Home | History | Annotate | only in /external/freetype/src/tools/ftfuzzer
Up to higher level directory
NameDateSize
ftfuzzer.cc21-Aug-201811.7K
ftmutator.cc21-Aug-20189.7K
rasterfuzzer.cc21-Aug-20183.3K
README21-Aug-20182.4K
runinput.cc21-Aug-20181.2K

README

      1 ftfuzzer
      2 ========
      3 
      4 
      5 ftfuzzer.cc
      6 -----------
      7 
      8 This file contains a target function  for FreeType fuzzing.  It can be
      9 used   with    libFuzzer   (https://llvm.org/docs/LibFuzzer.html)   or
     10 potentially any other similar fuzzer.
     11 
     12 Usage:
     13 
     14   1. Build  `libfreetype.a' and  `ftfuzzer.cc' using  the most  recent
     15      clang compiler with these flags:
     16 
     17        # for fuzzer coverage feedback
     18        -fsanitize-coverage=edge,8bit-counters
     19        # for bug checking
     20        -fsanitize=address,signed-integer-overflow,shift
     21 
     22      You  also need  the header  files from  the `libarchive'  library
     23      (https://www.libarchive.org/)  for handling  tar files  (see file
     24      `ftmutator.cc' below for more).
     25 
     26   2. Link with `libFuzzer' (it contains `main') and `libarchive'.
     27 
     28   3. Run the fuzzer on some test corpus.
     29 
     30 The exact flags and commands may vary.
     31 
     32   https://github.com/google/oss-fuzz/tree/master/projects/freetype2
     33 
     34 There is a continuous fuzzing bot that runs ftfuzzer.
     35 
     36   https://oss-fuzz.com
     37 
     38 (You need an account  to be able to see coverage  reports and the like
     39 on oss-fuzz.com.)
     40 
     41 Check the bot configuration for the most current settings.
     42 
     43 
     44 ftmutator.cc
     45 ------------
     46 
     47 FreeType has the  ability to `attach' auxiliary files to  a font file,
     48 providing additional information.  The main usage is to load AFM files
     49 for PostScript Type 1 fonts.
     50 
     51 However, libFuzzer currently only supports  mutation of a single input
     52 file.   For  this  reason,  `ftmutator.cc' contains  a  custom  fuzzer
     53 mutator that uses an uncompressed tar  file archive as the input.  The
     54 first file in  such a tarball gets  opened by FreeType as  a font, all
     55 other files are treated as input for `FT_Attach_Stream'.
     56 
     57 Compilation is similar to `ftfuzzer.c'.
     58 
     59 
     60 runinput.cc
     61 -----------
     62 
     63 To run the target function on a set of input files, this file contains
     64 a   convenience  `main'   function.   Link   it  with   `ftfuzzer.cc',
     65 `libfreetype.a', and `libarchive' and run like
     66 
     67   ./a.out my_tests_inputs/*
     68 
     69 ----------------------------------------------------------------------
     70 
     71 Copyright 2015-2018 by
     72 David Turner, Robert Wilhelm, and Werner Lemberg.
     73 
     74 This  file is  part of  the FreeType  project, and  may only  be used,
     75 modified,  and distributed  under the  terms of  the  FreeType project
     76 license,  LICENSE.TXT.  By  continuing to  use, modify,  or distribute
     77 this file you  indicate that you have read  the license and understand
     78 and accept it fully.
     79 
     80 
     81 --- end of README ---
     82