| kplybon | 8216f27 | 2019-08-08 10:12:25 -0400 | [diff] [blame] | 1 | # OSS-Fuzz: Continuous Fuzzing for Open Source Software |
| Mike Aizatsky | 8f24df7 | 2016-10-25 14:31:45 -0700 | [diff] [blame] | 2 | |
| R. Elliott Childre | d70f793 | 2020-07-16 18:27:29 -0400 | [diff] [blame^] | 3 | [Fuzz testing] is a well-known technique for uncovering programming errors in |
| 4 | software. Many of these detectable errors, like [buffer overflow], can have |
| 5 | serious security implications. Google has found [thousands] of security |
| 6 | vulnerabilities and stability bugs by deploying [guided in-process fuzzing of |
| 7 | Chrome components], and we now want to share that service with the open source |
| 8 | community. |
| Mike Aizatsky | 8f24df7 | 2016-10-25 14:31:45 -0700 | [diff] [blame] | 9 | |
| R. Elliott Childre | d70f793 | 2020-07-16 18:27:29 -0400 | [diff] [blame^] | 10 | [Fuzz testing]: https://en.wikipedia.org/wiki/Fuzz_testing |
| 11 | [buffer overflow]: https://en.wikipedia.org/wiki/Buffer_overflow |
| Max Moroz | 40a183b | 2019-08-09 12:35:14 -0700 | [diff] [blame] | 12 | [thousands]: https://bugs.chromium.org/p/chromium/issues/list?q=label%3AStability-LibFuzzer%2CStability-AFL%20-status%3ADuplicate%2CWontFix&can=1 |
| R. Elliott Childre | d70f793 | 2020-07-16 18:27:29 -0400 | [diff] [blame^] | 13 | [guided in-process fuzzing of Chrome components]: https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html |
| Max Moroz | 40a183b | 2019-08-09 12:35:14 -0700 | [diff] [blame] | 14 | |
| R. Elliott Childre | d70f793 | 2020-07-16 18:27:29 -0400 | [diff] [blame^] | 15 | In cooperation with the [Core Infrastructure Initiative], OSS-Fuzz aims to make |
| 16 | common open source software more secure and stable by combining modern fuzzing |
| 17 | techniques with scalable, distributed execution. |
| Kostya Serebryany | b48c72b | 2016-11-18 16:47:25 -0800 | [diff] [blame] | 18 | |
| R. Elliott Childre | d70f793 | 2020-07-16 18:27:29 -0400 | [diff] [blame^] | 19 | [Core Infrastructure Initiative]: https://www.coreinfrastructure.org/ |
| Mike Aizatsky | 8f24df7 | 2016-10-25 14:31:45 -0700 | [diff] [blame] | 20 | |
| R. Elliott Childre | d70f793 | 2020-07-16 18:27:29 -0400 | [diff] [blame^] | 21 | We support the [libFuzzer], [AFL], and [Honggfuzz] fuzzing engines in |
| 22 | combination with [Sanitizers], as well as [ClusterFuzz], a distributed fuzzer |
| 23 | execution environment and reporting tool. |
| 24 | |
| 25 | [libFuzzer]: https://llvm.org/docs/LibFuzzer.html |
| 26 | [AFL]: https://lcamtuf.coredump.cx/afl/ |
| 27 | [Honggfuzz]: https://github.com/google/honggfuzz |
| 28 | [Sanitizers]: https://github.com/google/sanitizers |
| 29 | [ClusterFuzz]: https://github.com/google/clusterfuzz |
| 30 | |
| 31 | Currently, OSS-Fuzz supports C/C++, Rust, and Go code. Other languages supported |
| 32 | by [LLVM] may work too. OSS-Fuzz supports fuzzing x86_64 and i386 builds. |
| 33 | |
| 34 | [LLVM]: https://llvm.org |
| Kostya Serebryany | 229ffae | 2016-12-02 20:41:47 -0800 | [diff] [blame] | 35 | |
| kplybon | 8216f27 | 2019-08-08 10:12:25 -0400 | [diff] [blame] | 36 | ## Overview |
| 37 |  |
| 38 | |
| kplybon | 615ff3a | 2019-08-08 10:36:35 -0400 | [diff] [blame] | 39 | ## Documentation |
| R. Elliott Childre | d70f793 | 2020-07-16 18:27:29 -0400 | [diff] [blame^] | 40 | Read our [detailed documentation] to learn how to use OSS-Fuzz. |
| 41 | |
| 42 | [detailed documentation]: https://google.github.io/oss-fuzz |
| Max Moroz | aa9c257 | 2018-12-11 13:56:48 -0800 | [diff] [blame] | 43 | |
| Oliver Chang | 9e0c143 | 2016-10-25 20:44:34 -0700 | [diff] [blame] | 44 | ## Trophies |
| R. Elliott Childre | d70f793 | 2020-07-16 18:27:29 -0400 | [diff] [blame^] | 45 | As of June 2020, OSS-Fuzz has found over [20,000] bugs in [300] open source |
| 46 | projects. |
| Mike Aizatsky | 2681964 | 2016-10-06 14:02:52 -0700 | [diff] [blame] | 47 | |
| Abhishek Arya | 9abf69c | 2020-06-12 16:03:07 -0700 | [diff] [blame] | 48 | [20,000]: https://bugs.chromium.org/p/oss-fuzz/issues/list?q=-status%3AWontFix%2CDuplicate%20-component%3AInfra&can=1 |
| 49 | [300]: https://github.com/google/oss-fuzz/tree/master/projects |
| Mike Aizatsky | 2681964 | 2016-10-06 14:02:52 -0700 | [diff] [blame] | 50 | |
| Abhishek Arya | cf4af86 | 2019-08-07 07:37:16 -0700 | [diff] [blame] | 51 | ## Blog posts |
| R. Elliott Childre | d70f793 | 2020-07-16 18:27:29 -0400 | [diff] [blame^] | 52 | * 2016-12-01 - [Announcing OSS-Fuzz: Continuous fuzzing for open source software] |
| 53 | * 2017-05-08 - [OSS-Fuzz: Five months later, and rewarding projects] |
| 54 | * 2018-11-06 - [A New Chapter for OSS-Fuzz] |
| Abhishek Arya | cf4af86 | 2019-08-07 07:37:16 -0700 | [diff] [blame] | 55 | |
| R. Elliott Childre | d70f793 | 2020-07-16 18:27:29 -0400 | [diff] [blame^] | 56 | [Announcing OSS-Fuzz: Continuous fuzzing for open source software]: https://opensource.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html |
| 57 | [OSS-Fuzz: Five months later, and rewarding projects]: https://opensource.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html |
| 58 | [A New Chapter for OSS-Fuzz]: https://security.googleblog.com/2018/11/a-new-chapter-for-oss-fuzz.html |