harfbuzz/test/fuzzing
Khaled Hosny 69d8f27c69 [meson] Require 0.55.0
We implicitly require it for building ragel subproject. This new version
requirement should satisfied in both Fedora 33 and Debian bullseye, and
not be too cutting edge for us.
2021-11-22 03:11:36 +02:00
..
fonts [subset] Only sanitize recursion depth in COLR. 2021-11-10 10:34:46 -07:00
sets [fuzz] minor, move two fuzzer cases to their correct place 2020-02-12 19:17:18 +03:30
Makefile.am Revert "Remove autotools build support" 2020-08-11 23:51:59 +04:30
README Move all references of old url to the new address (#622) 2017-11-20 14:49:22 -05:00
hb-draw-fuzzer.cc [fuzzer] minor 2020-08-12 02:40:55 +04:30
hb-fuzzer.hh [fuzzer] minor 2020-08-12 02:40:55 +04:30
hb-set-fuzzer.cc [set fuzzer] limit the total number of set members in a fuzzing input. 2021-01-26 10:22:07 -08:00
hb-shape-fuzzer.cc [fuzzer] minor 2020-08-12 02:40:55 +04:30
hb-subset-fuzzer.cc [subset] switch ..._set_flags to not take a mask. 2021-07-29 18:30:27 -07:00
main.cc [blob] Add failing versions of create API 2021-06-15 13:56:30 -06:00
meson.build [meson] Require 0.55.0 2021-11-22 03:11:36 +02:00
run-draw-fuzzer-tests.py [test] Remove timeout from test runners 2020-10-15 00:49:02 -07:00
run-shape-fuzzer-tests.py [test] Remove timeout from test runners 2020-10-15 00:49:02 -07:00
run-subset-fuzzer-tests.py [test] Remove timeout from test runners 2020-10-15 00:49:02 -07:00

README

In order to build the fuzzer one needs to build HarfBuzz and
harfbuzz/test/fuzzing/hb-fuzzer.cc with:
  - Using the most recent Clang
  - With -fsanitize=address (or =undefined, or a combination)
  - With -fsanitize-coverage=edge[,8bit-counters,trace-cmp]
  - With various defines that limit worst case exponential behavior.
    See FUZZING_CPPFLAGS in harfbuzz/src/Makefile.am for the list.
  - link against libFuzzer

To run the fuzzer one needs to first obtain a test corpus as a directory
containing interesting fonts.  A good starting point is inside
harfbuzz/test/shaping/fonts/fonts/.
Then, run the fuzzer like this:
   ./hb-fuzzer -max_len=2048 CORPUS_DIR
Where max_len specifies the maximal length of font files to handle.
The smaller the faster.

For more details consult the following locations:
  - http://llvm.org/docs/LibFuzzer.html or
  - https://github.com/google/libfuzzer-bot/tree/master/harfbuzz
  - https://github.com/harfbuzz/harfbuzz/issues/139