Issue 900481 link

Starred by 2 users

Issue metadata

Status:	Fixed
Owner:	infe...@chromium.org
Closed:	Nov 16
Cc:	pwnall@chromium.org mmoroz@chromium.org
Components:	Tools>Stability>FuzzTarget
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	1
Type:	Bug

better snappy fuzzing

Project Member Reported by och...@chromium.org, Oct 31

Issue description

Snappy is used in the browser process, and is currently being fuzzed: https://cs.chromium.org/chromium/src/testing/libfuzzer/fuzzers/snappy_fuzzer.cc?q=snappy+fuzzer&sq=package:chromium&dr=CSs

However, its coverage is a bit low at 36% (https://chromium-coverage.appspot.com/reports/600954_fuzzers_only/linux/chromium/src/third_party/snappy/report.html)

We should try to improve this.

Comment 1 by mmoroz@chromium.org, Oct 31

(bulk comment)

To see the most recent code coverage report produced by the fuzz targets, use "latest" instead of the revision number in the URL to https://chromium-coverage.appspot.com/.

For example, https://chromium-coverage.appspot.com/reports/601457_fuzzers_only/linux/index.html needs to be changed to https://chromium-coverage.appspot.com/reports/latest_fuzzers_only/linux/index.html.

Comment 2 by infe...@chromium.org, Nov 15

Cc: pwnall@chromium.org
Owner: infe...@chromium.org
Status: Started (was: Untriaged)

Project Member

Comment 3 by bugdroid1@chromium.org, Nov 15

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4feb92de87a9024414b2bf23b83a3b2eef9662c6

commit 4feb92de87a9024414b2bf23b83a3b2eef9662c6
Author: Abhishek Arya <inferno@chromium.org>
Date: Thu Nov 15 23:55:57 2018

Add snappy compress fuzzer.

Also, rename snappy_fuzzer to snappy_uncompress_fuzzer.

R=mmoroz@chromium.org,pwnall@chromium.org

Bug:  900481 
Change-Id: I83fa8be129f34dc2cbed4a21492139cea32c2044
Reviewed-on: https://chromium-review.googlesource.com/c/1337811
Commit-Queue: Abhishek Arya <inferno@chromium.org>
Reviewed-by: Max Moroz <mmoroz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#608584}
[modify] https://crrev.com/4feb92de87a9024414b2bf23b83a3b2eef9662c6/testing/libfuzzer/fuzzers/BUILD.gn
[add] https://crrev.com/4feb92de87a9024414b2bf23b83a3b2eef9662c6/testing/libfuzzer/fuzzers/snappy_compress_fuzzer.cc
[rename] https://crrev.com/4feb92de87a9024414b2bf23b83a3b2eef9662c6/testing/libfuzzer/fuzzers/snappy_uncompress_fuzzer.cc

Comment 4 by infe...@chromium.org, Nov 16

Status: Fixed (was: Started)

from 36%(https://chromium-coverage.appspot.com/reports/608536_fuzzers_only/linux/chromium/src/third_party/snappy/report.html) to 72%(https://chromium-coverage.appspot.com/reports/608626_fuzzers_only/linux/chromium/src/third_party/snappy/report.html), and rest of the functions look uninteresting.

►

Issue 900481 link

Issue metadata

better snappy fuzzing

Issue description

Comment 1 by mmoroz@chromium.org, Oct 31

Comment 1 Deleted

Comment 2 by infe...@chromium.org, Nov 15

Comment 2 Deleted

Comment 3 by bugdroid1@chromium.org, Nov 15

Comment 3 Deleted

Comment 4 by infe...@chromium.org, Nov 16

Comment 4 Deleted

Sign in to add a comment