Displaying 2 results from an estimated 2 matches for "fuzztarget".
2019 Nov 12
2
Using Libfuzzer on a library - linking the library to the fuzz target
...ild the library with fuzzer-no-link,address flags. I *don't*
compile the fuzz_target (the file containing the LLVMFuzzerTestOneInput
function) with the library.
Then I build the fuzz target and link it with the library.
*clang++ -g -O1 -fsanitize=fuzzer,address -Iinclude -Ibuild/include .....
fuzztarget.c -Lbuild/lib -llib1 -llib2*
and then finally *./a.out -detect_leaks=0 corpus/*
I appreciate your help with this.
On Tue, Nov 12, 2019 at 11:38 AM Mitch Phillips <mitchp at google.com> wrote:
> Hi Shikhar,
>
> You don't need to build the library with `-fsanitize-coverage=...`,...
2019 Nov 12
2
Using Libfuzzer on a library - linking the library to the fuzz target
...cific
function in the library. The fuzz target is then linked to the library and
compiles clean and I do see some tests generated by the fuzzer. However, I
have some questions regarding the "right" way to go about doing this. I
have doubts that the fuzzer taking coverage feedback from the
fuzztarget and not the library functions (not sure though). Suppose the
function in the library being tested is called - *apifunc()*. The libfuzzer
log has a line which says - *apifunc() resp=0x7ff38f83ac20 uninitialized,
fixing it*. I am not sure what this means. Also, I can see that the apifunc
is called an...