1*fd1fabb7SAndroid Build Coastguard Worker# Fuzzing DNG SDK 2*fd1fabb7SAndroid Build Coastguard Worker 3*fd1fabb7SAndroid Build Coastguard WorkerThis fuzzer is intented to do a varian analysis of the issue reported 4*fd1fabb7SAndroid Build Coastguard Workerin b/156261521. 5*fd1fabb7SAndroid Build Coastguard Worker 6*fd1fabb7SAndroid Build Coastguard WorkerHere is a list of some CVEs previously discovered in DNG SDK: 7*fd1fabb7SAndroid Build Coastguard Worker 8*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9589 9*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9590 10*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9620 11*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9621 12*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9622 13*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9623 14*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9624 15*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9625 16*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9626 17*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9627 18*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9628 19*fd1fabb7SAndroid Build Coastguard Worker* CVE-2020-9629 20*fd1fabb7SAndroid Build Coastguard Worker 21*fd1fabb7SAndroid Build Coastguard Worker## Building & running the fuzz target: Android device 22*fd1fabb7SAndroid Build Coastguard Worker 23*fd1fabb7SAndroid Build Coastguard WorkerIt is recommended to set rss limit to higher values (such as 4096) when running 24*fd1fabb7SAndroid Build Coastguard Workerthe fuzzer to avoid frequent OOM libFuzzer crashes. 25*fd1fabb7SAndroid Build Coastguard Worker 26*fd1fabb7SAndroid Build Coastguard Worker```sh 27*fd1fabb7SAndroid Build Coastguard Worker$ source build/envsetup.sh 28*fd1fabb7SAndroid Build Coastguard Worker$ lunch aosp_arm64-eng 29*fd1fabb7SAndroid Build Coastguard Worker$ SANITIZE_TARGET=hwaddress make dng_parser_fuzzer 30*fd1fabb7SAndroid Build Coastguard Worker$ adb sync data 31*fd1fabb7SAndroid Build Coastguard Worker$ adb shell /data/fuzz/arm64/dng_parser_fuzzer/dng_parser_fuzzer \ 32*fd1fabb7SAndroid Build Coastguard Worker$ -rss_limit=4096 \ 33*fd1fabb7SAndroid Build Coastguard Worker$ /data/fuzz/arm64/dng_parser_fuzzer/corpus 34*fd1fabb7SAndroid Build Coastguard Worker``` 35*fd1fabb7SAndroid Build Coastguard Worker 36*fd1fabb7SAndroid Build Coastguard Worker## Building & running the fuzz target: Host 37*fd1fabb7SAndroid Build Coastguard Worker 38*fd1fabb7SAndroid Build Coastguard Worker```sh 39*fd1fabb7SAndroid Build Coastguard Worker$ source build/envsetup.sh 40*fd1fabb7SAndroid Build Coastguard Worker$ lunch aosp_x86_64-eng 41*fd1fabb7SAndroid Build Coastguard Worker$ SANITIZE_HOST=address make dng_parser_fuzzer 42*fd1fabb7SAndroid Build Coastguard Worker$ LD_LIBRARY_PATH=$ANDROID_HOST_OUT/fuzz/x86_64/lib/ \ 43*fd1fabb7SAndroid Build Coastguard Worker$ $ANDROID_HOST_OUT/fuzz/x86_64/dng_parser_fuzzer/dng_parser_fuzzer \ 44*fd1fabb7SAndroid Build Coastguard Worker$ -rss_limit_mb=4096 \ 45*fd1fabb7SAndroid Build Coastguard Worker$ $ANDROID_HOST_OUT/fuzz/x86_64/dng_parser_fuzzer/corpus/ 46*fd1fabb7SAndroid Build Coastguard Worker``` 47*fd1fabb7SAndroid Build Coastguard Worker 48