If you're looking for an isolated and straightforward way to start contributing to KDE, you're in the right place. At KDE, we use fuzzing via oss-fuzz to try to ensure our libraries are robust against broken inputs. Here's how you can help us in this essential task.
What is Fuzzing?
Fuzzing involves feeding "random" [1] data into our code to check its robustness against invalid or unexpected inputs. This is crucial for ensuring the security and stability of applications that process data without direct user control.
Why is Fuzzing Important?
Imagine receiving an image via email, saving it to your disk, and opening it in Dolphin. This will make Dolphin create a thumbnail of the image. If the image is corrupted and our image plugin code isn't robust, the best-case scenario is that Dolphin crashes. In the worst case, it could lead to a security breach. Hence, fuzzing helps prevent such vulnerabilities.
How You Can Help:
We need to update the build of KDE libraries in oss-fuzz to use Qt6. This task could be challenging because it involves static compilation and ensuring the correct flags are passed for all compilation units.
Steps to Contribute:
Start with karchive Project
- Download oss-fuzz and go into the karchive subfolder.
- Update the Dockerfile to download Qt from the dev branch and KDE Frameworks from the master branch.
Update build.sh Script:
- Modify the
build.sh
script to compile Qt6 (this will be harder since it involves moving from qmake to cmake) and KDE Frameworks 6.
- Modify the
Check karchive_fuzzer.cc:
- This file might need updates, but they should be relatively easy.
- At the top of
karchive_fuzzer.cc
, you'll find a comment with the three commands that oss-fuzz runs. Use these to test the image building, fuzzer building, and running processes.
Need Help?
If you have questions or need assistance, please contact me at aacid@kde.org or ping me on Matrix at @tsdgeos:kde.org
Note:
[1] Smart fuzzing engines don't generate purely random data. They use semi-random and semi-smart techniques to efficiently find issues in the code.
For other readers, a person has started working on it:
ReplyDeletehttps://github.com/google/oss-fuzz/pull/12047