<html><head></head><body><div class="gmail_quote">Le 21 juin 2017 15:36:50 GMT+03:00, Shaleen Jain <shaleen.jain95@gmail.com> a écrit :<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<pre class="k9mail">---<br /> .gitignore            |  1 +<br /> <a href="http://configure.ac">configure.ac</a>          |  8 ++++++++<br /> test/<a href="http://Makefile.am">Makefile.am</a>      |  2 ++<br /> test/fuzz/<a href="http://Makefile.am">Makefile.am</a> | 19 +++++++++++++++++++<br /> 4 files changed, 30 insertions(+)<br /> create mode 100644 test/fuzz/<a href="http://Makefile.am">Makefile.am</a><br /><br />diff --git a/.gitignore b/.gitignore<br />index 0b0ee9cc20..fcd0e59213 100644<br />--- a/.gitignore<br />+++ b/.gitignore<br />@@ -45,6 +45,7 @@ wxvlc<br /> vlc_install_dir/*<br /> plugins.dat<br /> patches/*<br />+*_fuzzer<br /> <br /> include/vlc/libvlc_version.h<br /> <br />diff --git a/<a href="http://configure.ac">configure.ac</a> b/<a href="http://configure.ac">configure.ac</a><br />index 67fc7deb1a..c289b69510 100644<br />--- a/<a href="http://configure.ac">configure.ac</a><br />+++ b/<a href="http://configure.ac">configure.ac</a><br />@@ -94,6 +94,13 @@ AS_IF([test -n "${with_binary_version}"],[<br />          [Binary specific version])<br /> ])<br /> <br />+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [<br />+#if !defined(__clang__)<br />+#error<br />+#endif])], have_clang=yes, have_clang=no)<br />+<br />+AM_CONDITIONAL(HAVE_CLANG, test "x$have_clang" = "xyes")<br />+<br /> dnl<br /> dnl  Check the operating system<br /> dnl<br />@@ -4248,6 +4255,7 @@ AC_CONFIG_FILES([<br />   lib/Makefile<br />   bin/Makefile<br />   test/Makefile<br />+  test/fuzz/Makefile<br />   modules/hw/mmal/Makefile<br />   share/<a href="http://vlc.appdata.xml.in">vlc.appdata.xml.in</a><br /> ])<br />diff --git a/test/<a href="http://Makefile.am">Makefile.am</a> b/test/<a href="http://Makefile.am">Makefile.am</a><br />index 95d4df6516..30c1bb56b6 100644<br />--- a/test/<a href="http://Makefile.am">Makefile.am</a><br />+++ b/test/<a href="http://Makefile.am">Makefile.am</a><br />@@ -4,6 +4,8 @@<br /> <br /> AUTOMAKE_OPTIONS = subdir-objects<br /> <br />+SUBDIRS = fuzz<br />+<br /> extra_check_verbose = $(extra_check_verbose_$(V))<br /> extra_check_verbose_ = $(extra_check_flags__$(AM_DEFAULT_VERBOSITY))<br /> extra_check_verbose_0 = @echo TEST $@<br />diff --git a/test/fuzz/<a href="http://Makefile.am">Makefile.am</a> b/test/fuzz/<a href="http://Makefile.am">Makefile.am</a><br />new file mode 100644<br />index 0000000000..57eb04f13f<br />--- /dev/null<br />+++ b/test/fuzz/<a href="http://Makefile.am">Makefile.am</a><br />@@ -0,0 +1,19 @@<br />+AUTOMAKE_OPTIONS = subdir-objects<br />+<br />+AM_CXXFLAGS = -fsanitize=address -fsanitize-address-use-after-scope -fsanitize=undefined -fno-sanitize-recover=undefined<br />+if HAVE_CLANG<br />+AM_CXXFLAGS += -fsanitize-coverage=trace-pc-guard,trace-cmp<br />+else<br />+AM_CXXFLAGS += -fsanitize-coverage=trace-pc<br />+endif<br />+<br />+LIBVLCCORE = ../../src/<a href="http://libvlccore.la">libvlccore.la</a><br />+LIBVLC = ../../lib/<a href="http://libvlc.la">libvlc.la</a><br />+<br />+LDADD = $(LIBVLCCORE) $(LIBVLC) -L./ -lFuzzer<br />+<br />+check_PROGRAMS = \<br />+ libvlc_demux_fuzzer<br />+<br />+libvlc_demux_fuzzer_SOURCES = libvlc_demux_fuzzer.cpp<br />+</pre></blockquote></div><br clear="all">Hello,<br>
<br>
AFAIK, this won't work. You need to build the entire tree with sanitizers, not just the fuzzing binary.<br>
<br>
The source code is missing too. But, I don't think that this should be published, as it helps potentially hostile third parties with better computational power than it helps us. That is why I did not publish my own AFL and libfuzzer VLC frontends.<br>
-- <br>
Rémi Denis-Courmont<br>
Typed on an inconvenient virtual keyboard</body></html>