Changes between Version 11 and Version 12 of SponsoringPrograms/GSoC/2016

Feb 10, 2016, 6:59:48 PM (4 years ago)

Add Kierans fuzzing task


  • SponsoringPrograms/GSoC/2016

    v11 v12  
    5252This section lists well-defined projects that have one or more available mentors. If you are new to FFmpeg, and have relatively little experience with multimedia, you should favor a mentored project rather than propose your own. Contact the respective mentor(s) to get more information about the project and the requested qualification task.
     54== Create a fuzzing testsuite for FFmpeg ==
     56'''Description:''' Fuzzing is the process of using random or specially crafted junk input to make programs crash or exploit security vulnerabilities. Many organisations such as Google have fuzzed FFmpeg and found and fixed many issues. The problem is FFmpeg moves so quickly that often new commits expose other problems. We need a way of automatically assessing whether commits have exposed bugs. At the same time we don't want to fuzz parts of the codebase that we know haven't changed because this just wastes CPU cycles.
     58'''Expected results:'''
     60    - Add an existing specialised fuzzing test application to main repository
     61    - Create a corpus of small test files that exercise codepaths likely to crash for a selection of decoders or demuxers
     62    - Build a web interface able to extract information from each commit and run against an appropriate fuzz corpus.
     64'''Prerequisites:''' Knowledge of the command line and program compilation. Knowledge of a web programming language (python, node.js etc). Useful to have C experience.
     66'''Qualification Task:''' Compile and run [ fffuzz] and report and (possibly fix) a crash using `zzuf` or `afl-fuzz`.
     68'''Mentor:''' Kieran Kunhya  (''kierank'' in #ffmpeg-devel on Freenode IRC, kieran at kunhya dot com)
     70'''Backup Mentor:''' TBD
    5472== FFv1 P frame support ==