1# Fuzzer for libxaac decoder and encoder 2 3This describes steps to build xaac_dec_fuzzer and xaac_enc_fuzzer binary. 4 5## Linux x86/x64 6 7### Requirements 8- cmake (3.5 or above) 9- make 10- clang (6.0 or above) 11 needs to support -fsanitize=fuzzer, -fsanitize=fuzzer-no-link 12 13### Steps to build 14Clone libxaac repository 15``` 16$ git clone https://android.googlesource.com/platform/external/libxaac 17``` 18Create a directory inside libxaac and change directory 19``` 20 $ cd libxaac 21 $ mkdir build 22 $ cd build 23``` 24 25Build fuzzer with required sanitizers (-DSANITIZE=fuzzer-no-link is mandatory to enable fuzzers) 26``` 27 $ cmake .. -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ \ 28 -DCMAKE_BUILD_TYPE=Debug -DSANITIZE=fuzzer-no-link,address,\ 29 signed-integer-overflow,unsigned-integer-overflow 30 $ make 31``` 32 33### Steps to run 34Create a directory CORPUS_DIR and copy some elementary aac files to that folder 35To run the fuzzer 36``` 37$ ./xaac_dec_fuzzer CORPUS_DIR 38$ ./xaac_enc_fuzzer CORPUS_DIR 39``` 40 41## Android 42 43### Steps to build 44Build the fuzzer 45``` 46 $ SANITIZE_TARGET=address SANITIZE_HOST=address mmma -j$(nproc) \ 47 external/libxaac/fuzzer 48``` 49 50### Steps to run 51Create a directory CORPUS_DIR and copy some elementary aac files to that folder 52Push this directory to device. 53 54To run on device 55``` 56 $ adb sync data 57 $ adb shell /data/fuzz/xaac_dec_fuzzer CORPUS_DIR 58``` 59To run on host 60``` 61 $ $ANDROID_HOST_OUT/fuzz/xaac_dec_fuzzer CORPUS_DIR 62``` 63 64## References: 65 * http://llvm.org/docs/LibFuzzer.html 66 * https://github.com/google/oss-fuzz 67