• Home
  • History
  • Annotate
  • only in /external/freetype/src/tools/ftfuzzer/
NameDateSize

..10-Aug-20184 KiB

ftfuzzer.cc10-Aug-201811.7 KiB

ftmutator.cc10-Aug-20189.7 KiB

rasterfuzzer.cc10-Aug-20183.3 KiB

README10-Aug-20182.4 KiB

runinput.cc10-Aug-20181.2 KiB

README

1ftfuzzer
2========
3
4
5ftfuzzer.cc
6-----------
7
8This file contains a target function  for FreeType fuzzing.  It can be
9used   with    libFuzzer   (https://llvm.org/docs/LibFuzzer.html)   or
10potentially any other similar fuzzer.
11
12Usage:
13
14  1. Build  `libfreetype.a' and  `ftfuzzer.cc' using  the most  recent
15     clang compiler with these flags:
16
17       # for fuzzer coverage feedback
18       -fsanitize-coverage=edge,8bit-counters
19       # for bug checking
20       -fsanitize=address,signed-integer-overflow,shift
21
22     You  also need  the header  files from  the `libarchive'  library
23     (https://www.libarchive.org/)  for handling  tar files  (see file
24     `ftmutator.cc' below for more).
25
26  2. Link with `libFuzzer' (it contains `main') and `libarchive'.
27
28  3. Run the fuzzer on some test corpus.
29
30The exact flags and commands may vary.
31
32  https://github.com/google/oss-fuzz/tree/master/projects/freetype2
33
34There is a continuous fuzzing bot that runs ftfuzzer.
35
36  https://oss-fuzz.com
37
38(You need an account  to be able to see coverage  reports and the like
39on oss-fuzz.com.)
40
41Check the bot configuration for the most current settings.
42
43
44ftmutator.cc
45------------
46
47FreeType has the  ability to `attach' auxiliary files to  a font file,
48providing additional information.  The main usage is to load AFM files
49for PostScript Type 1 fonts.
50
51However, libFuzzer currently only supports  mutation of a single input
52file.   For  this  reason,  `ftmutator.cc' contains  a  custom  fuzzer
53mutator that uses an uncompressed tar  file archive as the input.  The
54first file in  such a tarball gets  opened by FreeType as  a font, all
55other files are treated as input for `FT_Attach_Stream'.
56
57Compilation is similar to `ftfuzzer.c'.
58
59
60runinput.cc
61-----------
62
63To run the target function on a set of input files, this file contains
64a   convenience  `main'   function.   Link   it  with   `ftfuzzer.cc',
65`libfreetype.a', and `libarchive' and run like
66
67  ./a.out my_tests_inputs/*
68
69----------------------------------------------------------------------
70
71Copyright 2015-2018 by
72David Turner, Robert Wilhelm, and Werner Lemberg.
73
74This  file is  part of  the FreeType  project, and  may only  be used,
75modified,  and distributed  under the  terms of  the  FreeType project
76license,  LICENSE.TXT.  By  continuing to  use, modify,  or distribute
77this file you  indicate that you have read  the license and understand
78and accept it fully.
79
80
81--- end of README ---
82