harfbuzz/test/fuzzing
2019-08-29 14:51:22 +04:30
..
fonts [subset] Don't allow malicious fonts to insert unlimited table headers 2019-08-29 14:51:22 +04:30
CMakeLists.txt Remove remains of get-codepoint-fuzzer 2018-10-11 17:31:29 -04:00
hb-fuzzer.hh [fuzzer] Separate main() into a new file 2016-12-20 20:50:38 -06:00
hb-shape-fuzzer.cc test: Use nullptr in C++ code. (#1744) 2019-06-03 12:30:25 +04:30
hb-subset-fuzzer.cc [fuzz] Don't fail when blob is empty 2019-07-11 14:31:55 +04:30
main.cc [test] minor, fix -Weverything bot 2019-05-11 18:48:41 -04:00
Makefile.am [valgrind] Use libtool and support run-subset-fuzzer-tests (#1668) 2019-04-28 11:54:07 -07:00
README Move all references of old url to the new address (#622) 2017-11-20 14:49:22 -05:00
run-shape-fuzzer-tests.py [ci][fuzzer] print valgrind failure if an error happened 2019-07-19 10:33:00 +04:30
run-subset-fuzzer-tests.py Increase subset fuzzer timeout to 16s 2019-08-11 23:34:48 +04:30

In order to build the fuzzer one needs to build HarfBuzz and
harfbuzz/test/fuzzing/hb-fuzzer.cc with:
  - Using the most recent Clang
  - With -fsanitize=address (or =undefined, or a combination)
  - With -fsanitize-coverage=edge[,8bit-counters,trace-cmp]
  - With various defines that limit worst case exponential behavior.
    See FUZZING_CPPFLAGS in harfbuzz/src/Makefile.am for the list.
  - link against libFuzzer

To run the fuzzer one needs to first obtain a test corpus as a directory
containing interesting fonts.  A good starting point is inside
harfbuzz/test/shaping/fonts/fonts/.
Then, run the fuzzer like this:
   ./hb-fuzzer -max_len=2048 CORPUS_DIR
Where max_len specifies the maximal length of font files to handle.
The smaller the faster.

For more details consult the following locations:
  - http://llvm.org/docs/LibFuzzer.html or
  - https://github.com/google/libfuzzer-bot/tree/master/harfbuzz
  - https://github.com/harfbuzz/harfbuzz/issues/139