Book Image

CMake Best Practices

By : Dominik Berner, Mustafa Kemal Gilor
5 (2)
Book Image

CMake Best Practices

5 (2)
By: Dominik Berner, Mustafa Kemal Gilor

Overview of this book

CMake is a powerful tool used to perform a wide variety of tasks, so finding a good starting point for learning CMake is difficult. This book cuts to the core and covers the most common tasks that can be accomplished with CMake without taking an academic approach. While the CMake documentation is comprehensive, it is often hard to find good examples of how things fit together, especially since there are lots of dirty hacks and obsolete solutions available on the internet. This book focuses on helping you to tie things together and create clean and maintainable projects with CMake. You'll not only get to grips with the basics but also work through real-world examples of structuring large and complex maintainable projects and creating builds that run in any programming environment. You'll understand the steps to integrate and automate various tools for improving the overall software quality, such as testing frameworks, fuzzers, and automatic generation of documentation. And since writing code is only half of the work, the book also guides you in creating installers and packaging and distributing your software. All this is tailored to modern development workflows that make heavy use of CI/CD infrastructure. By the end of this CMake book, you'll be able to set up and maintain complex software projects using CMake in the best way possible.
Table of Contents (22 chapters)
Part 1: The Basics
Part 2: Practical CMake – Getting Your Hands Dirty with CMake
Part 3: Mastering the Details

A quick glance into fuzzing in CMake projects

Before further ado, let's learn a bit about fuzzing itself. Fuzzing, or fuzz testing, is a testing method that feeds random, unexpected data to a software system to see how a system behaves with certain input. The fuzzer reports the unexpected behaviors that it encounters. This allows us to discover critical bugs that are otherwise missed by other testing strategies and code reviews. Finding whether input causes a security issue or failure has proven to be hard. Surprisingly, fuzzing is pretty effective against this. It is known that the vast majority of critical security bugs such as remote code execution or privilege escalation can be discovered with ease when fuzzing is employed correctly. Therefore, it is important to understand the fuzzing technique to harness the power that comes with it.

Fuzzing can be done either manually by hand or automatically with the help of software. The second approach is more favorable, since it...