ossf
feature: analyse non-fuzzer targets to enable more code analysis
Currently, analysis is only run if a binary contains a fuzzer entrypoint (LLVMFuzzerTestOneInput) and no main function.
However, this leaves out potential code for analysis, e.g. if there is code compiled as part of a project but never linked in to any fuzzer. We can avoid this fuzzer entrypoint check and instead extract information about everything compiled and this data can then be used in the post-processing steps with limited hassle.
This will enable improved analysis against projects few fuzzers and also enable analysis of projects without any fuzzers.
I think it would certainly help FI to discover more functions and recommend covering them with fuzz targets. I think the problem is that on OSS-Fuzz at least tests (and other binaries) are often compiled out to avoid pulling third-party dependencies, save some time and so on.
