oss-fuzz
Av1an
Our great sponsors
oss-fuzz | Av1an | |
---|---|---|
31 | 65 | |
9,879 | 1,345 | |
4.1% | - | |
9.9 | 7.3 | |
6 days ago | 9 days ago | |
Shell | Rust | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
oss-fuzz
- Xz: Disable ifunc to fix Issue 60259
-
Backdoor in upstream xz/liblzma leading to SSH server compromise
> because the ifunc code was breaking with all sorts of build options and obviously caused many problems with various sanitizers
for example, https://github.com/google/oss-fuzz/pull/10667
-
Ask HN: Any Good Fuzzer for gRPC?
Have you tried Googles grpc fuzzer?
https://github.com/google/oss-fuzz/blob/master/projects/grpc...
-
Pacemaker should be running open source software
https://www.fda.gov/medical-devices/digital-health-center-ex...
oss-fuzz: https://github.com/google/oss-fuzz :
> We support the libFuzzer, AFL++, and Honggfuzz fuzzing engines in combination with Sanitizers, as well as ClusterFuzz, a distributed fuzzer execution environment and reporting tool.
> Currently, OSS-Fuzz supports C/C++, Rust, Go, Python, Java/JVM, and JavaScript code. Other languages supported by LLVM may work too. OSS-Fuzz supports fuzzing x86_64 and i386 builds.
-
Fuzz Testing Is the Best Thing to Happen to Our Application Tests
I love fuzzing as a technique and use it quite regularly, but running AFL++ on even a single program occupies all threads of a high end AMD server for weeks. I'm running it locally so only paying for the electricity. If it was a cloud instance it would cost a small fortune. I think this is a reason it is not used more widely.
I will note that Google have a programme for doing fuzz testing on open source projects using computer from their cloud: https://google.github.io/oss-fuzz/
- Fixed Spelling Errors or Typos
- ELI5: How can downloading a pdf or word file give you a virus?
- OSS-Fuzz β continuous fuzzing for open source software
-
Mosh: An Interactive Remote Shell for Mobile Clients (2012) [pdf]
Yes, mosh has fuzz tests in oss-fuzz [1].
[1] https://github.com/google/oss-fuzz/tree/master/projects/mosh
-
Java Fuzzing with Jazzer compared to Symflower
We will explore how Jazzer is used to automatically generate malicious inputs for Java programs, and how it compares to Symflower, which can automatically generate unit tests to uncover bugs and errors in your code. With the help of Jazzer, many bugs - some of them even in the OpenJDK - were found already. Also, as of March 2021, Jazzer is officially part of OSS-Fuzz, Google's cloud fuzzing engine. It should be noted that Jazzer is a pure "bug detection" utility that finds reproducers for errors in user code. Symflower can do the same, but provides additional functionalities to boost developer productivity, like generating high coverage unit tests and providing test templates for the software developer or tester.
Av1an
-
Guide to Adopting AV1 Encoding
The hardware encoders are very fast and generally better than x264 (but not by as much as you'd think with the x264 slow preset).
In addition, there are threaded AV1 encoders you may be overlooking, like SVT-AV1. For non-realtime, my favorite is av1an, which also yields better quality than is possible from aomenc: https://github.com/master-of-zen/Av1an
-
I have a feeling crunchyroll should be using AV1
I specifically used https://github.com/master-of-zen/Av1an with --target-quality 100 to keep the compression as close to lossless as possible (you could probably shave even more size off if you didnβt use near-lossless compression)
-
Automatic choose encode settings?
There's also Av1an as suggested by someone else. It's going to produce more efficient encodes because it uses chunk-based encoding to reach the required VMAF for every single chunk, but this is also slower because every chunk will be re-encoded until the VMAF target is reached. It's also a PITA to compile, has a long list of bugs, and isn't very actively developed. One of the long-standing issues is that frames have a tendency to go missing during splitting, which IME is going to keep happening when the input files aren't standardized. And thus the recommendation is to transcode the input to lossless first, which is just completely unsustainable.
-
Building pc for ffmpeg rendering
i'm still trying to figure out if av1an is the breakthrough to using large CPU counts without losing quality. but it's a ridiculously poorly documented program. i haven't gotten it to run effectively yet. https://github.com/master-of-zen/Av1an
-
Codecs for the 4K Era: HEVC, AV1, VVC and Beyond
I don't know about VVC, but I've never seen a recommendation of preset 0 for SVT-AV1. The docs say "presets 1-3 represent extremely high efficiency, for use when encode time is not important and quality/size of the resulting video file is critical". It seems like 0 is the equivalent placebo preset. But if you want AV1 with coding efficiency over all else, IIRC the typical approach is to use av1an to detect scene transitions and farm out parallel encodes with aomenc.
-
Automating av1 encoding?
That might be because it doesn't work.
-
VMAF is confusing me
Have you seen Av1an? It's supposed to encode to a target VMAF.
-
Trying to use av1an without success
Are you using the current version, 0.4.0, from https://github.com/master-of-zen/Av1an/releases
- Av1an - Cross-platform command-line AV1 encoding framework written in Rust
- Av1an: Cross-platform command-line AV1 encoding framework written in Rust
What are some alternatives?
AFLplusplus - The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
HandBrake - HandBrake's main development repository
fuzzilli - A JavaScript Engine Fuzzer
SVT-AV1
ffmpeg-libav-tutorial - FFmpeg libav tutorial - learn how media works from basic to transmuxing, transcoding and more. Translations: πΊπΈ π¨π³ π°π· πͺπΈ π»π³ π§π·
FastFlix - FastFlix is a free GUI for HEVC and AV1 encoding, GIF/WebP/AVIF creation, and more!
libfuzzer - Thin interface for libFuzzer, an in-process, coverage-guided, evolutionary fuzzing engine.
NotEnoughAV1Encodes - GUI for AV1 (aomenc, rav1e & svt-av1)
FFmpeg - Mirror of https://git.ffmpeg.org/ffmpeg.git
FFmpeg-Builds
uafuzz - UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
ab-av1 - AV1 re-encoding using ffmpeg, svt-av1 & vmaf.