Commit bb3ae14f04e3d80992ae05de318e0ec7774fdedd
1 parent
47a38a94
More fuzzer notes
Showing
1 changed file
with
9 additions
and
1 deletions
README-maintainer
| ... | ... | @@ -27,6 +27,8 @@ Memory checks: |
| 27 | 27 | |
| 28 | 28 | GOOGLE OSS-FUZZ |
| 29 | 29 | |
| 30 | +* See ../misc/fuzz (not in repo) for unfixed, downloaded fuzz test cases | |
| 31 | + | |
| 30 | 32 | * qpdf project: https://github.com/google/oss-fuzz/tree/master/projects/qpdf |
| 31 | 33 | |
| 32 | 34 | * To test locally, see https://github.com/google/oss-fuzz/tree/master/docs/, |
| ... | ... | @@ -38,11 +40,17 @@ GOOGLE OSS-FUZZ |
| 38 | 40 | from a qpdf fork/branch rather than qpdf/master. |
| 39 | 41 | |
| 40 | 42 | python infra/helper.py build_image --pull qpdf |
| 41 | - python infra/helper.py build_fuzzers qpdf | |
| 43 | + python infra/helper.py build_fuzzers [ --sanitizer memory|undefined|address qpdf | |
| 42 | 44 | python infra/helper.py check_build qpdf |
| 43 | 45 | python infra/helper.py build_fuzzers --sanitizer coverage qpdf |
| 44 | 46 | python infra/helper.py coverage qpdf |
| 45 | 47 | |
| 48 | + To reproduce a test case, build with the correct sanitizer, then run | |
| 49 | + | |
| 50 | + python infra/helper.py reproduce qpdf fuzzer testcase | |
| 51 | + | |
| 52 | + where fuzzer is the fuzzer used in the crash. | |
| 53 | + | |
| 46 | 54 | The fuzzer is in build/out/qpdf. It can be run with a directory as |
| 47 | 55 | an argument to run against files in a directory. You can use |
| 48 | 56 | ... | ... |