tag | 47ea62230a7f4e6fa4e47f6892749e1e81deb0c5 | |
---|---|---|
tagger | The Android Open Source Project <initial-contribution@android.com> | Sat Dec 10 01:44:54 2022 -0800 |
object | fd028d9d9d7cc71812ceb4d55265d3a3c4e91150 |
aml_neu_331113000 (9068234,com.google.android.neuralnetworks)
commit | fd028d9d9d7cc71812ceb4d55265d3a3c4e91150 | [log] [tgz] |
---|---|---|
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | Tue May 10 06:57:18 2022 +0000 |
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | Tue May 10 06:57:18 2022 +0000 |
tree | b1b15d9075830bd60f4e5587c8d9f27f4bcba29f | |
parent | 834c89f16bc1701b301eb05e07ce58ea038e096f [diff] | |
parent | 4e031b3a08a06e36fa74d66192dac5250ad69131 [diff] |
Snap for 8564071 from 4e031b3a08a06e36fa74d66192dac5250ad69131 to mainline-neuralnetworks-release Change-Id: I873cf751dc147e815b51d4a134d3a6e67185f8a8
libfuzzer-sys
CrateBarebones wrapper around LLVM's libFuzzer runtime library.
The CPP parts are extracted from compiler-rt git repository with git filter-branch
.
libFuzzer relies on LLVM sanitizer support. The Rust compiler has built-in support for LLVM sanitizer support, for now, it's limited to Linux. As a result, libfuzzer-sys
only works on Linux.
cargo fuzz
!The recommended way to use this crate with cargo fuzz
!.
This crate can also be used manually as following:
First create a new cargo project:
$ cargo new --bin fuzzed $ cd fuzzed
Then add a dependency on the fuzzer-sys
crate and your own crate:
[dependencies] libfuzzer-sys = "0.4.0" your_crate = { path = "../path/to/your/crate" }
Change the fuzzed/src/main.rs
to fuzz your code:
#![no_main] use libfuzzer_sys::fuzz_target; fuzz_target!(|data: &[u8]| { // code to fuzz goes here });
Build by running the following command:
$ cargo rustc -- \ -C passes='sancov' \ -C llvm-args='-sanitizer-coverage-level=3' \ -C llvm-args='-sanitizer-coverage-inline-8bit-counters' \ -Z sanitizer=address
And finally, run the fuzzer:
$ ./target/debug/fuzzed
./update-libfuzzer.sh <github.com/llvm-mirror/llvm-project SHA1>
All files in libfuzzer
directory are licensed NCSA.
Everything else is dual-licensed Apache 2.0 and MIT.