minutes of ESC call ...

David Tardon dtardon at redhat.com
Thu Apr 6 14:27:17 UTC 2017


Hi,

On Thu, Apr 06, 2017 at 08:22:04AM +1000, Chris Sherlock wrote:
> > On 31 Mar 2017, at 10:59 pm, David Tardon <dtardon at redhat.com> wrote:
> > 
> >> On Thu, Mar 30, 2017 at 04:08:18PM +0100, Michael Meeks wrote:
> >> * Crashtest update (Caolan)
> >>    + Google / ossfuzz: 24 fuzzers active now, unchanged
> >>        + not added any more tests – existing giving out enough noise
> >>        + lots of horsepower: they are also testing for local leaks & hangs
> >>             + previously ignoring those; lots in this category.
> >>        + fast-hangs are more interesting than timeout – but fixing ...
> > 
> > As I missed the call yesterday...
> > 
> > I've started adding DLP libraries to oss-fuzz. There are 2 active fuzzers so far: for libmspub and OLE2 parser in librevenge. I have
> > submitted pull requests for 3 more: libcdr, libpagemaker and libwpd. Another 2, libwpg and libvisio, are in progress. I plan to add all the
> > libraries ultimately (if Google allows :-)
> > 
> > The yield is rather low, which is good. After all, the libraries have been fuzzed quite extensively in the past...
> > 
> > D.
> 
> Ah! After months (a year or more?) of being away from LO I noticed a whole bunch of fuzzing files... that's amazing work! A real boon for LibreOffice David, great work.

Actually the fuzzers in LibreOffice are Caolan's work. Fuzzers for DLP
libs are in the libs themselves.

> Is there a wiki page on how to use and integrate fuzzing? 

Nothing LibreOffice-specific, no. You can look at
https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md
and bin/oss-fuzz-build .

D.


More information about the LibreOffice mailing list