search

google / oss-fuzz

OSS-Fuzz - continuous fuzzing for open source software.
https://google.github.io/oss-fuzz
Apache License 2.0
10.15k stars 2.16k forks source link

Suggestion to add a note in documentation about LLVMFuzzerTestOneInput return value support by Honggfuzz. #11983

Open kasper93 opened 1 month ago

kasper93 commented 1 month ago

LibFuzzer supports rejecting unwanted inputs with return -1 https://llvm.org/docs/LibFuzzer.html#rejecting-unwanted-inputs One may read this documentation and implement fuzzers that return -1 from LLVMFuzzerTestOneInput. Problem is, Honggfuzz has never been updated to support this and any other return value than 0 is fatal error. LOG_F calls exit(EXIT_FAILURE) https://github.com/google/honggfuzz/blob/348a47213919f14b9453e89a663b1515369bd9a2/libhfuzz/persistent.c#L67

Maybe it is on fuzzers developer to know that, but in my opinion would be nice to have a note/warning about this and if possible update Honggfuzz to at lest not exit on -1. Also it could be reported somehow, now it just resets the persistent process and goes on without feedback, except log file.

jonathanmetzman commented 1 month ago

This is a good find. I'm not really sure where we would put it though in the docs, but we are happy to accept any PRs :-)

Even better would be upstreaming a patch to honggfuzz to accept this behavior :-)