Getting seeds into oss-fuzz

Andrew Bartlett abartlet at
Thu Feb 27 02:11:42 UTC 2020

G'Day Gary,

We discussed in person a long-delayed task for the fuzzing effort,
which is to provide oss-fuzz with good seeds for each of our fuzz
targets.  It would be awesome if you can slow-burn at this when you get
some cycles.

For the NDR targets, we do have a source of good seeds, because we
changed make test to save them.  We need to provide some for the other
fuzzers, like LDIF examples, LDAP packets, DNs and ini files etc.

The specification for how the zip file should be constructed is here:

The script to be modified is lib/fuzzing/oss-fuzz/

This needs to be extended to prepare the zip files of seeds. 

The zip file needs to be along-side the binary in $OUT named
$, with each file being the SHA1 of its contents
(many of our existing seeds are not named this way).. 

See for example this from nss:
and tor:

The seeds should be in their own git repo, with a specific revision
checked out over https:// at build time: I've just created

We should grab a copy of Google's Corpara:

Then add in the seeds from Douglas (just ask him in person), both from
a 'make test' and hongfuzz on the make test seeds, which he can share
with you.  Some of these will need to be split up into _IN, _OUT and
_STRUCT as the 'make test' system created one directory per pipe, and
we split the fuzzers up later.

Finally, we should run our fuzzers against the zip files (unzipped) in 
lib/fuzzing/oss-fuzz/, to show that this all works.

All in all a lot of work, but we can chip away at it.

To test, clone

./infra/ build_image samba
./infra/ shell samba

Run 'compile' in the shell after changing code and pulling into the
checkout there.

To run end-to-end you can change projects/samba/Dockerfile to point at
your repo and run

./infra/ build_image samba

./infra/ build_fuzzers samba

./infra/ run_fuzzers samba $fuzzer_name

Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team
Samba Development and Support, Catalyst IT - Expert Open Source

More information about the samba-technical mailing list