diff --git a/src/tools/ftfuzzer/README b/src/tools/ftfuzzer/README index f827d5ed1..b78123793 100644 --- a/src/tools/ftfuzzer/README +++ b/src/tools/ftfuzzer/README @@ -5,22 +5,25 @@ ftfuzzer ftfuzzer.cc ----------- -This file contains a target function for FreeType fuzzing. It can be used -with libFuzzer (http://llvm.org/docs/LibFuzzer.html) or potentially any -other similar fuzzer. +This file contains a target function for FreeType fuzzing. It can be +used with libFuzzer (http://llvm.org/docs/LibFuzzer.html) or +potentially any other similar fuzzer. Usage: - 1. Build `libfreetype.a' and `ftfuzzer.cc' using the most recent clang - compiler with these flags: + 1. Build `libfreetype.a' and `ftfuzzer.cc' using the most recent + clang compiler with these flags: - -fsanitize-coverage=edge,8bit-counters # for fuzzer coverage feedback - -fsanitize=address,signed-integer-overflow,shift # for bug checking + # for fuzzer coverage feedback + -fsanitize-coverage=edge,8bit-counters + # for bug checking + -fsanitize=address,signed-integer-overflow,shift - You also need the header files from `libarchive' for handling tar files - (see `ftmutator.cc' below for more). + You also need the header files from the `libarchive' library + (http://www.libarchive.org/) for handling tar files (see file + `ftmutator.cc' below for more). - 2. Link with `libFuzzer' (it contains main()) and `libarchive'. + 2. Link with `libFuzzer' (it contains `main') and `libarchive'. 3. Run the fuzzer on some test corpus. @@ -37,15 +40,15 @@ Check the bot configuration for the most current settings. ftmutator.cc ------------ -FreeType has the ability to `attach' auxiliary files to a font file, -providing additional information. The main usage is to load AFM files for -PostScript Type 1 fonts. +FreeType has the ability to `attach' auxiliary files to a font file, +providing additional information. The main usage is to load AFM files +for PostScript Type 1 fonts. -However, libFuzzer currently only supports mutation of a single input file. -For this reason, `ftmutator.cc' contains a custom fuzzer mutator that uses -an uncompressed tar file archive as the input. The first file in such a -tarball gets opened by FreeType as a font, all other files are treated as -input for `FT_Attach_Stream'. +However, libFuzzer currently only supports mutation of a single input +file. For this reason, `ftmutator.cc' contains a custom fuzzer +mutator that uses an uncompressed tar file archive as the input. The +first file in such a tarball gets opened by FreeType as a font, all +other files are treated as input for `FT_Attach_Stream'. Compilation is similar to `ftfuzzer.c'. @@ -53,8 +56,22 @@ Compilation is similar to `ftfuzzer.c'. runinput.cc ----------- -To run the target function on a set of input files, this file contains a -convenience main() function. Link it with `ftfuzzer.cc', `libfreetype.a', -and `libarchive' and run like +To run the target function on a set of input files, this file contains +a convenience `main' function. Link it with `ftfuzzer.cc', +`libfreetype.a', and `libarchive' and run like ./a.out my_tests_inputs/* + +---------------------------------------------------------------------- + +Copyright 2015 by +David Turner, Robert Wilhelm, and Werner Lemberg. + +This file is part of the FreeType project, and may only be used, +modified, and distributed under the terms of the FreeType project +license, LICENSE.TXT. By continuing to use, modify, or distribute +this file you indicate that you have read the license and understand +and accept it fully. + + +--- end of README --- diff --git a/src/tools/ftfuzzer/ftfuzzer.cc b/src/tools/ftfuzzer/ftfuzzer.cc index a232c682e..b33ed22c8 100644 --- a/src/tools/ftfuzzer/ftfuzzer.cc +++ b/src/tools/ftfuzzer/ftfuzzer.cc @@ -1,3 +1,17 @@ +// ftfuzzer.cc +// +// A fuzzing function to test FreeType with libFuzzer. +// +// Copyright 2015 by +// David Turner, Robert Wilhelm, and Werner Lemberg. +// +// This file is part of the FreeType project, and may only be used, +// modified, and distributed under the terms of the FreeType project +// license, LICENSE.TXT. By continuing to use, modify, or distribute +// this file you indicate that you have read the license and +// understand and accept it fully. + + // we use `unique_ptr', `decltype', and other gimmicks defined since C++11 #if __cplusplus < 201103L # error "a C++11 compiler is needed" diff --git a/src/tools/ftfuzzer/ftmutator.cc b/src/tools/ftfuzzer/ftmutator.cc index 1223ba27d..a7a4e08a7 100644 --- a/src/tools/ftfuzzer/ftmutator.cc +++ b/src/tools/ftfuzzer/ftmutator.cc @@ -1,11 +1,24 @@ -// A custom fuzzer mutator for FreeType. +// ftmutator.cc // +// A custom fuzzer mutator to test for FreeType with libFuzzer. +// +// Copyright 2015 by +// David Turner, Robert Wilhelm, and Werner Lemberg. +// +// This file is part of the FreeType project, and may only be used, +// modified, and distributed under the terms of the FreeType project +// license, LICENSE.TXT. By continuing to use, modify, or distribute +// this file you indicate that you have read the license and +// understand and accept it fully. + + // Since `tar' is not a valid format for input to FreeType, treat any input // that looks like `tar' as multiple files and mutate them separately. // // In the future, a variation of this may be used to guide mutation on a // logically higher level. + // we use `unique_ptr', `decltype', and other gimmicks defined since C++11 #if __cplusplus < 201103L # error "a C++11 compiler is needed" diff --git a/src/tools/ftfuzzer/runinput.cc b/src/tools/ftfuzzer/runinput.cc index 9de6fb65e..d46e9e5de 100644 --- a/src/tools/ftfuzzer/runinput.cc +++ b/src/tools/ftfuzzer/runinput.cc @@ -1,3 +1,17 @@ +// runinput.cc +// +// A `main' function for `ftfuzzer.cc'. +// +// Copyright 2015 by +// David Turner, Robert Wilhelm, and Werner Lemberg. +// +// This file is part of the FreeType project, and may only be used, +// modified, and distributed under the terms of the FreeType project +// license, LICENSE.TXT. By continuing to use, modify, or distribute +// this file you indicate that you have read the license and +// understand and accept it fully. + + #include #include #include @@ -41,4 +55,4 @@ } -/* END */ +// END