Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / oss-fuzz / refs/heads/int/12/fp4 / . / README.md
blob: 4e5474a05a165022b9e227ef0a3f371d64ae3cc2 [file] [log] [blame] [view]
kplybon8216f272019-08-08 10:12:25 -0400[diff] [blame]1# OSS-Fuzz: Continuous Fuzzing for Open Source Software
Mike Aizatsky8f24df72016-10-25 14:31:45 -0700[diff] [blame]2
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]3[Fuzz testing] is a well-known technique for uncovering programming errors in
4software. Many of these detectable errors, like [buffer overflow], can have
5serious security implications. Google has found [thousands] of security
6vulnerabilities and stability bugs by deploying [guided in-process fuzzing of
7Chrome components], and we now want to share that service with the open source
8community.
Mike Aizatsky8f24df72016-10-25 14:31:45 -0700[diff] [blame]9
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]10[Fuzz testing]: https://en.wikipedia.org/wiki/Fuzz_testing
11[buffer overflow]: https://en.wikipedia.org/wiki/Buffer_overflow
Max Moroz40a183b2019-08-09 12:35:14 -0700[diff] [blame]12[thousands]: https://bugs.chromium.org/p/chromium/issues/list?q=label%3AStability-LibFuzzer%2CStability-AFL%20-status%3ADuplicate%2CWontFix&can=1
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]13[guided in-process fuzzing of Chrome components]: https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html
Max Moroz40a183b2019-08-09 12:35:14 -0700[diff] [blame]14
Abhishek Arya08254b92020-12-21 13:43:26 -0800[diff] [blame]15In cooperation with the [Core Infrastructure Initiative] and the [OpenSSF],
16OSS-Fuzz aims to make common open source software more secure and stable by
17combining modern fuzzing techniques with scalable, distributed execution.
Kostya Serebryanyb48c72b2016-11-18 16:47:25 -0800[diff] [blame]18
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]19[Core Infrastructure Initiative]: https://www.coreinfrastructure.org/
dlorenc0d45ca82020-12-13 11:10:51 -0600[diff] [blame]20[OpenSSF]: https://www.openssf.org/
Mike Aizatsky8f24df72016-10-25 14:31:45 -0700[diff] [blame]21
Abhishek Arya65d4f8e2021-01-26 15:29:02 -0800[diff] [blame]22We support the [libFuzzer], [AFL++], and [Honggfuzz] fuzzing engines in
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]23combination with [Sanitizers], as well as [ClusterFuzz], a distributed fuzzer
24execution environment and reporting tool.
25
26[libFuzzer]: https://llvm.org/docs/LibFuzzer.html
Abhishek Arya65d4f8e2021-01-26 15:29:02 -0800[diff] [blame]27[AFL++]: https://github.com/AFLplusplus/AFLplusplus
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]28[Honggfuzz]: https://github.com/google/honggfuzz
29[Sanitizers]: https://github.com/google/sanitizers
30[ClusterFuzz]: https://github.com/google/clusterfuzz
31
Fabian Meumertzheim4b5cbcf2021-03-22 22:17:52 +0100[diff] [blame]32Currently, OSS-Fuzz supports C/C++, Rust, Go, Python and Java/JVM code. Other languages
Abhishek Arya08254b92020-12-21 13:43:26 -0800[diff] [blame]33supported by [LLVM] may work too. OSS-Fuzz supports fuzzing x86_64 and i386
34builds.
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]35
36[LLVM]: https://llvm.org
Kostya Serebryany229ffae2016-12-02 20:41:47 -0800[diff] [blame]37
kplybon8216f272019-08-08 10:12:25 -0400[diff] [blame]38## Overview
39![OSS-Fuzz process diagram](docs/images/process.png)
40
kplybon615ff3a2019-08-08 10:36:35 -0400[diff] [blame]41## Documentation
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]42Read our [detailed documentation] to learn how to use OSS-Fuzz.
43
44[detailed documentation]: https://google.github.io/oss-fuzz
Max Morozaa9c2572018-12-11 13:56:48 -0800[diff] [blame]45
Oliver Chang9e0c1432016-10-25 20:44:34 -0700[diff] [blame]46## Trophies
Abhishek Arya08254b92020-12-21 13:43:26 -0800[diff] [blame]47As of January 2021, OSS-Fuzz has found over [25,000] bugs in [375] open source
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]48projects.
Mike Aizatsky26819642016-10-06 14:02:52 -0700[diff] [blame]49
Abhishek Arya08254b92020-12-21 13:43:26 -0800[diff] [blame]50[25,000]: https://bugs.chromium.org/p/oss-fuzz/issues/list?q=-status%3AWontFix%2CDuplicate%20-component%3AInfra&can=1
51[375]: https://github.com/google/oss-fuzz/tree/master/projects
Mike Aizatsky26819642016-10-06 14:02:52 -0700[diff] [blame]52
Abhishek Aryacf4af862019-08-07 07:37:16 -0700[diff] [blame]53## Blog posts
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]54* 2016-12-01 - [Announcing OSS-Fuzz: Continuous fuzzing for open source software]
55* 2017-05-08 - [OSS-Fuzz: Five months later, and rewarding projects]
56* 2018-11-06 - [A New Chapter for OSS-Fuzz]
dlorenc0d45ca82020-12-13 11:10:51 -0600[diff] [blame]57* 2020-10-09 - [Fuzzing internships for Open Source Software]
58* 2020-12-07 - [Improving open source security during the Google summer internship program]
Abhishek Aryacf4af862019-08-07 07:37:16 -0700[diff] [blame]59
R. Elliott Childred70f7932020-07-16 18:27:29 -0400[diff] [blame]60[Announcing OSS-Fuzz: Continuous fuzzing for open source software]: https://opensource.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html
61[OSS-Fuzz: Five months later, and rewarding projects]: https://opensource.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html
62[A New Chapter for OSS-Fuzz]: https://security.googleblog.com/2018/11/a-new-chapter-for-oss-fuzz.html
dlorenc0d45ca82020-12-13 11:10:51 -0600[diff] [blame]63[Fuzzing internships for Open Source Software]: https://security.googleblog.com/2020/10/fuzzing-internships-for-open-source.html
64[Improving open source security during the Google summer internship program]: https://security.googleblog.com/2020/12/improving-open-source-security-during.html