search

google / oss-fuzz

OSS-Fuzz - continuous fuzzing for open source software.
https://google.github.io/oss-fuzz
Apache License 2.0
10.33k stars 2.2k forks source link

Error in build.sh of project FFmpeg which causes libfuzzer instrumentation not built into library. #767

Closed singleghost closed 7 years ago

singleghost commented 7 years ago

I supposed that there may be an error in the build.sh of project FFmpeg. I use the docker image to compile the FFmpeg library, but when I'm running the fuzzing target, I observed that the coverage was being very low all the time. image

I guessed that the problem may exist in the build.sh script. After exploring for a while, I found that when executing ./configure, the $CXXFLAGS is not passed to the --cc switch and --cxx switch of the configure script. 

# Build ffmpeg.
cd $SRC/ffmpeg
PKG_CONFIG_PATH="$FFMPEG_DEPS_PATH/lib/pkgconfig" ./configure \
    --cc=$CC --cxx=$CXX --ld="$CXX $CXXFLAGS -std=c++11" \ #Error in this line. 
# $CXXFLAGS should be passed to '--cc' switch and '--cxx' switch not only '--ld' switch

I suppose that below is the correct version.

# Build ffmpeg.
cd $SRC/ffmpeg
PKG_CONFIG_PATH="$FFMPEG_DEPS_PATH/lib/pkgconfig" ./configure \
    --cc="$CC $CFLAGS" --cxx="$CXX $CXXFLAGS" --ld="$CXX $CXXFLAGS -std=c++11" \ #Error in this line. 
# $CXXFLAGS should be passed to '--cc' switch and '--cxx' switch not only '--ld' switch

After editing the build.sh file, rerun the fuzz target and the coverage increases quickly. image

oliverchang commented 7 years ago

@michaelni can you please take a look?

@Dor1s did your bad build check catch this?

Dor1s commented 7 years ago

Yes, the check should catch stuff like that, but let me verify, maybe even incorrect ffmpeg build shows values that are greater than the threshold.

@singleghost, how did you build the fuzzers? Did you use python infra/helper.py build_fuzzers ffmpeg?

Dor1s commented 7 years ago

One more question, which fuzz target are you running?

Dor1s commented 7 years ago

I've just made two builds locally:

1) using python infra/helper.py build_fuzzers ffmpeg which simulates OSS-Fuzz builder

2) manually with your version of build.sh file

Then, I calculated number of edges for each fuzzer using the following command:

sancov -print-coverage-pcs $FUZZER | wc -l

Finally, below is the difference between number of edges for each fuzzer, i.e. number_of_edges_build_2 - number_of_edges_build_1:

ffmpeg_AV_CODEC_ID_GDV_fuzzer: 0
ffmpeg_AV_CODEC_ID_ZMBV_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_AMV_fuzzer: 0
ffmpeg_AV_CODEC_ID_BMP_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_U16BE_fuzzer: 0
ffmpeg_AV_CODEC_ID_V408_fuzzer: 0
ffmpeg_AV_CODEC_ID_XFACE_fuzzer: 0
ffmpeg_AV_CODEC_ID_MMVIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S32LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPEG4_fuzzer: 0
ffmpeg_AV_CODEC_ID_GSM_fuzzer: 0
ffmpeg_AV_CODEC_ID_CLLC_fuzzer: 0
ffmpeg_AV_CODEC_ID_VMNC_fuzzer: 0
ffmpeg_AV_CODEC_ID_GIF_fuzzer: 0
ffmpeg_AV_CODEC_ID_MJPEG_CUVID_fuzzer: 0
ffmpeg_AV_CODEC_ID_SGI_fuzzer: 0
ffmpeg_AV_CODEC_ID_WAVPACK_fuzzer: 0
ffmpeg_AV_CODEC_ID_INDEO4_fuzzer: 0
ffmpeg_AV_CODEC_ID_REALTEXT_fuzzer: 0
ffmpeg_AV_CODEC_ID_VP6F_fuzzer: 0
ffmpeg_AV_CODEC_ID_RV30_fuzzer: 0
ffmpeg_AV_CODEC_ID_PRORES_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_DTK_fuzzer: 0
ffmpeg_AV_CODEC_ID_MP3FLOAT_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_PSX_fuzzer: 0
ffmpeg_AV_CODEC_ID_AASC_fuzzer: 0
ffmpeg_AV_CODEC_ID_VORBIS_fuzzer: 0
ffmpeg_AV_CODEC_ID_LIBVORBIS_fuzzer: 0
ffmpeg_AV_CODEC_ID_NUV_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S64BE_fuzzer: 0
ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer: 0
ffmpeg_AV_CODEC_ID_R210_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_EA_fuzzer: 0
ffmpeg_AV_CODEC_ID_BMV_AUDIO_fuzzer: 0
ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer: 0
ffmpeg_AV_CODEC_ID_AURA2_fuzzer: 0
ffmpeg_AV_CODEC_ID_VC1_CUVID_fuzzer: 0
ffmpeg_AV_CODEC_ID_AURA_fuzzer: 0
ffmpeg_AV_CODEC_ID_YUV4_fuzzer: 0
ffmpeg_AV_CODEC_ID_EIGHTSVX_EXP_fuzzer: 0
ffmpeg_AV_CODEC_ID_AVS_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_BLURAY_fuzzer: 0
ffmpeg_AV_CODEC_ID_TSCC_fuzzer: 0
ffmpeg_AV_CODEC_ID_AAC_fuzzer: 0
ffmpeg_AV_CODEC_ID_VP8_fuzzer: 0
ffmpeg_AV_CODEC_ID_FLIC_fuzzer: 0
ffmpeg_AV_CODEC_ID_MSVIDEO1_fuzzer: 0
ffmpeg_AV_CODEC_ID_INTERPLAY_DPCM_fuzzer: 0
ffmpeg_AV_CODEC_ID_VP6_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPL2_fuzzer: 0
ffmpeg_AV_CODEC_ID_VP3_fuzzer: 0
ffmpeg_AV_CODEC_ID_ESCAPE124_fuzzer: 0
ffmpeg_AV_CODEC_ID_TIFF_fuzzer: 0
ffmpeg_AV_CODEC_ID_BINK_fuzzer: 0
ffmpeg_AV_CODEC_ID_MP3ADU_fuzzer: 0
ffmpeg_AV_CODEC_ID_H263_fuzzer: 0
ffmpeg_AV_CODEC_ID_TRUEMOTION1_fuzzer: 0
ffmpeg_AV_CODEC_ID_ZERO12V_fuzzer: 0
ffmpeg_AV_CODEC_ID_VMDVIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_INDEO2_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_DK4_fuzzer: 0
ffmpeg_AV_CODEC_ID_SUNRAST_fuzzer: 0
ffmpeg_AV_CODEC_ID_VB_fuzzer: 0
ffmpeg_AV_CODEC_ID_H264_fuzzer: 0
ffmpeg_AV_CODEC_ID_PAM_fuzzer: 0
ffmpeg_AV_CODEC_ID_SRT_fuzzer: 0
ffmpeg_AV_CODEC_ID_PIXLET_fuzzer: 0
ffmpeg_AV_CODEC_ID_HUFFYUV_fuzzer: 0
ffmpeg_AV_CODEC_ID_SPEEDHQ_fuzzer: 0
ffmpeg_AV_CODEC_ID_DDS_fuzzer: 0
ffmpeg_AV_CODEC_ID_ATRAC3PAL_fuzzer: 0
ffmpeg_AV_CODEC_ID_LOCO_fuzzer: 0
ffmpeg_AV_CODEC_ID_BETHSOFTVID_fuzzer: 0
ffmpeg_AV_CODEC_ID_FIC_fuzzer: 0
ffmpeg_AV_CODEC_ID_IDF_fuzzer: 0
ffmpeg_AV_CODEC_ID_SAMI_fuzzer: 0
ffmpeg_AV_CODEC_ID_PGM_fuzzer: 0
ffmpeg_AV_CODEC_ID_DSICINVIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_QDMC_fuzzer: 0
ffmpeg_AV_CODEC_ID_PTX_fuzzer: 0
ffmpeg_AV_CODEC_ID_SOL_DPCM_fuzzer: 0
ffmpeg_AV_CODEC_ID_XAN_DPCM_fuzzer: 0
ffmpeg_AV_CODEC_ID_WMAPRO_fuzzer: 0
ffmpeg_AV_CODEC_ID_TWINVQ_fuzzer: 0
ffmpeg_AV_CODEC_ID_VP9_CUVID_fuzzer: 0
ffmpeg_AV_CODEC_ID_MSRLE_fuzzer: 0
ffmpeg_AV_CODEC_ID_SMC_fuzzer: 0
ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer: 0
ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer: 0
ffmpeg_AV_CODEC_ID_DNXHD_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_U24BE_fuzzer: 0
ffmpeg_AV_CODEC_ID_QPEG_fuzzer: 0
ffmpeg_AV_CODEC_ID_MSZH_fuzzer: 0
ffmpeg_AV_CODEC_ID_TRUEHD_fuzzer: 0
ffmpeg_AV_CODEC_ID_M101_fuzzer: 0
ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer: 0
ffmpeg_AV_CODEC_ID_CYUV_fuzzer: 0
ffmpeg_AV_CODEC_ID_DVVIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_CAVS_fuzzer: 0
ffmpeg_AV_CODEC_ID_MP1FLOAT_fuzzer: 0
ffmpeg_AV_CODEC_ID_ZLIB_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_U32BE_fuzzer: 0
ffmpeg_AV_CODEC_ID_MIMIC_fuzzer: 0
ffmpeg_AV_CODEC_ID_INDEO3_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_EA_R3_fuzzer: 0
ffmpeg_AV_CODEC_ID_H264_CUVID_fuzzer: 0
ffmpeg_AV_CODEC_ID_RSCC_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_THP_LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_WMV3_fuzzer: 0
ffmpeg_AV_CODEC_ID_NELLYMOSER_fuzzer: 0
ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S8_PLANAR_fuzzer: 0
ffmpeg_AV_CODEC_ID_SMVJPEG_fuzzer: 0
ffmpeg_AV_CODEC_ID_LAGARITH_fuzzer: 0
ffmpeg_AV_CODEC_ID_MSMPEG4V3_fuzzer: 0
ffmpeg_AV_CODEC_ID_WMAV1_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_AICA_fuzzer: 0
ffmpeg_AV_CODEC_ID_IMC_fuzzer: 0
ffmpeg_AV_CODEC_ID_SUBVIEWER_fuzzer: 0
ffmpeg_AV_CODEC_ID_HQ_HQA_fuzzer: 0
ffmpeg_AV_CODEC_ID_C93_fuzzer: 0
ffmpeg_AV_CODEC_ID_CPIA_fuzzer: 0
ffmpeg_AV_CODEC_ID_MP3_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S32BE_fuzzer: 0
ffmpeg_AV_CODEC_ID_FLASHSV2_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_SBPRO_4_fuzzer: 0
ffmpeg_AV_CODEC_ID_INTERPLAY_VIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_TARGA_Y216_fuzzer: 0
ffmpeg_AV_CODEC_ID_XL_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_U32LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_MP3ON4_fuzzer: 0
ffmpeg_AV_CODEC_ID_DXA_fuzzer: 0
ffmpeg_AV_CODEC_ID_ZEROCODEC_fuzzer: 0
ffmpeg_AV_CODEC_ID_DXTORY_fuzzer: 0
ffmpeg_AV_CODEC_ID_SGIRLE_fuzzer: 0
ffmpeg_AV_CODEC_ID_SMACKAUD_fuzzer: 0
ffmpeg_AV_CODEC_ID_CDXL_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_VIMA_fuzzer: 0
ffmpeg_AV_CODEC_ID_SRGC_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_F24LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_WNV1_fuzzer: 0
ffmpeg_AV_CODEC_ID_XMA2_fuzzer: 0
ffmpeg_AV_CODEC_ID_PAF_VIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_ON2AVC_fuzzer: 0
ffmpeg_AV_CODEC_ID_DST_fuzzer: 0
ffmpeg_AV_CODEC_ID_DSD_LSBF_PLANAR_fuzzer: 0
ffmpeg_AV_CODEC_ID_MVC1_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_F16LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_LXF_fuzzer: 0
ffmpeg_AV_CODEC_ID_PPM_fuzzer: 0
ffmpeg_AV_CODEC_ID_WMV3_VDPAU_fuzzer: 0
ffmpeg_AV_CODEC_ID_V210_fuzzer: 0
ffmpeg_AV_CODEC_ID_ESCAPE130_fuzzer: 0
ffmpeg_AV_CODEC_ID_GREMLIN_DPCM_fuzzer: 0
ffmpeg_AV_CODEC_ID_WMV1_fuzzer: 0
ffmpeg_AV_CODEC_ID_DSD_MSBF_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_MTAF_fuzzer: 0
ffmpeg_AV_CODEC_ID_BFI_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_F64LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_ASV2_fuzzer: 0
ffmpeg_AV_CODEC_ID_MSMPEG4V1_fuzzer: 0
ffmpeg_AV_CODEC_ID_SSA_fuzzer: 0
ffmpeg_AV_CODEC_ID_SANM_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_MS_fuzzer: 0
ffmpeg_AV_CODEC_ID_OPUS_fuzzer: 0
ffmpeg_AV_CODEC_ID_H263P_fuzzer: 0
ffmpeg_AV_CODEC_ID_CFHD_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_ALAW_fuzzer: 0
ffmpeg_AV_CODEC_ID_QDRAW_fuzzer: 0
ffmpeg_AV_CODEC_ID_THP_fuzzer: 0
ffmpeg_AV_CODEC_ID_FLAC_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_QT_fuzzer: 0
ffmpeg_AV_CODEC_ID_PSD_fuzzer: 0
ffmpeg_AV_CODEC_ID_RPZA_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_SMJPEG_fuzzer: 0
ffmpeg_AV_CODEC_ID_MOTIONPIXELS_fuzzer: 0
ffmpeg_AV_CODEC_ID_BMV_VIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_FFV1_fuzzer: 0
ffmpeg_AV_CODEC_ID_HEVC_CUVID_fuzzer: 0
ffmpeg_AV_CODEC_ID_FRWU_fuzzer: 0
ffmpeg_AV_CODEC_ID_PRORES_LGPL_fuzzer: 0
ffmpeg_AV_CODEC_ID_RV40_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_CT_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_DVD_fuzzer: 0
ffmpeg_AV_CODEC_ID_XBIN_fuzzer: 0
ffmpeg_AV_CODEC_ID_WEBVTT_fuzzer: 0
ffmpeg_AV_CODEC_ID_XBM_fuzzer: 0
ffmpeg_AV_CODEC_ID_COOK_fuzzer: 0
ffmpeg_AV_CODEC_ID_MP2FLOAT_fuzzer: 0
ffmpeg_AV_CODEC_ID_PJS_fuzzer: 0
ffmpeg_AV_CODEC_ID_FRAPS_fuzzer: 0
ffmpeg_AV_CODEC_ID_BRENDER_PIX_fuzzer: 0
ffmpeg_AV_CODEC_ID_CLEARVIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_ALIAS_PIX_fuzzer: 0
ffmpeg_AV_CODEC_ID_TDSC_fuzzer: 0
ffmpeg_AV_CODEC_ID_JV_fuzzer: 0
ffmpeg_AV_CODEC_ID_ROQ_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_U16LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_XMA1_fuzzer: 0
ffmpeg_AV_CODEC_ID_MDEC_fuzzer: 0
ffmpeg_AV_CODEC_ID_DOLBY_E_fuzzer: 0
ffmpeg_AV_CODEC_ID_AIC_fuzzer: 0
ffmpeg_AV_CODEC_ID_VP9_fuzzer: 0
ffmpeg_AV_CODEC_ID_TRUESPEECH_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_THP_fuzzer: 0
ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_G722_fuzzer: 0
ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer: 0
ffmpeg_AV_CODEC_ID_LIBVPX_VP8_fuzzer: 0
ffmpeg_AV_CODEC_ID_MICRODVD_fuzzer: 0
ffmpeg_AV_CODEC_ID_EVRC_fuzzer: 0
ffmpeg_AV_CODEC_ID_MP3ADUFLOAT_fuzzer: 0
ffmpeg_AV_CODEC_ID_CSCD_fuzzer: 0
ffmpeg_AV_CODEC_ID_UTVIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_SONIC_fuzzer: 0
ffmpeg_AV_CODEC_ID_VC1_VDPAU_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_VPLAYER_fuzzer: 0
ffmpeg_AV_CODEC_ID_MTS2_fuzzer: 0
ffmpeg_AV_CODEC_ID_INDEO5_fuzzer: 0
ffmpeg_AV_CODEC_ID_BINKAUDIO_RDFT_fuzzer: 0
ffmpeg_AV_CODEC_ID_ATRAC3P_fuzzer: 0
ffmpeg_AV_CODEC_ID_HNM4_VIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPEG4_CUVID_fuzzer: 0
ffmpeg_AV_CODEC_ID_IAC_fuzzer: 0
ffmpeg_AV_CODEC_ID_SUBVIEWER1_fuzzer: 0
ffmpeg_AV_CODEC_ID_EAMAD_fuzzer: 0
ffmpeg_AV_CODEC_ID_MACE3_fuzzer: 0
ffmpeg_AV_CODEC_ID_SUBRIP_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S16LE_PLANAR_fuzzer: 0
ffmpeg_AV_CODEC_ID_SP5X_fuzzer: 0
ffmpeg_AV_CODEC_ID_H263I_fuzzer: 0
ffmpeg_AV_CODEC_ID_MJPEGB_fuzzer: 0
ffmpeg_AV_CODEC_ID_RAWVIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_ATRAC3AL_fuzzer: 0
ffmpeg_AV_CODEC_ID_RL2_fuzzer: 0
ffmpeg_AV_CODEC_ID_DSS_SP_fuzzer: 0
ffmpeg_AV_CODEC_ID_VQA_fuzzer: 0
ffmpeg_AV_CODEC_ID_CDGRAPHICS_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S24BE_fuzzer: 0
ffmpeg_AV_CODEC_ID_DSICINAUDIO_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCX_fuzzer: 0
ffmpeg_AV_CODEC_ID_EACMV_fuzzer: 0
ffmpeg_AV_CODEC_ID_EATGQ_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S16BE_PLANAR_fuzzer: 0
ffmpeg_AV_CODEC_ID_MSS1_fuzzer: 0
ffmpeg_AV_CODEC_ID_BINTEXT_fuzzer: 0
ffmpeg_AV_CODEC_ID_MAGICYUV_fuzzer: 0
ffmpeg_AV_CODEC_ID_COMFORTNOISE_fuzzer: 0
ffmpeg_AV_CODEC_ID_WS_SND1_fuzzer: 0
ffmpeg_AV_CODEC_ID_TARGA_fuzzer: 0
ffmpeg_AV_CODEC_ID_TXD_fuzzer: 0
ffmpeg_AV_CODEC_ID_ASS_fuzzer: 0
ffmpeg_AV_CODEC_ID_KMVC_fuzzer: 0
ffmpeg_AV_CODEC_ID_DPX_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_F32BE_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPEG_VDPAU_fuzzer: 0
ffmpeg_AV_CODEC_ID_DIRAC_fuzzer: 0
ffmpeg_AV_CODEC_ID_VP5_fuzzer: 0
ffmpeg_AV_CODEC_ID_TRUEMOTION2RT_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_AFC_fuzzer: 0
ffmpeg_AV_CODEC_ID_EATGV_fuzzer: 0
ffmpeg_AV_CODEC_ID_QDM2_fuzzer: 0
ffmpeg_AV_CODEC_ID_VP8_CUVID_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_OKI_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_G726LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_MJPEG_fuzzer: 0
ffmpeg_AV_CODEC_ID_H264_VDPAU_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_WS_fuzzer: 0
ffmpeg_AV_CODEC_ID_AMRNB_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_U8_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_EA_R1_fuzzer: 0
ffmpeg_AV_CODEC_ID_VC1_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_RAD_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_4XM_fuzzer: 0
ffmpeg_AV_CODEC_ID_AMV_fuzzer: 0
ffmpeg_AV_CODEC_ID_CLJR_fuzzer: 0
ffmpeg_AV_CODEC_ID_VCR1_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S32LE_PLANAR_fuzzer: 0
ffmpeg_AV_CODEC_ID_XAN_WC3_fuzzer: 0
ffmpeg_AV_CODEC_ID_ALS_fuzzer: 0
ffmpeg_AV_CODEC_ID_DVDSUB_fuzzer: 0
ffmpeg_AV_CODEC_ID_VBLE_fuzzer: 0
ffmpeg_AV_CODEC_ID_ATRAC3_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S24LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPEG1_CUVID_fuzzer: 0
ffmpeg_AV_CODEC_ID_MACE6_fuzzer: 0
ffmpeg_AV_CODEC_ID_AMRWB_fuzzer: 0
ffmpeg_AV_CODEC_ID_RA_288_fuzzer: 0
ffmpeg_AV_CODEC_ID_ALAC_fuzzer: 0
ffmpeg_AV_CODEC_ID_YLC_fuzzer: 0
ffmpeg_AV_CODEC_ID_AVRP_fuzzer: 0
ffmpeg_AV_CODEC_ID_MSA1_fuzzer: 0
ffmpeg_AV_CODEC_ID_EATQI_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPEG2VIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_V308_fuzzer: 0
ffmpeg_AV_CODEC_ID_PAF_AUDIO_fuzzer: 0
ffmpeg_AV_CODEC_ID_PBM_fuzzer: 0
ffmpeg_AV_CODEC_ID_ASV1_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_SBPRO_2_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPEG2_CUVID_fuzzer: 0
ffmpeg_AV_CODEC_ID_GSM_MS_fuzzer: 0
ffmpeg_AV_CODEC_ID_PGMYUV_fuzzer: 0
ffmpeg_AV_CODEC_ID_CCAPTION_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPEG1_VDPAU_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_APC_fuzzer: 0
ffmpeg_AV_CODEC_ID_MXPEG_fuzzer: 0
ffmpeg_AV_CODEC_ID_AVRN_fuzzer: 0
ffmpeg_AV_CODEC_ID_AYUV_fuzzer: 0
ffmpeg_AV_CODEC_ID_STL_fuzzer: 0
ffmpeg_AV_CODEC_ID_SIPR_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPEGVIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_THEORA_fuzzer: 0
ffmpeg_AV_CODEC_ID_WMV2_fuzzer: 0
ffmpeg_AV_CODEC_ID_BINKAUDIO_DCT_fuzzer: 0
ffmpeg_AV_CODEC_ID_TTA_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S8_fuzzer: 0
ffmpeg_AV_CODEC_ID_METASOUND_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_EA_R2_fuzzer: 0
ffmpeg_AV_CODEC_ID_HAP_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPEG4_VDPAU_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S64LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_WAV_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_F64BE_fuzzer: 0
ffmpeg_AV_CODEC_ID_WEBP_fuzzer: 0
ffmpeg_AV_CODEC_ID_IDCIN_fuzzer: 0
ffmpeg_AV_CODEC_ID_PICTOR_fuzzer: 0
ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_F32LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_ULTI_fuzzer: 0
ffmpeg_AV_CODEC_ID_SNOW_fuzzer: 0
ffmpeg_AV_CODEC_ID_G729_fuzzer: 0
ffmpeg_AV_CODEC_ID_MSCC_fuzzer: 0
ffmpeg_AV_CODEC_ID_RV20_fuzzer: 0
ffmpeg_AV_CODEC_ID_LIBOPUS_fuzzer: 0
ffmpeg_AV_CODEC_ID_V410_fuzzer: 0
ffmpeg_AV_CODEC_ID_MP1_fuzzer: 0
ffmpeg_AV_CODEC_ID_QCELP_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_DK3_fuzzer: 0
ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer: 0
ffmpeg_AV_CODEC_ID_FFVHUFF_fuzzer: 0
ffmpeg_AV_CODEC_ID_MSS2_fuzzer: 0
ffmpeg_AV_CODEC_ID_ATRAC1_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S24LE_PLANAR_fuzzer: 0
ffmpeg_AV_CODEC_ID_TMV_fuzzer: 0
ffmpeg_AV_CODEC_ID_SDX2_DPCM_fuzzer: 0
ffmpeg_AV_CODEC_ID_JACOSUB_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_SWF_fuzzer: 0
ffmpeg_AV_CODEC_ID_S302M_fuzzer: 0
ffmpeg_AV_CODEC_ID_TEXT_fuzzer: 0
ffmpeg_AV_CODEC_ID_HQX_fuzzer: 0
ffmpeg_AV_CODEC_ID_PNG_fuzzer: 0
ffmpeg_AV_CODEC_ID_APNG_fuzzer: 0
ffmpeg_AV_CODEC_ID_FLV_fuzzer: 0
ffmpeg_AV_CODEC_ID_TAK_fuzzer: 0
ffmpeg_AV_CODEC_ID_MOVTEXT_fuzzer: 0
ffmpeg_AV_CODEC_ID_MLP_fuzzer: 0
ffmpeg_AV_CODEC_ID_RA_144_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_EA_MAXIS_XA_fuzzer: 0
ffmpeg_AV_CODEC_ID_FLASHSV_fuzzer: 0
ffmpeg_AV_CODEC_ID_DVBSUB_fuzzer: 0
ffmpeg_AV_CODEC_ID_G2M_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_G726_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_EA_XAS_fuzzer: 0
ffmpeg_AV_CODEC_ID_FMVC_fuzzer: 0
ffmpeg_AV_CODEC_ID_TSCC2_fuzzer: 0
ffmpeg_AV_CODEC_ID_DSD_LSBF_fuzzer: 0
ffmpeg_AV_CODEC_ID_SVQ1_fuzzer: 0
ffmpeg_AV_CODEC_ID_SHEERVIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_DSD_MSBF_PLANAR_fuzzer: 0
ffmpeg_AV_CODEC_ID_SVQ3_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPC8_fuzzer: 0
ffmpeg_AV_CODEC_ID_MPC7_fuzzer: 0
ffmpeg_AV_CODEC_ID_PGSSUB_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S16LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_EXR_fuzzer: 0
ffmpeg_AV_CODEC_ID_H261_fuzzer: 0
ffmpeg_AV_CODEC_ID_KGV1_fuzzer: 0
ffmpeg_AV_CODEC_ID_R10K_fuzzer: 0
ffmpeg_AV_CODEC_ID_RV10_fuzzer: 0
ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_XA_fuzzer: 0
ffmpeg_AV_CODEC_ID_MSMPEG4V2_fuzzer: 0
ffmpeg_AV_CODEC_ID_DFA_fuzzer: 0
ffmpeg_AV_CODEC_ID_EAC3_fuzzer: 0
ffmpeg_AV_CODEC_ID_VMDAUDIO_fuzzer: 0
ffmpeg_AV_CODEC_ID_MP2_fuzzer: 0
ffmpeg_AV_CODEC_ID_TIERTEXSEQVIDEO_fuzzer: 0
ffmpeg_AV_CODEC_ID_DVAUDIO_fuzzer: 0
ffmpeg_AV_CODEC_ID_EIGHTBPS_fuzzer: 0
ffmpeg_AV_CODEC_ID_DCA_fuzzer: 0
ffmpeg_AV_CODEC_ID_INTERPLAY_ACM_fuzzer: 0
ffmpeg_AV_CODEC_ID_Y41P_fuzzer: 0
ffmpeg_AV_CODEC_ID_ANM_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_U24LE_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_ADX_fuzzer: 0
ffmpeg_AV_CODEC_ID_ANSI_fuzzer: 0
ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_SBPRO_3_fuzzer: 0
ffmpeg_AV_CODEC_ID_BITPACKED_fuzzer: 0
ffmpeg_AV_CODEC_ID_XSUB_fuzzer: 0
ffmpeg_AV_CODEC_ID_HEVC_fuzzer: 0
ffmpeg_AV_CODEC_ID_DXV_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_ZORK_fuzzer: 0
ffmpeg_AV_CODEC_ID_QTRLE_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_MULAW_fuzzer: 0
ffmpeg_AV_CODEC_ID_AC3_fuzzer: 0
ffmpeg_AV_CODEC_ID_V210X_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_EA_EACS_fuzzer: 0
ffmpeg_AV_CODEC_ID_XPM_fuzzer: 0
ffmpeg_AV_CODEC_ID_ROQ_DPCM_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_ISS_fuzzer: 0
ffmpeg_AV_CODEC_ID_RALF_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_YAMAHA_fuzzer: 0
ffmpeg_AV_CODEC_ID_SCPR_fuzzer: 0
ffmpeg_AV_CODEC_ID_FOURXM_fuzzer: 0
ffmpeg_AV_CODEC_ID_MVC2_fuzzer: 0
ffmpeg_AV_CODEC_ID_LIBVPX_VP9_fuzzer: 0
ffmpeg_AV_CODEC_ID_VP7_fuzzer: 0
ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer: 0
ffmpeg_AV_CODEC_ID_WMAV2_fuzzer: 0
ffmpeg_AV_CODEC_ID_APE_fuzzer: 0
ffmpeg_AV_CODEC_ID_EIGHTSVX_FIB_fuzzer: 0
ffmpeg_AV_CODEC_ID_VP6A_fuzzer: 0
ffmpeg_AV_CODEC_ID_XWD_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S16BE_fuzzer: 0
ffmpeg_AV_CODEC_ID_SMACKER_fuzzer: 0
ffmpeg_AV_CODEC_ID_AC3_FIXED_fuzzer: 0
ffmpeg_AV_CODEC_ID_MP3ON4FLOAT_fuzzer: 0
ffmpeg_AV_CODEC_ID_CINEPAK_fuzzer: 0
ffmpeg_AV_CODEC_ID_XAN_WC4_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_DAT4_fuzzer: 0
ffmpeg_AV_CODEC_ID_G723_1_fuzzer: 0
ffmpeg_AV_CODEC_ID_SCREENPRESSO_fuzzer: 0
ffmpeg_AV_CODEC_ID_YOP_fuzzer: 0
ffmpeg_AV_CODEC_ID_PCM_S24DAUD_fuzzer: 0
ffmpeg_AV_CODEC_ID_AVUI_fuzzer: 0
ffmpeg_AV_CODEC_ID_ADPCM_IMA_EA_SEAD_fuzzer: 0

So, it looks like your modification to the build.sh script doesn't change anything.

Also, after a quick look through https://git.ffmpeg.org/gitweb/ffmpeg.git/blob_plain/refs/heads/master:/configure, it feels that it is using $CFLAGS and $CXXFLAGS during compilation.

That said, I guess that you did the initial build incorrectly, but the issue looks quite dangerous, so I would like to be totally sure :)

singleghost commented 7 years ago

I didn't use the python infra/helper.py build_fuzzers ffmpeg to build. Instead I manually build the image with docker build inside the ffmpeg directory, run the container and use compile command.

I try to rebuild with command python infra/helper.py build_fuzzers ffmpeg and run the fuzz target. It works well. So there is probably something wrong with my initial build.

Thanks for the reply. Sorry for bothering you due to my innocence.

Dor1s commented 7 years ago

Glad to hear that! Thank you for raising the issue and for re-building it to verify. It's been quite scary in the beginning :)