diff options
author | 2018-04-17 15:33:27 -0700 | |
---|---|---|
committer | 2018-04-17 15:33:27 -0700 | |
commit | b5833a7826b6b389993ff28c5bd0dc9be08c5ea4 (patch) | |
tree | 1e9dbd97907b61a2d3993fbd01fbfa78e1c3ba36 /docs | |
parent | 2519639f739cc5c9424dfa566b0ec8c370794e7b (diff) |
[docs] Deprecate use of max_len, recommend sanity check that returns 0 (cc #1324).
Diffstat (limited to 'docs')
-rw-r--r-- | docs/new_project_guide.md | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/docs/new_project_guide.md b/docs/new_project_guide.md index 671e61c3..a7ce80f7 100644 --- a/docs/new_project_guide.md +++ b/docs/new_project_guide.md @@ -204,10 +204,18 @@ custom options by creating a `my_fuzzer.options` file next to a `my_fuzzer` exec ``` [libfuzzer] -max_len = 1024 +close_fd_mask = 3 +only_ascii = 1 ``` -[List of available options](http://llvm.org/docs/LibFuzzer.html#options). Use of `max_len` is highly recommended. +[List of available options](http://llvm.org/docs/LibFuzzer.html#options). Use of `max_len` is not recommended as other fuzzing engines may not support that option. Instead, if +you need to strictly enforce the input length limit, add a sanity check to the +beginning of your fuzz target: + +```cpp +if (size < kMinInputLength || size > kMaxInputLength) + return 0; +``` For out of tree [fuzz targets](glossary.md#fuzz-target), you will likely add options file using docker's `COPY` directive and will copy it into output in build script. |