Changes between Version 3 and Version 4 of SponsoringPrograms/Outreachy/2016-05

Feb 9, 2016, 1:57:53 AM (5 years ago)



  • SponsoringPrograms/Outreachy/2016-05

    v3 v4  
     47= Mentored Projects =
     49This section lists well-defined projects that have one or more available mentors. If you are new to FFmpeg, and have relatively little experience with multimedia, you should favor a mentored project rather than propose your own. Contact the respective mentor(s) to get more information about the project and the requested qualification task.
     51== Create a fuzzing testsuite for FFmpeg ==
     53'''Description:''' Fuzzing is the process of using random or specially crafted junk input to make programs crash or exploit security vulnerabilities. Many organisations such as Google have fuzzed FFmpeg and found and fixed many issues. The problem is FFmpeg moves so quickly that often new commits expose other problems. We need a way of automatically assessing whether commits have exposed bugs. At the same time we don't want to fuzz parts of the codebase that we know haven't changed because this just wastes CPU cycles.
     55'''Expected results:'''
     57    - Add an existing specialised fuzzing test application to main repository
     58    - Create a corpus of small test files that exercise codepaths likely to crash for a selection of decoders or demuxers
     59    - Build a web interface able to extract information from each commit and run against an appropriate fuzz corpus.
     61'''Prerequisites:''' Knowledge of the command line and program compilation. Knowledge of a web programming language (python, node.js etc). Useful to have C experience.
     63'''Qualification Task:''' Compile and run fffuzz ( and report and (possibly fix) a crash using zzuf or afl-fuzz
     65'''Mentor:''' Kieran Kunhya  (''kierank'' in #ffmpeg-devel on Freenode IRC, kieran at kunhya dot com)
     66'''Backup Mentor:''' TBC
    4767== Contacting FFmpeg ==