libFuzzer in Chrome
This directory contains integration between libFuzzer and Chrome. libFuzzer is an in-process coverage-driven evolutionary fuzzer. It helps engineers to uncover potential security & stability problems earlier.
Requirements: libFuzzer in Chrome is supported with GN on Linux only.
Fuzzer tests are well-integrated with Chrome build system & distributed ClusterFuzz fuzzing system. Cover bug: crbug.com/539572.
- ClusterFuzz Bugs - issues found and automatically filed by ClusterFuzz.
- Manual Bugs - issues that were filed manually after running fuzzers.
- Pdfium Bugs - bugs found in pdfium by manual fuzzing.
- OSS Trophies - bugs found with libFuzzer in open-source projects.