fuzz: added basic Makefile to assist in reproducing [ci skip]

Also updated README.md

2 files changed, 78 insertions, 0 deletions

diff --git a/devel/fuzz/Makefile b/devel/fuzz/Makefile
new file mode 100644
index 0000000000..fc9d95c55c
--- /dev/null
+++ b/devel/fuzz/Makefile
@@ -0,0 +1,54 @@
+# Copyright (C) 2016 Red Hat, Inc.
+#
+# This file is part of GnuTLS.
+#
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This file is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this file; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+CC="gcc"
+CFLAGS=-g -fsanitize=address -fsanitize=undefined
+COMMON=-I../../lib/includes -L../../lib/.libs -Wl,-rpath=../../lib/.libs -lgnutls
+
+all: gnutls_pkcs7_parser_fuzzer gnutls_client_fuzzer gnutls_dn_parser_fuzzer \
+	gnutls_openpgp_cert_parser_fuzzer gnutls_pkcs7_parser_fuzzer gnutls_pkcs8_key_parser_fuzzer \
+	gnutls_private_key_parser_fuzzer gnutls_server_fuzzer gnutls_x509_parser_fuzzer
+
+gnutls_pkcs7_parser_fuzzer: gnutls_pkcs7_parser_fuzzer.cc
+	$(CC) $(CFLAGS) main.c $^ $(COMMON) -o $@
+
+gnutls_client_fuzzer: gnutls_client_fuzzer.cc
+	$(CC) $(CFLAGS) main.c $^ $(COMMON) -o $@
+
+gnutls_dn_parser_fuzzer: gnutls_dn_parser_fuzzer.cc
+	$(CC) $(CFLAGS) main.c $^ $(COMMON) -o $@
+
+gnutls_openpgp_cert_parser_fuzzer: gnutls_openpgp_cert_parser_fuzzer.cc
+	$(CC) $(CFLAGS) main.c $^ $(COMMON) -o $@
+
+gnutls_pkcs8_key_parser_fuzzer: gnutls_pkcs8_key_parser_fuzzer.cc
+	$(CC) $(CFLAGS) main.c $^ $(COMMON) -o $@
+
+gnutls_private_key_parser_fuzzer: gnutls_private_key_parser_fuzzer.cc
+	$(CC) $(CFLAGS) main.c $^ $(COMMON) -o $@
+
+gnutls_server_fuzzer: gnutls_server_fuzzer.cc
+	$(CC) $(CFLAGS) main.c $^ $(COMMON) -o $@
+
+gnutls_x509_parser_fuzzer: gnutls_x509_parser_fuzzer.cc
+	$(CC) $(CFLAGS) main.c $^ $(COMMON) -o $@
+
+clean:
+	rm -f gnutls_pkcs7_parser_fuzzer gnutls_client_fuzzer gnutls_dn_parser_fuzzer \
+	gnutls_openpgp_cert_parser_fuzzer gnutls_pkcs7_parser_fuzzer gnutls_pkcs8_key_parser_fuzzer \
+	gnutls_private_key_parser_fuzzer gnutls_server_fuzzer gnutls_x509_parser_fuzzer
diff --git a/devel/fuzz/README.md b/devel/fuzz/README.md
index 29668d2708..2961532810 100644
--- a/devel/fuzz/README.md
+++ b/devel/fuzz/README.md
@@ -8,3 +8,27 @@ assume they are fuzzers it should run.
 
 The initial values for each parser fuzzer are taken from the $NAME.in
 directory.
+
+# Reproducing a specific issue
+
+Assuming an issue on the "gnutls_pkcs7_parser_fuzzer" was found, and the
+reproducer is placed in $FILE, to reproduce locally use the following commands
+on top dir:
+
+```
+$ CFLAGS="-fsanitize=address -g -O2" ./configure
+$ make -j$(nproc)
+$ cd devel/fuzz
+$ make gnutls_pkcs7_parser_fuzzer
+$ ./gnutls_pkcs7_parser_fuzzer <$FILE
+```
+
+Alternatively (if local reproduction is not possible), you can reproduce it
+using the original docker instance used to find the issue as follows.
+
+```
+sudo docker run --rm -e ASAN_OPTIONS="detect_leaks=0" -ti -v $FILE:/testcase ossfuzz/gnutls reproduce gnutls_pkcs7_parser_fuzzer
+```
+
+
+