[Development] QtCS2019 Notes from "Fuzzing Qt" BoF session

Robert Loehning Robert.Loehning at qt.io
Thu Nov 21 13:13:55 CET 2019


Here and below are the notes from this session:



== Introduction ==
* Explained briefly what fuzzing is in general
* Showed how to fuzz Qt itself<br/>See readme file: 

=== What's missing to test Qt in oss-fuzz? ===
Google offers infrastructure and workflow for fuzzing free software, see 
* Qt still needs to support more sanitizers
* A docker image defines how to build Qt and the fuzz targets
   A prototype exists, but needs tuning Robert is working on both.

=== Which code needs fuzz testing the most? ===
Agreed criteria: Code that operates on possibly untrusted data

Proposals from the audience:
* Classes
** [https://doc.qt.io/qt-5/qcborvalue.html QCborValue]
** [https://doc.qt.io/qt-5/qcommandlineparser.html QCommandLineParser]
** [https://doc.qt.io/qt-5/qdatastream.html QDataStream]
** [https://doc.qt.io/qt-5/qimage.html QImage] and its plugins
** [https://doc.qt.io/qt-5/qjsonvalue.html QJsonValue]
** [https://doc.qt.io/qt-5/qregularexpression.html QRegularExpression]
** [https://doc.qt.io/qt-5/qsslcertificate.html QSslCertificate]
** QPdf?
** [https://doc.qt.io/qt-5/qtextcodec.html QTextCodec]
** [https://doc.qt.io/qt-5/qtextstream.html QTextStream]
** [https://doc.qt.io/qt-5/qtranslator.html QTranslator]
* Functions
** *::fromRawData
** [https://doc.qt.io/qt-5/qtextdocumentfragment.html#fromHtml 
** [https://doc.qt.io/qt-5/qurl.html#fromUserInput QUrl::fromUserInput]
** [https://doc.qt.io/qt-5/qwebengineview.html#setContent 
* Further mentions which were considered tricky
** [https://doc.qt.io/qt-5/qabstractsocket.html QAbstractSocket]
** [https://doc.qt.io/qt-5/qstring.html#asprintf QString::asprintf]
Robert will try adding them one by one. If you'd like to contribute 
some, he will happily review them.

If you have further proposals, please comment here or write to Robert 

More information about the Development mailing list