quickjs

mirror of https://github.com/bellard/quickjs synced 2025-04-24 22:43:35 +03:00

History

Renata Hodovan f5788c7b67 Define lre_check_timeout in fuzz_regexp

Since #25aaa77, lre_check_timeout must be defined by the user. The
patch adds this definition to the regexp fuzzer.

2025-04-14 15:56:15 +02:00

fuzz_common.c

more bignum cleanup

2025-03-19 11:43:31 +01:00

fuzz_common.h

OSS-Fuzz targets improvements (#267 )

2024-05-08 18:19:48 +02:00

fuzz_compile.c

OSS-Fuzz targets improvements (#267 )

2024-05-08 18:19:48 +02:00

fuzz_eval.c

OSS-Fuzz targets improvements (#267 )

2024-05-08 18:19:48 +02:00

fuzz_regexp.c

Define lre_check_timeout in fuzz_regexp

2025-04-14 15:56:15 +02:00

fuzz.dict

more bignum cleanup

2025-03-19 11:43:31 +01:00

generate_dict.js

OSS-Fuzz targets improvements (#267 )

2024-05-08 18:19:48 +02:00

README

OSS-Fuzz targets improvements (#267 )

2024-05-08 18:19:48 +02:00

README

libFuzzer support for QuickJS
=============================

Build QuickJS with libFuzzer support as follows:

  CONFIG_CLANG=y make libfuzzer

This can be extended with sanitizer support to improve efficacy:

  CONFIG_CLANG=y CONFIG_ASAN=y make libfuzzer


Currently, there are three fuzzing targets defined: fuzz_eval, fuzz_compile and fuzz_regexp.
The above build command will produce an executable binary for each of them, which can be
simply executed as:

  ./fuzz_eval

or with an initial corpus:

  ./fuzz_compile corpus_dir/

or with a predefined dictionary to improve its efficacy:

  ./fuzz_eval -dict fuzz/fuzz.dict

or with arbitrary CLI arguments provided by libFuzzer (https://llvm.org/docs/LibFuzzer.html).