Merge pull request #37 from h2o/master

Align 2/21/2019

CMakeLists.txt

@@ -80,4 +80,20 @@ IF (BUILD_FUZZER)
     ADD_EXECUTABLE(fuzzer-asn1-type-and-length fuzz/fuzzer-asn1-type-and-length.c lib/asn1.c)
     SET_TARGET_PROPERTIES(fuzzer-asn1-type-and-length PROPERTIES LINK_FLAGS "-fsanitize=fuzzer")
     SET_TARGET_PROPERTIES(fuzzer-asn1-type-and-length PROPERTIES COMPILE_FLAGS "-fsanitize=fuzzer")
+
+    SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_GNU_SOURCE")
+    INCLUDE_DIRECTORIES(t include ${OPENSSL_INCLUDE_DIR})
+    ADD_DEFINITIONS(-DPTLS_FUZZ_HANDSHAKE=1)
+
+    ADD_EXECUTABLE(fuzz-server-hello fuzz/fuzz-server-hello.c)
+    SET_TARGET_PROPERTIES(fuzz-server-hello PROPERTIES LINK_FLAGS "-fsanitize=fuzzer")
+    SET_TARGET_PROPERTIES(fuzz-server-hello PROPERTIES COMPILE_FLAGS "-fsanitize=fuzzer")
+    TARGET_LINK_LIBRARIES(fuzz-server-hello ${OPENSSL_LIBRARIES} picotls-core picotls-openssl)
+
+    ADD_EXECUTABLE(fuzz-client-hello fuzz/fuzz-client-hello.c)
+    SET_TARGET_PROPERTIES(fuzz-client-hello PROPERTIES LINK_FLAGS "-fsanitize=fuzzer")
+    SET_TARGET_PROPERTIES(fuzz-client-hello PROPERTIES COMPILE_FLAGS "-fsanitize=fuzzer")
+    TARGET_LINK_LIBRARIES(fuzz-client-hello ${OPENSSL_LIBRARIES} picotls-core picotls-openssl)
+
+
 ENDIF()

fuzz/README.md

@@ -0,0 +1,29 @@
+# Fuzzing
+
+This directory contains code and test data for fuzz testing picotls with LLVM's [LibFuzzer](http://libfuzzer.info). 
+
+## Building the test drivers
+
+To build the fuzz test drivers (AKA "fuzz targets"), pass `-DBUILD_FUZZER=ON` to `cmake`. This this will instrument the binary and build fuzz targets. Note that you must have a version of LLVM Clang installed that supports LibFuzzer in order for this build to succeed.
+
+## Test corpus information
+
+There are seed test corpuses for some fuzz targets included. They are stored in the `fuzz` directory in a subdirectory corresponding to the fuzz target binary name.  See the [LibFuzzer docs](http://llvm.org/docs/LibFuzzer.html) for more information on using seed test corpuses.
+
+## Submitting new seed files
+
+This project welcomes seed files that exercise new paths in the target programs. Before submitting new seed files, please ensure they add coverage to the existing corpus via the driver `-merge` flag. For example:
+
+```
+$ ./fuzz-client-hello-merge=1 ./fuzz/fuzz-client-hello-corpus ./fuzz/my-new-seeds
+```
+
+See the [LibFuzzer docs](http://llvm.org/docs/LibFuzzer.html) for more information on minimizing test corpuses.
+
+## Running the fuzzers
+
+You will likely want to tailor fuzzer options to your execution environment, but here is a basic example of running a fuzzer:
+
+```
+./fuzz-client-hello fuzz/fuzz-client-hello-corpus
+```

fuzz/fuzz-client-hello-corpus/044e194f865606797c8b776aeee290e193cff660

@@ -0,0 +1 @@
+*/��

fuzz/fuzz-client-hello-corpus/05a79f06cf3f67f726dae68d18a2290f6c9a50c9

@@ -0,0 +1 @@
+:

fuzz/fuzz-client-hello-corpus/0a80baa1797615faddb0ccfaa6d46382a6b3e0e2

@@ -0,0 +1 @@
+�

fuzz/fuzz-client-hello-corpus/3a52ce780950d4d969792a2559cd519d7ee8c727

@@ -0,0 +1 @@
+.

fuzz/fuzz-client-hello-corpus/3abc962608ab5f1fcf26acc7e30a9aa20243e452

@@ -0,0 +1 @@
+

:

fuzz/fuzz-client-hello-corpus/3d355b0fe698be3d6aaf093d239c642110b48078

@@ -0,0 +1 @@
+83

fuzz/fuzz-client-hello-corpus/3e64a126a8c832484b2733085830c076717b48e9

@@ -0,0 +1 @@
+

fuzz/fuzz-client-hello-corpus/54857a2c208d1370fb88bd9a949f7e92a7969bef

@@ -0,0 +1 @@
+���9

fuzz/fuzz-client-hello-corpus/5a8ca84c7d4d9b055f05c55b1f707f223979d387

@@ -0,0 +1 @@
+

fuzz/fuzz-client-hello-corpus/60ba4b2daa4ed4d070fec06687e249e0e6f9ee45

@@ -0,0 +1 @@
+{

fuzz/fuzz-client-hello-corpus/66b8c256f4b4f6ce36ec1abededf1826f91b05d2

@@ -0,0 +1 @@
+�