Adds libvnc project

[catenacyber]

@bk138 would you be interested in continuous fuzzing for libvncserver ?
This PR can enable it with oss-fuzz.

If you are interested, I would be happy to see if we can improve and merge the libvnc patch to make it fuzzable.
(instead of using sockets to read from, we directory read from a buffer)

[bk138]

Yeah sure - I reckon you need feedback on patch.diff?

[catenacyber]

I reckon you need feedback on patch.diff?

Feedback is indeed especially welcome for patch.diff, but also for the whole process

[bk138]

I reckon you need feedback on patch.diff?

Feedback is indeed especially welcome for patch.diff, but also for the whole process

To be able to do that, I need some more info on the process and alternatives. Do you have a link to the docs at hand? I know about fuzzing, but am totally missing context info on oss-fuzz.

[catenacyber]

Do you have a link to the docs at hand?

Here is the doc about oss-fuzz : https://google.github.io/oss-fuzz/

To test this PR, you can do the following :

• install Docker (if you do not have it already)
• checkout this repository and this PR, for instance git clone https://github.com/catenacyber/oss-fuzz/ && cd oss-fuzz && git checkout libvnc
• then you can build the fuzzers in 2 steps : python infra/helper.py build_image libvnc
• the second step python infra/helper.py build_fuzzers libvnc
• finally you can run the fuzzer python infra/helper.py run_fuzzer libvnc fuzz_server

[catenacyber]

@bk138 did I supply the right information ?
Do you have more questions ?

[bk138]

@bk138 did I supply the right information ?
Do you have more questions ?

Sorry, I'm quite short on time ATM. Will review ASAP!

[catenacyber]

Ok, thanks, no rush :-)

[catenacyber]

@bk138 are you interested or should I close this ?

[bk138]

@bk138 are you interested or should I close this ?

Yeah still interested. I guess that patch.diff would need updating against current master of LibVNCServer.

I see that https://github.com/google/oss-fuzz/pull/5137/files#diff-e0270e5ba131ab12d76d5ad60b5c15550192cd186f303703a7a1a286da9ee170 adds some instrumentation in the read and peek functions. Would it be (easily?) possible to just use sockets as you mentioned in #5137 (comment) ?

[catenacyber]

Yeah still interested. I guess that patch.diff would need updating against current master of LibVNCServer.

Indeed, Proposed in LibVNC/libvncserver#541

I see that https://github.com/google/oss-fuzz/pull/5137/files#diff-e0270e5ba131ab12d76d5ad60b5c15550192cd186f303703a7a1a286da9ee170 adds some instrumentation in the read and peek functions. Would it be (easily?) possible to just use sockets as you mentioned in #5137 (comment) ?

I do not think it is easy and I have been having bad experience with it.
Fuzzing runs thousands of iterations per seconds and this seems to overwhelm the OS somehow...

The classical way to do it in other projects is to have some abstraction to read from, which can be some buffer in memory (as used by fuzzing), some socket, or whatever other object...

[catenacyber]

@alan32liu this PR is ready for review after the fuzz target mas merged upstream cf LibVNC/libvncserver#541

[DonggeLiu]

Collecting consensus from our team...

[catenacyber]

@alan32liu why do not I see libvnc in build status page cf https://oss-fuzz-build-logs.storage.googleapis.com/index.html ?

I also get a 404 on the stats cf https://oss-fuzz.com/fuzzer-stats?project=libvnc&fuzzer=libFuzzer&job=libfuzzer_asan_libvnc&group_by=by-fuzzer

[DonggeLiu]

This is strange, I also got 404 on the second link.
Not showing up on the status page may relate to #9408.