Skip to content

Commit d70f793

Browse files
authored
Delete unnecessary files and fix format in some MD pages (#4115)
* style: Clean up the repo * Bolster the `.gitignore` * Follow `CONTRIBUTING.md` guidelines and wrap `README.md` to 80 characters and seperate links for readability * Remove pesky Unicode dash in `CONTRIBUTING.md` * Remove `.DS_STORE` files * Rename `#project.yaml#` to something logical and enable stntax highlighting * Updates from reviewers * Greatly reduce `.gitignore` to only macOS `.DS_Store` and Vim temporary files * Apply markdown style to `docs/index.md` * small comma grammatical change * http -> https
1 parent d92c122 commit d70f793

File tree

5 files changed

+80
-48
lines changed

5 files changed

+80
-48
lines changed

.gitignore

+3-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
11
.vscode/
22
*.pyc
33
/build/
4-
*~
4+
*~
5+
.DS_Store
6+
*.swp

CONTRIBUTING.md

+3-2
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,13 @@
1-
Want to contribute? Great! First, read this page (including the small print at the end).
1+
Want to contribute? Great! First, read this page (including the small print at
2+
the end).
23

34
### Before you contribute
45
Before we can use your code, you must sign the
56
[Google Individual Contributor License Agreement](https://cla.developers.google.com/about/google-individual)
67
(CLA), which you can do online. The CLA is necessary mainly because you own the
78
copyright to your changes, even after your contribution becomes part of our
89
codebase, so we need your permission to use and distribute your code. We also
9-
need to be sure of various other thingsfor instance that you'll tell us if you
10+
need to be sure of various other things: for instance that you'll tell us if you
1011
know that your code infringes on other people's patents. You don't have to sign
1112
the CLA until after you've submitted your code for review and a member has
1213
approved it, but you must do it before we can put your code into our codebase.

README.md

+39-21
Original file line numberDiff line numberDiff line change
@@ -1,40 +1,58 @@
11
# OSS-Fuzz: Continuous Fuzzing for Open Source Software
22

3-
[Fuzz testing](https://en.wikipedia.org/wiki/Fuzz_testing) is a well-known
4-
technique for uncovering programming errors in software.
5-
Many of these detectable errors, like [buffer overflow](https://en.wikipedia.org/wiki/Buffer_overflow), can have serious security implications. Google has found [thousands] of security vulnerabilities and stability bugs by deploying [guided in-process fuzzing of Chrome components](https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html),
6-
and we now want to share that service with the open source community.
7-
3+
[Fuzz testing] is a well-known technique for uncovering programming errors in
4+
software. Many of these detectable errors, like [buffer overflow], can have
5+
serious security implications. Google has found [thousands] of security
6+
vulnerabilities and stability bugs by deploying [guided in-process fuzzing of
7+
Chrome components], and we now want to share that service with the open source
8+
community.
9+
10+
[Fuzz testing]: https://en.wikipedia.org/wiki/Fuzz_testing
11+
[buffer overflow]: https://en.wikipedia.org/wiki/Buffer_overflow
812
[thousands]: https://bugs.chromium.org/p/chromium/issues/list?q=label%3AStability-LibFuzzer%2CStability-AFL%20-status%3ADuplicate%2CWontFix&can=1
13+
[guided in-process fuzzing of Chrome components]: https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html
14+
15+
In cooperation with the [Core Infrastructure Initiative], OSS-Fuzz aims to make
16+
common open source software more secure and stable by combining modern fuzzing
17+
techniques with scalable, distributed execution.
18+
19+
[Core Infrastructure Initiative]: https://www.coreinfrastructure.org/
920

10-
In cooperation with the [Core Infrastructure Initiative](https://www.coreinfrastructure.org/),
11-
OSS-Fuzz aims to make common open source software more secure and stable by
12-
combining modern fuzzing techniques with scalable,
13-
distributed execution.
21+
We support the [libFuzzer], [AFL], and [Honggfuzz] fuzzing engines in
22+
combination with [Sanitizers], as well as [ClusterFuzz], a distributed fuzzer
23+
execution environment and reporting tool.
1424

15-
We support the [libFuzzer](http://llvm.org/docs/LibFuzzer.html), [AFL](https://lcamtuf.coredump.cx/afl/) and
16-
[Honggfuzz](https://github.com/google/honggfuzz) fuzzing engines
17-
in combination with [Sanitizers](https://github.com/google/sanitizers), as well as
18-
[ClusterFuzz](https://github.com/google/clusterfuzz),
19-
a distributed fuzzer execution environment and reporting tool.
25+
[libFuzzer]: https://llvm.org/docs/LibFuzzer.html
26+
[AFL]: https://lcamtuf.coredump.cx/afl/
27+
[Honggfuzz]: https://github.com/google/honggfuzz
28+
[Sanitizers]: https://github.com/google/sanitizers
29+
[ClusterFuzz]: https://github.com/google/clusterfuzz
2030

21-
Currently, OSS-Fuzz supports C/C++, Rust, and Go code. Other languages supported by [LLVM](http://llvm.org) may work too.
22-
OSS-Fuzz supports fuzzing x86_64 and i386 builds.
31+
Currently, OSS-Fuzz supports C/C++, Rust, and Go code. Other languages supported
32+
by [LLVM] may work too. OSS-Fuzz supports fuzzing x86_64 and i386 builds.
33+
34+
[LLVM]: https://llvm.org
2335

2436
## Overview
2537
![OSS-Fuzz process diagram](docs/images/process.png)
2638

2739
## Documentation
28-
Read our [detailed documentation](https://google.github.io/oss-fuzz) to learn how to use OSS-Fuzz.
40+
Read our [detailed documentation] to learn how to use OSS-Fuzz.
41+
42+
[detailed documentation]: https://google.github.io/oss-fuzz
2943

3044
## Trophies
31-
As of June 2020, OSS-Fuzz has found over [20,000] bugs in [300] open source projects.
45+
As of June 2020, OSS-Fuzz has found over [20,000] bugs in [300] open source
46+
projects.
3247

3348
[20,000]: https://bugs.chromium.org/p/oss-fuzz/issues/list?q=-status%3AWontFix%2CDuplicate%20-component%3AInfra&can=1
3449
[300]: https://github.com/google/oss-fuzz/tree/master/projects
3550

3651
## Blog posts
52+
* 2016-12-01 - [Announcing OSS-Fuzz: Continuous fuzzing for open source software]
53+
* 2017-05-08 - [OSS-Fuzz: Five months later, and rewarding projects]
54+
* 2018-11-06 - [A New Chapter for OSS-Fuzz]
3755

38-
* 2016-12-01 - [Announcing OSS-Fuzz: Continuous fuzzing for open source software](https://opensource.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html)
39-
* 2017-05-08 - [OSS-Fuzz: Five months later, and rewarding projects](https://opensource.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html)
40-
* 2018-11-06 - [A New Chapter for OSS-Fuzz](https://security.googleblog.com/2018/11/a-new-chapter-for-oss-fuzz.html)
56+
[Announcing OSS-Fuzz: Continuous fuzzing for open source software]: https://opensource.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html
57+
[OSS-Fuzz: Five months later, and rewarding projects]: https://opensource.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html
58+
[A New Chapter for OSS-Fuzz]: https://security.googleblog.com/2018/11/a-new-chapter-for-oss-fuzz.html

docs/index.md

+35-24
Original file line numberDiff line numberDiff line change
@@ -9,42 +9,53 @@ has_toc: false
99

1010
# OSS-Fuzz
1111

12-
[Fuzz testing](https://en.wikipedia.org/wiki/Fuzz_testing) is a well-known
13-
technique for uncovering programming errors in software.
14-
Many of these detectable errors, like [buffer overflow](https://en.wikipedia.org/wiki/Buffer_overflow),
15-
can have serious security implications. Google has found [thousands] of security vulnerabilities and
16-
stability bugs by deploying
17-
[guided in-process fuzzing of Chrome components](https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html),
18-
and we now want to share that service with the open source community.
19-
12+
[Fuzz testing] is a well-known technique for uncovering programming errors in
13+
software. Many of these detectable errors, like [buffer overflow], can have
14+
serious security implications. Google has found [thousands] of security
15+
vulnerabilities and stability bugs by deploying [guided in-process fuzzing of
16+
Chrome components], and we now want to share that service with the open source
17+
community.
18+
19+
[Fuzz testing]: https://en.wikipedia.org/wiki/Fuzz_testing
20+
[buffer overflow]: https://en.wikipedia.org/wiki/Buffer_overflow
2021
[thousands]: https://bugs.chromium.org/p/chromium/issues/list?q=label%3AStability-LibFuzzer%2CStability-AFL%20-status%3ADuplicate%2CWontFix&can=1
22+
[guided in-process fuzzing of Chrome components]: https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html
23+
24+
In cooperation with the [Core Infrastructure Initiative], OSS-Fuzz aims to make
25+
common open source software more secure and stable by combining modern fuzzing
26+
techniques with scalable, distributed execution.
27+
28+
[Core Infrastructure Initiative]: https://www.coreinfrastructure.org/
29+
30+
We support the [libFuzzer], [AFL], and [Honggfuzz] fuzzing engines in
31+
combination with [Sanitizers], as well as [ClusterFuzz], a distributed fuzzer
32+
execution environment and reporting tool.
2133

22-
In cooperation with the [Core Infrastructure Initiative](https://www.coreinfrastructure.org/),
23-
OSS-Fuzz aims to make common open source software more secure and stable by
24-
combining modern fuzzing techniques with scalable,
25-
distributed execution.
34+
[libFuzzer]: https://llvm.org/docs/LibFuzzer.html
35+
[AFL]: https://lcamtuf.coredump.cx/afl/
36+
[Honggfuzz]: https://github.com/google/honggfuzz
37+
[Sanitizers]: https://github.com/google/sanitizers
38+
[ClusterFuzz]: https://github.com/google/clusterfuzz
2639

27-
We support the [libFuzzer](http://llvm.org/docs/LibFuzzer.html), [AFL](https://lcamtuf.coredump.cx/afl/) and
28-
[Honggfuzz](https://github.com/google/honggfuzz) fuzzing engines
29-
in combination with [Sanitizers](https://github.com/google/sanitizers), as well as
30-
[ClusterFuzz](https://github.com/google/clusterfuzz),
31-
a distributed fuzzer execution environment and reporting tool.
40+
Currently, OSS-Fuzz supports C/C++, Rust, and Go code. Other languages supported
41+
by [LLVM] may work too. OSS-Fuzz supports fuzzing x86_64 and i386 builds.
3242

33-
Currently, OSS-Fuzz supports C/C++, Rust, and Go code. Other languages supported by [LLVM](http://llvm.org) may work too.
34-
OSS-Fuzz supports fuzzing x86_64 and i386 builds.
43+
[LLVM]: https://llvm.org
3544

3645
## Learn more about fuzzing
3746

38-
This documentation describes how to use OSS-Fuzz service for your open source project.
39-
To learn more about fuzzing in general, we recommend reading [libFuzzer tutorial]
40-
and the other docs in [google/fuzzing] repository. These and some other resources
41-
are listed on the [useful links]({{ site.baseurl }}/reference/useful-links/#tutorials) page.
47+
This documentation describes how to use OSS-Fuzz service for your open source
48+
project. To learn more about fuzzing in general, we recommend reading [libFuzzer
49+
tutorial] and the other docs in [google/fuzzing] repository. These and some
50+
other resources are listed on the [useful links] page.
4251

4352
[google/fuzzing]: https://github.com/google/fuzzing/tree/master/docs
4453
[libFuzzer tutorial]: https://github.com/google/fuzzing/blob/master/tutorial/libFuzzerTutorial.md
54+
[useful links]: {{ site.baseurl }}/reference/useful-links/#tutorials
4555

4656
## Trophies
47-
As of June 2020, OSS-Fuzz has found over [20,000] bugs in [300] open source projects.
57+
As of June 2020, OSS-Fuzz has found over [20,000] bugs in [300] open source
58+
projects.
4859

4960
[20,000]: https://bugs.chromium.org/p/oss-fuzz/issues/list?q=-status%3AWontFix%2CDuplicate%20-component%3AInfra&can=1
5061
[300]: https://github.com/google/oss-fuzz/tree/master/projects
File renamed without changes.

0 commit comments

Comments
 (0)