widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a285b363d9fabb64b31d27cdba912f25de6f75f9
android/libwvdrmengine/aidl_src/fuzzer/README.md
Edwin Wong a285b363d9 Fuzz Widevine AIDL drmFactory binder interface. 
[Merged from http://go/wvgerrit/152150 ]

Test: build and run test

Bug: 226948319
Change-Id: I717d119cbf455fe76e4bb1f818d00141f4e7fa7c
2022-06-26 05:49:03 +00:00

1.2 KiB
Raw Blame History

About Widevine aidl binder fuzzer

Build the binaries

See go/build-fast to setup the RBE environment.

From Android root:

  1. source build/make/rbesetup.sh
  2. SANITIZE_TARGET=hwaddress m android.hardware.drm-service.widevine.aidl_fuzzer -j128

Push to target for testing

adb push $(OUT)/data/fuzz/arm64/lib/ /data/fuzz/arm64/lib/

Run test

adb shell
cd /data/fuzz/arm64
LD_LIBRARY_PATH=/data/fuzz/arm65/lib /data/fuzz/arm64/android.hardware.drm-service.widevine.aidl_fuzzer/vendor/hw/android.hardware.drm-service.widevine.aidl_fuzzer

Monitoring

By using cc_fuzz in Android.bp, the fuzz binary and its dependency sanitized shared libraries will be installed on the device.
Libraries are installed in /data/fuzz/<arch>/lib, and the binary is installed in /data/fuzz/&ltarch&gt/&ltbinary_name&gt/vendor/hw.

Within 24-48 hours of merge, you can monitor the coverage data here.
Bugs will be filed automatically, and the owner of the fuzzer(the cc in the config section) will be notified.