github-mirrors/FFmpeg
1
0
Fork 0
mirror of https://mirror.skon.top/https://github.com/FFmpeg/FFmpeg synced 2026-04-20 21:00:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

fuzzer: improve documentation

Browse Source
This commit is contained in:
Pierre-Anthony Lemieux
2026-03-09 22:33:20 -07:00
committed by Pierre-Anthony Lemieux
parent 55bf0e6cd5
commit dfc5d176c9
1 changed files with 9 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
tools/target_dec_fuzzer.c
View File

@@ -20,22 +20,17 @@
compile-time flags. compile-time flags.
INSTRUCTIONS: INSTRUCTIONS:
* Get the very fresh clang, e.g. see http://libfuzzer.info#versions * Get clang > 6.0 (https://llvm.org/docs/LibFuzzer.html)
* Get and build libFuzzer: * Build ffmpeg for fuzzing:
svn co http://llvm.org/svn/llvm-project/llvm/trunk/lib/Fuzzer ./configure --enable-debug --toolchain=clang-asan-ubsan-fuzz --enable-ossfuzz
./Fuzzer/build.sh
* build ffmpeg for fuzzing:
FLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard,trace-cmp -g" CC="clang $FLAGS" CXX="clang++ $FLAGS" ./configure --disable-x86asm
make clean && make -j make clean && make -j
* build the fuzz target. * build the fuzz target.
Choose the value of FFMPEG_CODEC (e.g. AV_CODEC_ID_DVD_SUBTITLE) and make tools/target_dec_<codec>_fuzzer # e.g. tools/target_dec_jpeg2000_fuzzer
choose one of FUZZ_FFMPEG_VIDEO, FUZZ_FFMPEG_AUDIO, FUZZ_FFMPEG_SUBTITLE. * Run fuzzing with a corpus directory:
clang -fsanitize=address -fsanitize-coverage=trace-pc-guard,trace-cmp tools/target_dec_fuzzer.c -o target_dec_fuzzer -I. -DFFMPEG_CODEC=AV_CODEC_ID_MPEG1VIDEO -DFUZZ_FFMPEG_VIDEO ../../libfuzzer/libFuzzer.a -Llibavcodec -Llibavdevice -Llibavfilter -Llibavformat -Llibavutil -Llibpostproc -Llibswscale -Llibswresample -Wl,--as-needed -Wl,-z,noexecstack -Wl,--warn-common -Wl,-rpath-link=:libpostproc:libswresample:libswscale:libavfilter:libavdevice:libavformat:libavcodec:libavutil -lavdevice -lavfilter -lavformat -lavcodec -lswresample -lswscale -lavutil -ldl -lxcb -lxcb-shm -lxcb -lxcb-xfixes -lxcb -lxcb-shape -lxcb -lX11 -lasound -lm -lbz2 -lz -pthread mkdir CORPUS && cp some-files CORPUS # (empty corpus dir is ok too)
* create a corpus directory and put some samples there (empty dir is ok too): ./tools/target_dec_<codec>_fuzzer -max_len=100000 CORPUS
mkdir CORPUS && cp some-files CORPUS * Run a test case:
./tools/target_dec_<codec>_fuzzer <testcase>
* Run fuzzing:
./target_dec_fuzzer -max_len=100000 CORPUS
More info: More info:
http://libfuzzer.info http://libfuzzer.info