PATH="$OUT" \ 32 | "$SRC/librawspeed/" 33 | 34 | make -j$(nproc) all && make -j$(nproc) install 35 | 36 | cd "$SRC" 37 | rm -rf "$WORK/build" 38 | -------------------------------------------------------------------------------- /projects/librawspeed/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/darktable-org/rawspeed" 2 | primary_contact: "lebedev.ri@gmail.com" 3 | -------------------------------------------------------------------------------- /projects/libreoffice/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | 3 | $SRC/libreoffice/bin/oss-fuzz-build.sh 4 | -------------------------------------------------------------------------------- /projects/libreoffice/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.libreoffice.org/" 2 | primary_contact: "caolanm@redhat.com" 3 | auto_ccs: 4 | - "officesecurity@lists.freedesktop.org" 5 | - "damjan.jov@gmail.com" 6 | - "sbergman@redhat.com" 7 | sanitizers: 8 | - address 9 | fuzzing_engines: 10 | - libfuzzer 11 | -------------------------------------------------------------------------------- /projects/libssh/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER alex.gaynor@gmail.com 19 | RUN apt-get update && apt-get install -y cmake zlib1g-dev libssl-dev 20 | 21 | # Can't use --depth=1 because git.libssh.org is using the "dumb" HTTP 22 | # transport, which doesn't support it. 23 | RUN git clone https://git.libssh.org/projects/libssh.git 24 | 25 | WORKDIR libssh 26 | COPY build.sh libssh_server_fuzzer.cc $SRC/ 27 | -------------------------------------------------------------------------------- /projects/libssh/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | mkdir -p build 19 | pushd build 20 | cmake -DCMAKE_C_COMPILER="$CC" -DCMAKE_CXX_COMPILER="$CXX" \ 21 | -DCMAKE_C_FLAGS="$CFLAGS" -DCMAKE_CXX_FLAGS="$CXXFLAGS" \ 22 | -DWITH_STATIC_LIB=ON .. 23 | make "-j$(nproc)" 24 | popd 25 | 26 | $CXX $CXXFLAGS -std=c++11 -Iinclude/ \ 27 | "$SRC/libssh_server_fuzzer.cc" -o "$OUT/libssh_server_fuzzer" \ 28 | -lFuzzingEngine ./build/src/libssh.a -Wl,-Bstatic -lcrypto -lz -Wl,-Bdynamic 29 | -------------------------------------------------------------------------------- /projects/libssh/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://libssh.org/" 2 | primary_contact: "asn@cryptomilk.org" 3 | auto_ccs: 4 | - "cryptomilk@gmail.com" 5 | sanitizers: 6 | - address 7 | - memory: 8 | experimental: True 9 | - undefined 10 | -------------------------------------------------------------------------------- /projects/libteken/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER kcwu@csie.org 19 | RUN apt-get update && apt-get install -y pmake 20 | RUN svn co https://svn.freebsd.org/base/head/sys/teken libteken 21 | WORKDIR libteken 22 | COPY build.sh libteken_fuzzer.c $SRC/ 23 | -------------------------------------------------------------------------------- /projects/libteken/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # build the library. 19 | pmake -C libteken teken_state.h 20 | CFLAGS="$CFLAGS -D__unused=" pmake -C libteken libteken.a 21 | 22 | $CC $CFLAGS -c $SRC/libteken_fuzzer.c -o $SRC/libteken_fuzzer.o -I. 23 | $CXX $CXXFLAGS $SRC/libteken_fuzzer.o \ 24 | -o $OUT/libteken_fuzzer \ 25 | -lFuzzingEngine libteken/libteken.a 26 | -------------------------------------------------------------------------------- /projects/libteken/libteken_fuzzer.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | #include 5 | 6 | static void dummy_bell(void *s) {} 7 | static void dummy_cursor(void *s, const teken_pos_t *p) {} 8 | static void dummy_putchar(void *s, const teken_pos_t *p, teken_char_t c, 9 | const teken_attr_t *a) {} 10 | static void dummy_fill(void *s, const teken_rect_t *r, teken_char_t c, 11 | const teken_attr_t *a) {} 12 | static void dummy_copy(void *s, const teken_rect_t *r, const teken_pos_t *p) {} 13 | static void dummy_param(void *s, int cmd, unsigned int value) {} 14 | static void dummy_respond(void *s, const void *buf, size_t len) {} 15 | 16 | static teken_funcs_t tf = { 17 | .tf_bell = dummy_bell, 18 | .tf_cursor = dummy_cursor, 19 | .tf_putchar = dummy_putchar, 20 | .tf_fill = dummy_fill, 21 | .tf_copy = dummy_copy, 22 | .tf_param = dummy_param, 23 | .tf_respond = dummy_respond, 24 | }; 25 | 26 | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 27 | teken_t t; 28 | teken_init(&t, &tf, NULL); 29 | teken_input(&t, data, size); 30 | return 0; 31 | } 32 | -------------------------------------------------------------------------------- /projects/libteken/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://80386.nl/projects/libteken/" 2 | sanitizers: 3 | - address 4 | - memory 5 | - undefined 6 | -------------------------------------------------------------------------------- /projects/libtsm/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER kcwu@csie.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config 20 | 21 | RUN git clone --depth 1 git://people.freedesktop.org/~dvdhrm/libtsm 22 | WORKDIR libtsm 23 | COPY build.sh libtsm_fuzzer.c $SRC/ 24 | -------------------------------------------------------------------------------- /projects/libtsm/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # build the library. 19 | ./autogen.sh 20 | make -j$(nproc) clean 21 | make -j$(nproc) all 22 | 23 | # build your fuzzer(s) 24 | $CC $CFLAGS -c $SRC/libtsm_fuzzer.c -Isrc/tsm -o $SRC/libtsm_fuzzer.o 25 | $CXX $CXXFLAGS \ 26 | -o $OUT/libtsm_fuzzer \ 27 | $SRC/libtsm_fuzzer.o \ 28 | .libs/libtsm.a \ 29 | -lFuzzingEngine 30 | -------------------------------------------------------------------------------- /projects/libtsm/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.freedesktop.org/wiki/Software/kmscon/libtsm/" 2 | primary_contact: "dh.herrmann@gmail.com" 3 | sanitizers: 4 | - address 5 | - memory 6 | - undefined 7 | -------------------------------------------------------------------------------- /projects/libxml2/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER ochang@chromium.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config 20 | 21 | RUN git clone --depth 1 git://git.gnome.org/libxml2 22 | WORKDIR libxml2 23 | 24 | COPY patch.diff $SRC/ 25 | COPY build.sh $SRC/ 26 | COPY libxml2_xml_read_memory_fuzzer.* \ 27 | libxml2_xml_regexp_compile_fuzzer.* \ 28 | xml.dict $SRC/ 29 | -------------------------------------------------------------------------------- /projects/libxml2/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # 3 | # Copyright 2016 Google Inc. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | ################################################################################ 18 | 19 | set +eu 20 | patch -f < $SRC/patch.diff 21 | set -eu 22 | 23 | ./autogen.sh 24 | ./configure --prefix $SRC/build 25 | make -j$(nproc) clean 26 | make -j$(nproc) all 27 | make install 28 | 29 | for fuzzer in libxml2_xml_read_memory_fuzzer libxml2_xml_regexp_compile_fuzzer; do 30 | $CXX $CXXFLAGS -std=c++11 -Iinclude/ \ 31 | $SRC/$fuzzer.cc -o $OUT/$fuzzer \ 32 | -lFuzzingEngine .libs/libxml2.a 33 | done 34 | 35 | cp $SRC/*.dict $SRC/*.options $OUT/ 36 | -------------------------------------------------------------------------------- /projects/libxml2/libxml2_xml_read_memory_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = xml.dict 3 | -------------------------------------------------------------------------------- /projects/libxml2/libxml2_xml_regexp_compile_fuzzer.cc: -------------------------------------------------------------------------------- 1 | // Copyright 2016 The Chromium Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style license that can be 3 | // found in the LICENSE file. 4 | 5 | #include 6 | #include 7 | 8 | #include 9 | #include 10 | #include 11 | 12 | #include "libxml/parser.h" 13 | #include "libxml/tree.h" 14 | #include "libxml/xmlversion.h" 15 | 16 | 17 | void ignore (void * ctx, const char * msg, ...) { 18 | // Error handler to avoid spam of error messages from libxml parser. 19 | } 20 | 21 | 22 | // Entry point for LibFuzzer. 23 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 24 | xmlSetGenericErrorFunc(NULL, &ignore); 25 | 26 | std::vector buffer(size + 1, 0); 27 | std::copy(data, data + size, buffer.data()); 28 | 29 | xmlRegexpPtr x = xmlRegexpCompile(buffer.data()); 30 | if (x) 31 | xmlRegFreeRegexp(x); 32 | 33 | return 0; 34 | } 35 | -------------------------------------------------------------------------------- /projects/libxml2/libxml2_xml_regexp_compile_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = xml.dict 3 | -------------------------------------------------------------------------------- /projects/libxml2/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.xmlsoft.org/" 2 | auto_ccs: 3 | - "dominicc@chromium.org" 4 | - "ddkilzer@apple.com" 5 | - "benl@google.com" 6 | - "wellnhofer@aevum.de" 7 | sanitizers: 8 | - address 9 | - memory 10 | - undefined 11 | -------------------------------------------------------------------------------- /projects/libxslt/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.xmlsoft.org/libxslt/" 2 | primary_contact: "wellnhofer@aevum.de" 3 | auto_ccs: 4 | - "dominicc@chromium.org" 5 | - "ddkilzer@apple.com" 6 | sanitizers: 7 | - address 8 | - memory 9 | - undefined 10 | -------------------------------------------------------------------------------- /projects/libyaml/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER alex.gaynor@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool 20 | 21 | RUN git clone --depth=1 https://github.com/yaml/libyaml 22 | RUN zip libyaml_fuzzer_seed_corpus.zip libyaml/examples/* 23 | 24 | WORKDIR libyaml 25 | COPY build.sh libyaml_fuzzer.cc libyaml_fuzzer.options yaml.dict $SRC/ 26 | -------------------------------------------------------------------------------- /projects/libyaml/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | ./bootstrap 18 | ./configure 19 | make "-j$(nproc)" 20 | 21 | $CXX $CXXFLAGS -std=c++11 -Iinclude \ 22 | $SRC/libyaml_fuzzer.cc -o $OUT/libyaml_fuzzer \ 23 | -lFuzzingEngine src/.libs/libyaml.a 24 | 25 | cp $SRC/libyaml_fuzzer_seed_corpus.zip $OUT/ 26 | cp $SRC/*.dict $SRC/*.options $OUT/ 27 | -------------------------------------------------------------------------------- /projects/libyaml/libyaml_fuzzer.cc: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include 4 | 5 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 6 | yaml_parser_t parser; 7 | yaml_parser_initialize(&parser); 8 | yaml_parser_set_input_string(&parser, data, size); 9 | 10 | int done = 0; 11 | while (!done) { 12 | yaml_event_t event; 13 | if (!yaml_parser_parse(&parser, &event)) { 14 | break; 15 | } 16 | done = (event.type == YAML_STREAM_END_EVENT); 17 | yaml_event_delete(&event); 18 | } 19 | yaml_parser_delete(&parser); 20 | return 0; 21 | } 22 | -------------------------------------------------------------------------------- /projects/libyaml/libyaml_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = yaml.dict 3 | -------------------------------------------------------------------------------- /projects/libyaml/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: https://github.com/yaml/libyaml 2 | primary_contact: "sigmavirus24@gmail.com" 3 | auto_ccs: 4 | - "alex.gaynor@gmail.com" 5 | sanitizers: 6 | - address 7 | - memory 8 | - undefined 9 | -------------------------------------------------------------------------------- /projects/libyaml/yaml.dict: -------------------------------------------------------------------------------- 1 | "[" 2 | "]" 3 | "{" 4 | "}" 5 | "-" 6 | "," 7 | "&" 8 | "<<" 9 | ":" 10 | "|" 11 | "!!" 12 | ">" 13 | "\"" 14 | "'" 15 | 16 | integer="123" 17 | float="12.5" 18 | mantissa="1.3e+9" 19 | -------------------------------------------------------------------------------- /projects/llvm_libcxxabi/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER kcc@google.com 19 | RUN apt-get update && apt-get install -y subversion wget 20 | 21 | RUN svn co https://llvm.org/svn/llvm-project/libcxxabi/trunk llvm_libcxxabi 22 | WORKDIR llvm_libcxxabi 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/llvm_libcxxabi/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eux 2 | # 3 | # Copyright 2016 Google Inc. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | ################################################################################ 18 | if ! [ -d fuzz ]; then 19 | mkdir fuzz 20 | fi 21 | pushd fuzz >/dev/null 22 | wget https://raw.githubusercontent.com/llvm-mirror/libcxxabi/master/fuzz/cxa_demangle_fuzzer.cpp 23 | popd >/dev/null 24 | 25 | $CXX $CXXFLAGS -std=c++11 -g src/cxa_demangle.cpp -Iinclude fuzz/cxa_demangle_fuzzer.cpp \ 26 | -o $OUT/cxa_demangle_fuzzer -lFuzzingEngine 27 | -------------------------------------------------------------------------------- /projects/llvm_libcxxabi/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://libcxxabi.llvm.org/" 2 | primary_contact: "kcc@google.com" 3 | auto_ccs: 4 | - "Erik.Pilkington@gmail.com" 5 | sanitizers: 6 | - address 7 | - memory 8 | - undefined 9 | -------------------------------------------------------------------------------- /projects/mosh/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://mosh.org" 2 | primary_contact: "keithw@cs.stanford.edu" 3 | auto_ccs: 4 | - "cgull@glup.org" 5 | - "andersk@mit.edu" 6 | - "achernya@google.com" 7 | - "mosh-security@mit.edu" 8 | -------------------------------------------------------------------------------- /projects/netdata/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://my-netdata.io" 2 | primary_contact: "costa@tsaousis.gr" 3 | -------------------------------------------------------------------------------- /projects/nghttp2/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER tatsuhiro.t@gmail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config 20 | RUN git clone --depth 1 https://github.com/nghttp2/nghttp2.git 21 | WORKDIR nghttp2 22 | COPY build.sh *.options $SRC/ 23 | -------------------------------------------------------------------------------- /projects/nghttp2/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | autoreconf -i 19 | ./configure --enable-lib-only 20 | make -j$(nproc) all 21 | 22 | $CXX $CXXFLAGS -std=c++11 -Ilib/includes \ 23 | fuzz/fuzz_target.cc -o $OUT/nghttp2_fuzzer \ 24 | -lFuzzingEngine lib/.libs/libnghttp2.a 25 | 26 | cp $SRC/*.options $OUT 27 | 28 | zip -j $OUT/nghttp2_fuzzer_seed_corpus.zip fuzz/corpus/*/* 29 | -------------------------------------------------------------------------------- /projects/nghttp2/nghttp2_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 1024 3 | -------------------------------------------------------------------------------- /projects/nghttp2/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://nghttp2.org/" 2 | primary_contact: "tatsuhiro.t@gmail.com" 3 | sanitizers: 4 | - address 5 | - memory 6 | - undefined 7 | -------------------------------------------------------------------------------- /projects/nginx/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://nginx.org" 2 | primary_contact: "xim.andrew@gmail.com" 3 | -------------------------------------------------------------------------------- /projects/nodejs/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://nodejs.org" 2 | primary_contact: "security@nodejs.org" 3 | -------------------------------------------------------------------------------- /projects/nss/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mmoroz@chromium.org 19 | RUN apt-get update && apt-get install -y make mercurial zlib1g-dev gyp ninja-build libssl-dev 20 | 21 | RUN hg clone https://hg.mozilla.org/projects/nspr nspr 22 | RUN hg clone https://hg.mozilla.org/projects/nss nss 23 | RUN git clone --depth 1 https://github.com/mozilla/nss-fuzzing-corpus.git nss-corpus 24 | 25 | WORKDIR nss 26 | COPY build.sh $SRC/ 27 | -------------------------------------------------------------------------------- /projects/nss/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | 19 | # Build NSS with fuzzers. 20 | ./automation/ossfuzz/build.sh 21 | -------------------------------------------------------------------------------- /projects/nss/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS" 2 | primary_contact: "ttaubert@mozilla.com" 3 | auto_ccs: 4 | - "fkiefer@mozilla.com" 5 | fuzzing_engines: 6 | - libfuzzer 7 | - afl 8 | -------------------------------------------------------------------------------- /projects/open62541/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER git@s.profanter.me 19 | RUN apt-get update && apt-get install -y make cmake 20 | RUN git clone --depth 1 https://github.com/open62541/open62541.git -bmaster open62541 21 | WORKDIR open62541 22 | RUN git submodule update --init --recursive 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/open62541/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2017 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | mkdir -p $WORK/open62541 19 | cd $WORK/open62541 20 | 21 | # LOGLEVEL: 22 | # <= 100 TRACE 23 | # <= 200 DEBUG 24 | # <= 300 INFO 25 | # <= 400 WARNING 26 | # <= 500 ERROR 27 | # <= 600 FATAL 28 | # > 600 No LOG output 29 | 30 | cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DUA_ENABLE_AMALGAMATION=OFF \ 31 | -DBUILD_SHARED_LIBS=OFF -DUA_BUILD_EXAMPLES=OFF -DUA_LOGLEVEL=600 \ 32 | -DUA_BUILD_OSS_FUZZ=ON \ 33 | $SRC/open62541/ 34 | 35 | # This also builds all the fuzz targets and places them in the $OUT directory 36 | # Only build with one process otherwise amalgamation fails. 37 | make -j1 38 | 39 | # Copy the corpus, dict and options to the $OUT dir 40 | $SRC/open62541/tests/fuzz/oss-fuzz-copy.sh 41 | 42 | echo "Built all fuzzer targets." 43 | -------------------------------------------------------------------------------- /projects/open62541/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://open62541.org/" 2 | primary_contact: "Stefan.Profanter@gmail.com" 3 | auto_ccs: 4 | - "julius.pfrommer@gmail.com" 5 | - "f.palm@plt.rwth-aachen.de" 6 | - "chris_paul.iatrou@tu-dresden.de" 7 | sanitizers: 8 | - address 9 | - undefined 10 | - memory -------------------------------------------------------------------------------- /projects/openjpeg/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER antonin@gmail.com 19 | RUN apt-get update && apt-get install -y make cmake g++ 20 | RUN git clone --depth 1 https://github.com/uclouvain/openjpeg openjpeg 21 | # openjpeg-data is used to create a seed corpus 22 | RUN git clone --depth 1 https://github.com/uclouvain/openjpeg-data openjpeg/data 23 | WORKDIR openjpeg 24 | COPY build.sh $SRC/ 25 | -------------------------------------------------------------------------------- /projects/openjpeg/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2017 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | mkdir build 19 | cd build 20 | cmake .. 21 | make clean -s 22 | make -j$(nproc) -s 23 | cd .. 24 | 25 | ./tests/fuzzers/build_google_oss_fuzzers.sh 26 | ./tests/fuzzers/build_seed_corpus.sh 27 | -------------------------------------------------------------------------------- /projects/openjpeg/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.openjpeg.org/" 2 | primary_contact: "antonin@gmail.com" 3 | auto_ccs: 4 | - "even.rouault@gmail.com" 5 | -------------------------------------------------------------------------------- /projects/openssl/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER kurt@roeckx.be 19 | RUN apt-get update && apt-get install -y make 20 | RUN git clone --depth 1 https://github.com/openssl/openssl.git 21 | WORKDIR openssl 22 | COPY build.sh *.options $SRC/ 23 | -------------------------------------------------------------------------------- /projects/openssl/bignum.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 2048 3 | -------------------------------------------------------------------------------- /projects/openssl/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | CONFIGURE_FLAGS="" 19 | if [[ $CFLAGS = *sanitize=memory* ]] 20 | then 21 | CONFIGURE_FLAGS="no-asm" 22 | fi 23 | 24 | ./config --debug enable-fuzz-libfuzzer -DPEDANTIC -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION no-shared enable-tls1_3 enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-ssl3 enable-ssl3-method enable-nextprotoneg enable-weak-ssl-ciphers --with-fuzzer-lib=/usr/lib/libFuzzingEngine $CFLAGS -fno-sanitize=alignment $CONFIGURE_FLAGS 25 | 26 | make -j$(nproc) LDCMD="$CXX $CXXFLAGS" 27 | 28 | fuzzers=$(find fuzz -executable -type f '!' -name \*.py '!' -name \*-test) 29 | for f in $fuzzers; do 30 | fuzzer=$(basename $f) 31 | cp $f $OUT/ 32 | zip -j $OUT/${fuzzer}_seed_corpus.zip fuzz/corpora/${fuzzer}/* 33 | done 34 | 35 | cp $SRC/*.options $OUT/ 36 | -------------------------------------------------------------------------------- /projects/openssl/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.openssl.org/" 2 | primary_contact: "kurt@roeckx.be" 3 | auto_ccs: 4 | - "openssl-security@openssl.org" 5 | - "benl@google.com" 6 | - "snhenson@gmail.com" 7 | - "appronym@gmail.com" 8 | - "ekasper@google.com" 9 | - "rich.salz@gmail.com" 10 | - "caswell.matt@googlemail.com" 11 | - "richard@levitte.org" 12 | sanitizers: 13 | - address 14 | - memory: 15 | experimental: True 16 | - undefined 17 | -------------------------------------------------------------------------------- /projects/openthread/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER jonhui@nestlabs.com 19 | 20 | RUN apt-get update && apt-get install -y make autoconf automake libtool 21 | RUN git clone --depth 1 https://github.com/openthread/openthread 22 | 23 | WORKDIR openthread 24 | COPY build.sh *.options $SRC/ 25 | -------------------------------------------------------------------------------- /projects/openthread/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/openthread/openthread" 2 | primary_contact: "jonhui@google.com" 3 | -------------------------------------------------------------------------------- /projects/opus/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER flim@google.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool wget 20 | 21 | RUN git clone https://git.xiph.org/opus.git 22 | RUN wget https://opus-codec.org/static/testvectors/opus_testvectors.tar.gz 23 | WORKDIR opus 24 | COPY build.sh $SRC/ 25 | -------------------------------------------------------------------------------- /projects/opus/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://opus-codec.org/" 2 | primary_contact: "jmvalin@jmvalin.ca" 3 | auto_ccs: 4 | - "flim@google.com" 5 | sanitizers: 6 | - address 7 | - memory 8 | - undefined 9 | -------------------------------------------------------------------------------- /projects/ots/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mmoroz@chromium.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config zlib1g-dev 20 | RUN git clone --depth 1 https://github.com/khaledhosny/ots.git 21 | WORKDIR ots 22 | COPY build.sh ots-fuzzer.* $SRC/ 23 | -------------------------------------------------------------------------------- /projects/ots/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # Build the project. 19 | ./autogen.sh 20 | ./configure 21 | 22 | # Build the fuzzer. 23 | make -j$(nproc) V=1 CXXFLAGS="$CXXFLAGS -DOTS_FUZZER_NO_MAIN" LDFLAGS="-lFuzzingEngine" ots-fuzzer 24 | mv ots-fuzzer $OUT/ 25 | 26 | cp $SRC/ots-fuzzer.options $OUT/ 27 | zip -j -r $OUT/ots-fuzzer_seed_corpus.zip $SRC/ots/tests/fonts 28 | -------------------------------------------------------------------------------- /projects/ots/ots-fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 1000000 3 | -------------------------------------------------------------------------------- /projects/ots/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/khaledhosny/ots" 2 | primary_contact: "dr.khaled.hosny@gmail.com" 3 | auto_ccs: 4 | - "kevin899@gmail.com" 5 | -------------------------------------------------------------------------------- /projects/pcre2/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER kcc@google.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool subversion 20 | 21 | RUN svn co svn://vcs.exim.org/pcre2/code/trunk pcre2 22 | WORKDIR pcre2 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/pcre2/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # build project 19 | ./autogen.sh 20 | ./configure --enable-fuzz-support --enable-never-backslash-C --with-match-limit=1000 --with-match-limit-recursion=1000 21 | make -j$(nproc) clean 22 | make -j$(nproc) all 23 | 24 | # build fuzzer 25 | $CXX $CXXFLAGS -o $OUT/pcre2_fuzzer \ 26 | -lFuzzingEngine .libs/libpcre2-fuzzsupport.a .libs/libpcre2-8.a 27 | 28 | # set up dictionary and options to use it 29 | cp pcre2_fuzzer.options pcre2_fuzzer.dict $OUT/ 30 | -------------------------------------------------------------------------------- /projects/pcre2/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.pcre.org/" 2 | primary_contact: "philip.hazel@gmail.com" 3 | sanitizers: 4 | - address 5 | - memory 6 | - undefined 7 | -------------------------------------------------------------------------------- /projects/pidgin/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.pidgin.im/" 2 | primary_contact: "gary.kramlich@gmail.com" 3 | -------------------------------------------------------------------------------- /projects/postgis/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER lr@pcorp.us 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool g++ postgresql-server-dev-9.5 libgeos-dev libproj-dev libxml2-dev pkg-config libjson-c-dev 20 | RUN git clone --depth 1 https://git.osgeo.org/gogs/postgis/postgis.git postgis 21 | WORKDIR postgis 22 | COPY build.sh $SRC/ 23 | -------------------------------------------------------------------------------- /projects/postgis/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | ./autogen.sh 19 | ./configure --enable-static --without-raster --without-protobuf 20 | cd liblwgeom 21 | make clean -s 22 | make -j$(nproc) -s 23 | cd .. 24 | 25 | bash ./fuzzers/build_google_oss_fuzzers.sh 26 | bash ./fuzzers/build_seed_corpus.sh 27 | -------------------------------------------------------------------------------- /projects/postgis/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://postgis.net/" 2 | primary_contact: "lr@pcorp.us" 3 | auto_ccs: 4 | - "even.rouault@gmail.com" 5 | - "pramsey@cleverelephant.ca" 6 | - "mateusz@loskot.net" 7 | -------------------------------------------------------------------------------- /projects/postgresql/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://postgresql.org" 2 | primary_contact: "sfrost@snowman.net" 3 | -------------------------------------------------------------------------------- /projects/proj4/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER even.rouault@spatialys.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool g++ 20 | RUN git clone --depth 1 https://github.com/OSGeo/proj.4 proj.4 21 | WORKDIR proj.4 22 | COPY build.sh $SRC/ 23 | -------------------------------------------------------------------------------- /projects/proj4/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | ./autogen.sh 19 | ./configure 20 | make clean -s 21 | make -j$(nproc) -s 22 | 23 | ./test/fuzzers/build_google_oss_fuzzers.sh 24 | ./test/fuzzers/build_seed_corpus.sh 25 | -------------------------------------------------------------------------------- /projects/proj4/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://proj4.org/" 2 | primary_contact: "even.rouault@gmail.com" 3 | auto_ccs: 4 | - "hobu.inc@gmail.com" 5 | - "kristianevers@gmail.com" 6 | - "knudsen.thomas@gmail.com" 7 | -------------------------------------------------------------------------------- /projects/qpid-proton/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://qpid.apache.org/proton/" 2 | primary_contact: "jross@apache.org" 3 | auto_ccs: 4 | - "security@apache.org" 5 | - "jdanek@redhat.com" 6 | -------------------------------------------------------------------------------- /projects/qubes-os/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | cd $SRC/qubes-os/linux-utils/ 19 | 20 | cd qrexec-lib 21 | 22 | $CC $CFLAGS -c ioall.c 23 | $CC $CFLAGS -c copy-file.c 24 | $CC $CFLAGS -c crc32.c 25 | $CC $CFLAGS -c pack.c 26 | $CC $CFLAGS -c unpack.c 27 | ar rcs libqubes-rpc-filecopy.a ioall.o copy-file.o crc32.o unpack.o pack.o 28 | 29 | $CXX $CXXFLAGS -o $OUT/libqubes-rpc-filecopy -I. -I./fuzzer fuzzer/fuzzer.cc -lFuzzingEngine libqubes-rpc-filecopy.a 30 | 31 | cp $SRC/*.options $OUT/ 32 | -------------------------------------------------------------------------------- /projects/qubes-os/libqubes-rpc-filecopy.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 10240 3 | -------------------------------------------------------------------------------- /projects/qubes-os/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.qubes-os.org/" 2 | primary_contact: "jpo@vt.edu" 3 | auto_ccs: 4 | - "joanna@invisiblethingslab.com" 5 | - "marmarek@invisiblethingslab.com" 6 | - "paras.chetal@gmail.com" 7 | -------------------------------------------------------------------------------- /projects/re2/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER wrengr@chromium.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool 20 | 21 | RUN git clone --depth 1 https://code.googlesource.com/re2 22 | WORKDIR re2 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/re2/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # First, build RE2. 19 | # N.B., we don't follow the standard incantation for building RE2 20 | # (i.e., `make && make test && make install && make testinstall`), 21 | # because some of the targets doesn't use $CXXFLAGS properly, which 22 | # causes compilation to fail. The obj/libre2.a target is all we 23 | # really need for our fuzzer, so that's all we build. Hopefully 24 | # this won't cause the fuzzer to fail erroneously due to not running 25 | # upstream's tests first to be sure things compiled correctly. 26 | CXXFLAGS="$CXXFLAGS -O2" 27 | make clean 28 | make -j$(nproc) obj/libre2.a 29 | 30 | # Second, build the fuzzer (distributed with RE2). 31 | $CXX $CXXFLAGS -std=c++11 -I. \ 32 | re2/fuzzing/re2_fuzzer.cc -o $OUT/re2_fuzzer \ 33 | -lFuzzingEngine obj/libre2.a 34 | -------------------------------------------------------------------------------- /projects/re2/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://code.googlesource.com/re2" 2 | primary_contact: "junyer@google.com" 3 | sanitizers: 4 | - address 5 | - memory 6 | - undefined 7 | -------------------------------------------------------------------------------- /projects/realm-core/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/realm/realm-core" 2 | primary_contact: "ez@realm.io" 3 | -------------------------------------------------------------------------------- /projects/resiprocate/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER gjasny@googlemail.com 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config 20 | RUN git clone --depth 1 https://github.com/resiprocate/resiprocate.git resiprocate 21 | WORKDIR resiprocate 22 | COPY build.sh $SRC/ 23 | -------------------------------------------------------------------------------- /projects/resiprocate/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | autoreconf --install 19 | ./configure --disable-shared --enable-static 20 | make -j$(nproc) -C rutil/dns/ares aresfuzz aresfuzzname 21 | 22 | cp rutil/dns/ares/{aresfuzz,aresfuzzname} $OUT/ 23 | -------------------------------------------------------------------------------- /projects/resiprocate/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.resiprocate.org/" 2 | primary_contact: "gjasny@googlemail.com" 3 | -------------------------------------------------------------------------------- /projects/skia/BUILD.gn.diff: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | # TODO(kjlubick): Move this into Skia proper 17 | 18 | 19 | # Append this to build.gn in the skia repo and then build the targets 20 | test_app("fuzz_region_deserialize") { 21 | sources = [ 22 | "fuzz/oss_fuzz/region_deserialize.cpp", 23 | ] 24 | deps = [ 25 | ":flags", 26 | ":skia", 27 | ] 28 | } -------------------------------------------------------------------------------- /projects/skia/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/google/skia" 2 | primary_contact: "kjlubick@chromium.org" 3 | auto_ccs: 4 | - "hcm@chromium.org" 5 | sanitizers: 6 | - address 7 | - undefined: 8 | experimental: True 9 | - memory 10 | -------------------------------------------------------------------------------- /projects/skia/region_deserialize.cpp: -------------------------------------------------------------------------------- 1 | // Copyright 2016 Google Inc. 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | // 15 | // TODO(kjlubick): Move this into Skia proper 16 | 17 | 18 | #include "SkCanvas.h" 19 | #include "SkPaint.h" 20 | #include "SkRegion.h" 21 | #include "SkSurface.h" 22 | 23 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 24 | SkRegion region; 25 | if (!region.readFromMemory(data, size)) { 26 | return 0; 27 | } 28 | region.computeRegionComplexity(); 29 | region.isComplex(); 30 | SkRegion r2; 31 | if (region == r2) { 32 | region.contains(0,0); 33 | } else { 34 | region.contains(1,1); 35 | } 36 | auto s = SkSurface::MakeRasterN32Premul(1024, 1024); 37 | s->getCanvas()->drawRegion(region, SkPaint()); 38 | return 0; // Non-zero return values are reserved for future use. 39 | } 40 | -------------------------------------------------------------------------------- /projects/skia/region_deserialize.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 512 -------------------------------------------------------------------------------- /projects/speex/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://speex.org/" 2 | primary_contact: "tmatth@videolan.org" 3 | -------------------------------------------------------------------------------- /projects/sqlite3/ossfuzz.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | dict = sql.dict 3 | -------------------------------------------------------------------------------- /projects/sqlite3/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://sqlite.org/" 2 | primary_contact: "drhsqlite@gmail.com" 3 | auto_ccs: 4 | - "sboydps@gmail.com" 5 | sanitizers: 6 | - address 7 | - memory 8 | - undefined 9 | -------------------------------------------------------------------------------- /projects/strongswan/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ############################################################################## 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER tobias@strongswan.org 19 | RUN apt-get update && apt-get install -y automake autoconf libtool pkg-config gettext perl python flex bison gperf lcov libgmp3-dev 20 | RUN git clone --depth 1 https://github.com/strongswan/strongswan.git strongswan 21 | RUN git clone --depth 1 https://github.com/strongswan/fuzzing-corpora.git strongswan/fuzzing-corpora 22 | WORKDIR strongswan 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/strongswan/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2017 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | ./autogen.sh 19 | 20 | ./configure CFLAGS="$CFLAGS -DNO_CHECK_MEMWIPE" --enable-fuzzing --with-libfuzzer=$LIB_FUZZING_ENGINE --enable-monolithic --disable-shared --enable-static 21 | 22 | make -j$(nproc) 23 | 24 | fuzzers=$(find fuzz -maxdepth 1 -executable -type f -name \fuzz_*) 25 | for f in $fuzzers; do 26 | fuzzer=$(basename $f) 27 | cp $f $OUT/ 28 | corpus=${fuzzer#fuzz_} 29 | corpus=${corpus%%_*} 30 | if [ -d "fuzzing-corpora/${corpus}" ]; then 31 | zip -rj $OUT/${fuzzer}_seed_corpus.zip fuzzing-corpora/${corpus} 32 | fi 33 | done 34 | -------------------------------------------------------------------------------- /projects/strongswan/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.strongswan.org" 2 | primary_contact: "security@strongswan.org" 3 | auto_ccs: 4 | - "tobias@strongswan.org" 5 | -------------------------------------------------------------------------------- /projects/tensorflow/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.tensorflow.org" 2 | primary_contact: "frankchn@google.com" 3 | auto_ccs: 4 | - "dga@google.com" 5 | -------------------------------------------------------------------------------- /projects/tor/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ############################################################################## 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER nickm@torproject.org 19 | RUN apt-get update && apt-get install -y zlib1g zlib1g-dev libevent-dev libevent-2.0 openssl autoconf automake libssl-dev make 20 | RUN git clone https://git.torproject.org/tor.git 21 | RUN git clone https://git.torproject.org/fuzzing-corpora.git tor-fuzz-corpora 22 | WORKDIR tor 23 | COPY build.sh $SRC/ 24 | -------------------------------------------------------------------------------- /projects/tor/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.torproject.org" 2 | primary_contact: "nima@torproject.org" 3 | auto_ccs: "nick.a.mathewson@gmail.com" 4 | -------------------------------------------------------------------------------- /projects/tpm2/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 The Chromium Authors. All rights reserved. 2 | # Use of this source code is governed by a BSD-style license that can be 3 | # found in the LICENSE file. 4 | # 5 | # Defines a docker image that can build fuzzers. 6 | # 7 | FROM gcr.io/oss-fuzz-base/base-builder 8 | RUN apt-get update && apt-get install -y make libssl-dev binutils libgcc-5-dev 9 | RUN git clone --depth 1 https://chromium.googlesource.com/chromiumos/third_party/tpm2 10 | WORKDIR tpm2 11 | RUN cp /src/tpm2/fuzz/build.sh /src/ 12 | -------------------------------------------------------------------------------- /projects/tpm2/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://chromium.googlesource.com/chromiumos/third_party/tpm2" 2 | # todo: delete Dockerfile from tpm2 repo. 3 | # Docker files change too much, it was moved to oss-fuzz repository. 4 | # 5 | #dockerfile: 6 | # git: "https://chromium.googlesource.com/chromiumos/third_party/tpm2/" 7 | # path: "fuzz/Dockerfile" 8 | primary_contact: "ngm@google.com" 9 | auto_ccs: 10 | - "tpm-security-bugs@google.com" 11 | - "dkrahn@google.com" 12 | - "vbendeb@google.com" 13 | - "apronin@google.com" 14 | - "joshz@google.com" 15 | - "cfir@google.com" 16 | - "mruthven@google.com" 17 | -------------------------------------------------------------------------------- /projects/util-linux/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/karelzak/util-linux" 2 | primary_contact: "ruediger.meier@ga-group.nl" 3 | auto_ccs: 4 | - "kzak@redhat.com" 5 | -------------------------------------------------------------------------------- /projects/weechat/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/weechat/weechat" 2 | primary_contact: "flashcode@flashtux.org" 3 | auto_ccs: 4 | - "security@weechat.org" 5 | -------------------------------------------------------------------------------- /projects/wget2/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://gitlab.com/gnuwget/wget2" 2 | primary_contact: "rockdaboot@gmail.com" 3 | auto_ccs: 4 | - "tim.ruehsen@gmx.de" 5 | - "darnir@gmail.com" 6 | - "gscrivan@redhat.com" 7 | - "ajuaristi@gmx.es" 8 | -------------------------------------------------------------------------------- /projects/wireshark/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2017 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER Jakub Zawadzki 19 | 20 | RUN apt-get update && apt-get install -y make autoconf automake libtool libtool-bin \ 21 | flex bison \ 22 | libglib2.0-dev libgcrypt20-dev 23 | 24 | RUN git clone --depth=1 https://code.wireshark.org/review/wireshark 25 | RUN git clone --depth=1 https://bitbucket.org/jwzawadzki/wireshark-fuzzdb.git 26 | 27 | WORKDIR wireshark 28 | COPY build.sh $SRC/ 29 | -------------------------------------------------------------------------------- /projects/wireshark/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.wireshark.org" 2 | primary_contact: "gerald@wireshark.org" 3 | auto_ccs: 4 | - "security@wireshark.org" 5 | - "peter@lekensteyn.nl" 6 | - "me@moshekaplan.com" 7 | - "david@davidmanouchehri.com" 8 | - "lomato@gmail.com" 9 | - "rknall@gmail.com" 10 | -------------------------------------------------------------------------------- /projects/woff2/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER mmoroz@chromium.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool 20 | 21 | RUN git clone --depth 1 --recursive https://github.com/google/woff2 22 | WORKDIR woff2 23 | COPY build.sh *.options $SRC/ 24 | COPY corpus $SRC/corpus 25 | -------------------------------------------------------------------------------- /projects/woff2/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # Build the library. Actually there is no 'library' target, so we use .o files. 19 | # '-no-canonical-prefixes' flag makes clang crazy. Need to avoid it. 20 | cat brotli/shared.mk | sed -e "s/-no-canonical-prefixes//" \ 21 | > brotli/shared.mk.temp 22 | mv brotli/shared.mk.temp brotli/shared.mk 23 | 24 | # woff2 uses LFLAGS instead of LDFLAGS. 25 | make clean 26 | make -j$(nproc) CC="$CC $CFLAGS" CXX="$CXX $CXXFLAGS" CANONICAL_PREFIXES= all \ 27 | NOISY_LOGGING= 28 | 29 | # Build fuzzers 30 | for fuzzer_archive in $(ls src/*fuzzer*.a); do 31 | fuzzer_name=$(basename ${fuzzer_archive%.a}) 32 | $CXX $CXXFLAGS -lFuzzingEngine $fuzzer_archive \ 33 | -o $OUT/$fuzzer_name 34 | zip -q $OUT/${fuzzer_name}_seed_corpus.zip $SRC/corpus/* 35 | done 36 | 37 | cp $SRC/*.options $OUT/ 38 | -------------------------------------------------------------------------------- /projects/woff2/convert_woff2ttf_fuzzer.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 1000000 3 | -------------------------------------------------------------------------------- /projects/woff2/convert_woff2ttf_fuzzer_new_entry.options: -------------------------------------------------------------------------------- 1 | [libfuzzer] 2 | max_len = 1000000 3 | -------------------------------------------------------------------------------- /projects/woff2/corpus/Ahem.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/woff2/corpus/Ahem.woff2 -------------------------------------------------------------------------------- /projects/woff2/corpus/AhemSpaceLigature.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/woff2/corpus/AhemSpaceLigature.woff2 -------------------------------------------------------------------------------- /projects/woff2/corpus/DejaVuSerif-webfont.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/woff2/corpus/DejaVuSerif-webfont.woff2 -------------------------------------------------------------------------------- /projects/woff2/corpus/DejaVuSerif.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/woff2/corpus/DejaVuSerif.woff2 -------------------------------------------------------------------------------- /projects/woff2/corpus/EzraSIL.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/woff2/corpus/EzraSIL.woff2 -------------------------------------------------------------------------------- /projects/woff2/corpus/LinLibertineO.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/woff2/corpus/LinLibertineO.woff2 -------------------------------------------------------------------------------- /projects/woff2/corpus/MEgalopolisExtra.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/woff2/corpus/MEgalopolisExtra.woff2 -------------------------------------------------------------------------------- /projects/woff2/corpus/OpenSans.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/woff2/corpus/OpenSans.woff2 -------------------------------------------------------------------------------- /projects/woff2/corpus/mplus-1p-regular.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/woff2/corpus/mplus-1p-regular.woff2 -------------------------------------------------------------------------------- /projects/woff2/corpus/tcu-font.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aflgo/oss-fuzz/f3d9deaaac91b9372966c2a20dee5adfca8eff79/projects/woff2/corpus/tcu-font.woff2 -------------------------------------------------------------------------------- /projects/woff2/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/google/woff2" 2 | primary_contact: "rsheeter@google.com" 3 | sanitizers: 4 | - address 5 | - memory 6 | - undefined 7 | -------------------------------------------------------------------------------- /projects/wolfssl/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER levi@wolfssl.com 19 | 20 | RUN apt-get update && apt-get install -y make autoconf automake libtool zip 21 | RUN git clone https://github.com/wolfssl/wolfssl --depth 1 $SRC/wolfssl 22 | RUN git clone https://github.com/wolfssl/oss-fuzz-targets --depth 1 $SRC/fuzz-targets 23 | 24 | WORKDIR wolfssl 25 | 26 | COPY build.sh $SRC/ 27 | -------------------------------------------------------------------------------- /projects/wolfssl/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | 18 | # target_dir determined by Dockerfile 19 | target_dir="$SRC/fuzz-targets" 20 | 21 | # build wolfssl 22 | ./autogen.sh 23 | ./configure --enable-static --disable-shared --prefix=/usr CC="clang" 24 | make -j "$(nproc)" all 25 | make install 26 | 27 | # put linker arguments into the environment, appending to any existing ones 28 | export LDFLAGS="${LDFLAGS-""}" 29 | export LDLIBS="${LDLIBS-""} -lwolfssl -lFuzzingEngine" 30 | 31 | # make and export targets to $OUT; environment overridding internal variables 32 | cd "${target_dir}" 33 | make -e all 34 | make -e export prefix="$OUT" 35 | -------------------------------------------------------------------------------- /projects/wolfssl/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "https://www.wolfssl.com/" 2 | primary_contact: "jacob@wolfssl.com" 3 | auto_ccs: 4 | - "david@wolfssl.com" 5 | - "kaleb@wolfssl.com" 6 | - "levi@wolfssl.com" 7 | - "testing@wolfssl.com" 8 | sanitizers: 9 | - address 10 | - memory: 11 | experimental: True 12 | - undefined 13 | -------------------------------------------------------------------------------- /projects/xbps/project.yml: -------------------------------------------------------------------------------- 1 | homepage: "https://github.com/voidlinux/xbps" 2 | primary_contact: "miwaxe@gmail.com" 3 | auto_ccs: 4 | - "gottox@voidlinux.eu" 5 | - "xtraeme@voidlinux.eu" -------------------------------------------------------------------------------- /projects/zlib/Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Google Inc. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | ################################################################################ 16 | 17 | FROM gcr.io/oss-fuzz-base/base-builder 18 | MAINTAINER inferno@chromium.org 19 | RUN apt-get update && apt-get install -y make autoconf automake libtool 20 | 21 | RUN git clone --depth 1 https://github.com/madler/zlib.git 22 | WORKDIR zlib 23 | COPY build.sh zlib_uncompress_fuzzer.cc $SRC/ 24 | -------------------------------------------------------------------------------- /projects/zlib/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -eu 2 | 3 | ./configure 4 | make -j$(nproc) clean 5 | make -j$(nproc) all 6 | 7 | $CXX $CXXFLAGS -std=c++11 -I. \ 8 | $SRC/zlib_uncompress_fuzzer.cc -o $OUT/zlib_uncompress_fuzzer \ 9 | -lFuzzingEngine ./libz.a 10 | -------------------------------------------------------------------------------- /projects/zlib/project.yaml: -------------------------------------------------------------------------------- 1 | homepage: "http://www.zlib.net/" 2 | sanitizers: 3 | - address 4 | - memory 5 | - undefined 6 | -------------------------------------------------------------------------------- /projects/zlib/zlib_uncompress_fuzzer.cc: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Chromium Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style license that can be 3 | // found in the LICENSE file. 4 | 5 | #include 6 | #include 7 | #include 8 | 9 | #include "zlib.h" 10 | 11 | static Bytef buffer[256 * 1024] = { 0 }; 12 | 13 | // Entry point for LibFuzzer. 14 | extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 15 | uLongf buffer_length = static_cast(sizeof(buffer)); 16 | if (Z_OK != uncompress(buffer, &buffer_length, data, 17 | static_cast(size))) { 18 | return 0; 19 | } 20 | return 0; 21 | } 22 | --------------------------------------------------------------------------------