> > > I've modified the bot to use freetype2/src/tools/ftfuzzer/*cc, > > working as expected. > > Thanks. Please add a README to the `ftfuzzer' directory, explaining > the setup and linking to the relevant sites. >
Like this? ftfuzzer -------- ftfuzzer.cc contains a target function for FreeType fuzzing. It can be used with libFuzzer (http://llvm.org/docs/LibFuzzer.html) or potentially other similar fuzzer. Usage: 1. Build libfreetype.a and ftfuzzer.cc using the most recent clang compiler with these flags: -fsanitize-coverage=edge,8bit-counters # for fuzzer coverage feedback -fsanitize=address,signed-integer-overflow,shift # for bug checking 2. Link with libFuzzer (it contains main()). 3. Run the fuzzer on some test corpus. The exact flags and commands may vary. There is a continuous fuzzing bot that runs ftfuzzer: https://github.com/kcc/libfuzzer-example/wiki/FreeType-Fuzzer-Bot. Check the bot confituration for the most current settings. https://github.com/kcc/libfuzzer-example/tree/master/freetype-experiment TODO: move the bot scripts here. runinput.cc contains a convenience function to run the target function on set of input files. Link it with ftfuzzer.cc and libfreetype.a and run like "./a.out my_tests_inputs/*"
_______________________________________________ Freetype-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/freetype-devel
