7be3fd486c
|
||
|---|---|---|
| .. | ||
| seeds/CVE_2020_9589 | ||
| Android.bp | ||
| README.md | ||
| dng_parser_fuzzer.cpp | ||
README.md
Fuzzing DNG SDK
This fuzzer is intented to do a varian analysis of the issue reported in b/156261521.
Here is a list of some CVEs previously discovered in DNG SDK:
- CVE-2020-9589
- CVE-2020-9590
- CVE-2020-9620
- CVE-2020-9621
- CVE-2020-9622
- CVE-2020-9623
- CVE-2020-9624
- CVE-2020-9625
- CVE-2020-9626
- CVE-2020-9627
- CVE-2020-9628
- CVE-2020-9629
Building & running the fuzz target: Android device
It is recommended to set rss limit to higher values (such as 4096) when running the fuzzer to avoid frequent OOM libFuzzer crashes.
$ source build/envsetup.sh
$ lunch aosp_arm64-eng
$ SANITIZE_TARGET=hwaddress make dng_parser_fuzzer
$ adb sync data
$ adb shell /data/fuzz/arm64/dng_parser_fuzzer/dng_parser_fuzzer \
$ -rss_limit=4096 \
$ /data/fuzz/arm64/dng_parser_fuzzer/corpus
Building & running the fuzz target: Host
$ source build/envsetup.sh
$ lunch aosp_x86_64-eng
$ SANITIZE_HOST=address make dng_parser_fuzzer
$ LD_LIBRARY_PATH=$ANDROID_HOST_OUT/fuzz/x86_64/lib/ \
$ $ANDROID_HOST_OUT/fuzz/x86_64/dng_parser_fuzzer/dng_parser_fuzzer \
$ -rss_limit_mb=4096 \
$ $ANDROID_HOST_OUT/fuzz/x86_64/dng_parser_fuzzer/corpus/