Re: [PATCH 00/14] Introduce fuzzing of XML formats
On Tue, Aug 27, 2024 at 11:07 AM Martin Kletzander <mkletzan(a)redhat.com> wrote:
That was unfortunate, but since Rayhan had the first implementation done
in a very short time we rather spent the rest of the time enhancing the
fuzzing and it definitely bore fruit -- some of the found things are
fixed, some are still waiting for a patch or two.
The crucial part of this is the existing libprotobuf-mutator which is
already in C++ and does provide very specific C++ APIs.
Another approach (except writing our own mutator) would be to keep the
code in a separate repository. I'm not completely sure whether we would
still need the code modifications, I don't remember our discussions
about whether the fuzzing compilation could work with all current
libvirt code compiled as C and only the fuzzing parts compiled in C++.
All the existing code is indeed still compiled as C. Only the fuzzing
executables (under tests/fuzz/) are compiled in C++ and linked to
those C objects. We still do need some of the minor code modifications
(in PATCH 1) because existing C headers are sometimes interpreted a
bit differently from the fuzzer's PoV, even with C linkage.
There are still some other code modifications in tests/ and src/ for a
few other fuzzers (mostly hotplug and CH) to make fuzzing easier.
I agree that we could keep it as a separate repo, perhaps a
subproject. I have seen some projects keep their fuzzing code separate
(mostly on oss-fuzz).
--
Rayhan Faizel