20 lines
708 B
Markdown
20 lines
708 B
Markdown
# ODK Fuzzing
|
|
|
|
## Objective
|
|
|
|
* Run fuzzing on ODK and KDO serialize and deserialize APIs using google
|
|
supported fuzzer engines to find security vulnerabilities. Any issues found
|
|
by clusterfuzz will be reported to
|
|
[odk fuzz buganizer](https://b.corp.google.com/issues?q=componentid:425099%20status:open%20reporter:cluster-fuzz-googleplex@google.com).
|
|
|
|
## Run fuzz target on local machine
|
|
|
|
* In order to run fuzz target locally and see code coverage, save binary input
|
|
to be tested against fuzz target into a temporary corpus directory and
|
|
execute following commands
|
|
|
|
```shell
|
|
$ blaze build --config=asan-fuzzer //your:target
|
|
$ blaze-bin/your/target FULL_CORPUS_DIR
|
|
```
|