diff --git a/docs/config.yml b/docs/config.yml index 7840d943a812..e395d30bf446 100644 --- a/docs/config.yml +++ b/docs/config.yml @@ -30,6 +30,7 @@ categories: - testing/geckodriver - web-platform - tools/fuzzing + - tools/sanitizer - testing/perfdocs l10n_doc: - intl diff --git a/tools/fuzzing/docs/index.rst b/tools/fuzzing/docs/index.rst index 555f9159f327..37b2508ef7f2 100644 --- a/tools/fuzzing/docs/index.rst +++ b/tools/fuzzing/docs/index.rst @@ -3,7 +3,9 @@ Fuzzing .. toctree:: :maxdepth: 1 + :hidden: :glob: + :reversed: * @@ -168,14 +170,18 @@ below) if your code can be exercised in this way. The Fuzzing Interface ~~~~~~~~~~~~~~~~~~~~~ +**Fuzzing Interface** + +The fuzzing interface is glue code living in mozilla-central in order to make it +easier for developers and security researchers to test C/C++ code with either libFuzzer or afl-fuzz. + This interface offers a gtest (C++ unit test) level component based fuzzing approach and is suitable for anything that could also be tested/exercised using a gtest. This method is by far the fastest, but usually limited to testing isolated components that can be instantiated on this level. Utilizing this method requires you to write a fuzzing target similar to writing a gtest. This target will automatically be -usable with libFuzzer and AFLFuzz. We offer a `comprehensive -manual `__ +usable with libFuzzer and AFLFuzz. We offer a :ref:`comprehensive manual ` that describes how to write and utilize your own target. A simple example here is the `SDP parser diff --git a/tools/lint/codespell.yml b/tools/lint/codespell.yml index c9b1ea3e3f22..8db1a2eca5e4 100644 --- a/tools/lint/codespell.yml +++ b/tools/lint/codespell.yml @@ -53,6 +53,7 @@ codespell: - tools/fuzzing/docs/ - tools/moztreedocs/ - tools/lint/ + - tools/sanitizer/docs/ - tools/tryselect/ exclude: - tools/lint/test/test_codespell.py diff --git a/tools/moz.build b/tools/moz.build index 752fd8cb2a2d..29eef9767222 100644 --- a/tools/moz.build +++ b/tools/moz.build @@ -62,6 +62,8 @@ SPHINX_TREES['try'] = 'tryselect/docs' SPHINX_TREES['fuzzing'] = 'fuzzing/docs' +SPHINX_TREES['sanitizer'] = 'sanitizer/docs' + with Files('tryselect/docs/**'): SCHEDULES.exclusive = ['docs'] diff --git a/tools/fuzzing/docs/asan.rst b/tools/sanitizer/docs/asan.rst similarity index 99% rename from tools/fuzzing/docs/asan.rst rename to tools/sanitizer/docs/asan.rst index 2c36c2746893..a8e4e6385509 100644 --- a/tools/fuzzing/docs/asan.rst +++ b/tools/sanitizer/docs/asan.rst @@ -1,5 +1,5 @@ -Firefox and Address Sanitizer -============================= +Address Sanitizer +================= What is Address Sanitizer? -------------------------- diff --git a/tools/fuzzing/docs/asan_nightly.rst b/tools/sanitizer/docs/asan_nightly.rst similarity index 100% rename from tools/fuzzing/docs/asan_nightly.rst rename to tools/sanitizer/docs/asan_nightly.rst diff --git a/tools/sanitizer/docs/index.rst b/tools/sanitizer/docs/index.rst new file mode 100644 index 000000000000..bd440cded776 --- /dev/null +++ b/tools/sanitizer/docs/index.rst @@ -0,0 +1,21 @@ +Sanitizer +========= + +.. toctree:: + :maxdepth: 1 + :hidden: + :glob: + + * + +**Address Sanitizer** + +Address Sanitizer (ASan) is a fast memory error detector that detects use-after-free and out-of-bound bugs in C/C++ programs. It uses a compile-time instrumentation to check all reads and writes during the execution. In addition, the runtime part replaces the malloc and free functions to check dynamically allocated memory. More information on how ASan works can be found on the Address Sanitizer wiki. + +:ref:`More information
` + +**ASan Nightly Project** + +The ASan Nightly Project involves building a Firefox Nightly browser with the popular AddressSanitizer tool and enhancing it with remote crash reporting capabilities for any errors detected. + +:ref:`More information `