1# FMT Fuzzer 2 3Fuzzing has revealed [several bugs](https://github.com/fmtlib/fmt/issues?&q=is%3Aissue+fuzz) 4in fmt. It is a part of the continous fuzzing at 5[oss-fuzz](https://github.com/google/oss-fuzz). 6 7The source code is modified to make the fuzzing possible without locking up on 8resource exhaustion: 9```cpp 10#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 11if(spec.precision>100000) { 12 throw std::runtime_error("fuzz mode - avoiding large precision"); 13} 14#endif 15``` 16This macro is the defacto standard for making fuzzing practically possible, see 17[the libFuzzer documentation](https://llvm.org/docs/LibFuzzer.html#fuzzer-friendly-build-mode). 18 19## Running the fuzzers locally 20 21There is a [helper script](build.sh) to build the fuzzers, which has only been 22tested on Debian and Ubuntu linux so far. There should be no problems fuzzing on 23Windows (using clang>=8) or on Mac, but the script will probably not work out of 24the box. 25 26Something along 27```sh 28mkdir build 29cd build 30export CXX=clang++ 31export CXXFLAGS="-fsanitize=fuzzer-no-link -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION= -g" 32cmake .. -DFMT_SAFE_DURATION_CAST=On -DFMT_FUZZ=On -DFMT_FUZZ_LINKMAIN=Off -DFMT_FUZZ_LDFLAGS="-fsanitize=fuzzer" 33cmake --build . 34``` 35should work to build the fuzzers for all platforms which clang supports. 36 37Execute a fuzzer with for instance 38```sh 39cd build 40export UBSAN_OPTIONS=halt_on_error=1 41mkdir out_chrono 42bin/fuzzer_chrono_duration out_chrono 43``` 44