e06931d20b
Generate an index of successful projects for introspector ( #7537 )
2022-04-11 13:43:57 +10:00
d6022d14da
Opt in all Google GitHub projects into GitHub issue filing. ( #7531 )
2022-04-11 13:40:12 +10:00
979e3a4430
[libbpf] report bugs on GitHub and make them public by default ( #7549 )
...
to hopfully make it easier to keep track of them.
2022-04-11 13:37:52 +10:00
a98b5b367b
unrar: enable fuzz-introspector ( #7545 )
2022-04-09 18:45:35 +01:00
38170a90cc
lxml: enable coverage and extend fuzzers ( #7544 )
2022-04-09 17:09:34 +01:00
700acdaa21
python-protobuf: extend fuzzer ( #7543 )
2022-04-09 15:50:17 +01:00
0dc7b5ef91
Set introspector build to run at 8PM ET ( #7539 )
...
* Set introspector build to run at 8PM ET
* Fix test failure
2022-04-08 23:11:06 +00:00
3004675cbe
[trial-build Tag trial builds ( #7536 )
2022-04-08 18:59:11 -04:00
0569a4ed6e
icu: set LDFLAGS to fix fuzz-introspector ( #7538 )
...
* icu: set LDFLAGS to fix fuzz-introspector
Fuzz-introspector uses LDFLAGS to force linking by way of the gold
linker. We need to use it when linking fuzzers.
* nit
2022-04-08 23:00:40 +01:00
2fe1b0828d
[trial-builds] Use buildkit caching ( #7535 )
...
Do this to make trial builds more interactive. By using buildkit caching, we won't need to rebuild every single image when a change is made to the PR.
2022-04-08 15:58:34 -04:00
cacd58c222
python-protobuf: initial integration ( #7515 )
...
* python-protobuf: initial integration
* nit
* update to latest python base image
2022-04-08 12:36:07 -04:00
c25c6d920f
pyxdg: initial integration ( #7514 )
...
* pyxdg: initial integration
* update to latest python image
2022-04-08 12:34:51 -04:00
6288dc25d9
aiohttp: initial integration. ( #4764 )
...
* aiohttp: initial integration.
* aiohttp: update to 2022
* set main_repo
* updated to latest python base image
2022-04-08 12:34:05 -04:00
0f7337c560
Jettison initial integration ( #7532 )
2022-04-08 11:43:43 -04:00
82ac1ffbfb
gstreamer: rely on less system libriares ( #7522 )
...
Build libvorbis, libogg and libtheora ourselves. That means we need to
download them though so do that.
Also move the corpus generation to the build script.
Requires: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2123
2022-04-08 11:27:33 -04:00
5cc77a3fde
[libjpeg-turbo] Fuzz multiple code branches ( #7528 )
...
libjpeg-turbo uses a stable mainline branch model, so the main branch is
always stable and feeds into the current release series. The next-gen
evolving release series is developed in the dev branch, and bug fixes
are cherry-picked into stable branches for past release series.
It is desirable to fuzz the dev branch to ensure that bugs are caught
before the evolving code is merged down into main (which generally
occurs in conjunction with a beta release) and also to allow for the
fuzzers themselves to evolve along with the libjpeg-turbo feature set.
It is also desirable to fuzz the stable branch from the most recent
release series (2.0.x at the moment) to ensure that the same quality is
maintained from when that code occupied the main branch.
Note that both the Dockerfile and multi-branch build script included in
this commit accommodate the fact that the dev branch may not exist. The
dev branch will not exist between the time that the current release
series enters beta and the first feature for the next-gen release series
is developed.
Closes #7479
2022-04-08 11:25:53 -04:00
bacceceb54
Increase builds status timeout. ( #7530 )
2022-04-08 15:10:38 +10:00
bf819daf54
Adding Fuzz Introspector build logs to the webpage ( #7520 )
...
* Adding Fuzz Introspector build logs to the webpage
* Skipping badge update for introspector builds
2022-04-08 10:42:40 +10:00
4005da3784
[woodstox] catch WstxLazyException ( #7529 )
2022-04-07 11:29:59 -04:00
9349178c2f
binutils: align fuzzers with upstream ( #7527 )
...
* binutils: align fuzzers with upstream
Upstream changed init_disassemble_info
Ref:
60a3da00bd
2022-04-07 14:49:18 +01:00
781b777e4b
[mupdf] Add Ken to auto_ccs. ( #7526 )
...
* [mupdf] Add main_repo to project.yaml.
* [mupdf] Add Ken to auto_ccs.
2022-04-07 13:31:08 +01:00
b1ebcf8698
Remove the env variable OSS_FUZZ_ROOT which is not defined in this image ( #7521 )
2022-04-07 16:05:11 +10:00
1414080bf7
Separate JBIG2 fuzzer ( #7523 )
...
* Separate JBIG2 fuzzer
* fix copyright string
2022-04-07 11:45:37 +10:00
b1d19b1cd6
add Add base-builder-go-codeintelligencetesting for next 15 projects ( #7518 )
2022-04-06 15:12:34 -04:00
a741b81237
joda-time integration ( #7517 )
...
* joda-time integration
* typo
* typo
2022-04-06 15:12:20 -04:00
0cb820e5af
infra: add Python coverage support ( #7298 )
...
* infra: add Python coverage support
* update python coverage helper script
* nits
* switch from commands to python
* pin coverage package
* switch to single quote strings throughout
* nit
* fix style
* fix style
* fix ci
* fix ci
2022-04-06 10:31:34 -04:00
46121987d0
[stringtemplate4] initial integration ( #7492 )
...
* Snakeyaml initial integration
* Stax2-api initial files. Empty fuzz target
* Stringtemplate4 initial integration
* Updating emails in project.yaml
* Fixing incorrect files that were added
2022-04-06 09:32:07 -04:00
3c4a913d3a
lxml: initial integration. ( #4908 )
...
* lxml: initial integration.
* update to 2022
2022-04-06 10:20:23 +01:00
55c912c9c7
[systemd] report OSS-Fuzz bugs on GitHub as well ( #7510 )
...
It should hopefully make it easier to keep track of them.
It was discussed in https://github.com/google/oss-fuzz/issues/7023
2022-04-05 14:44:59 -04:00
e71b32c79c
Consider submodules while commit and PR checkout ( #7500 )
...
This fix includes a few updates for infra/repo_manager.py:
* Add step for updating submodules while commit checkout
* Add step for updating submodules while PR checkout
Fixes #7493
2022-04-05 11:14:39 -04:00
909a0d7ed3
Attempt to fix insufficient extract_name buffer ( #7293 )
...
* Attempt to fix insufficient extract_name buffer
Some fuzzing failures happen because extract_name always uses in real
dnsmasq code daemon->namebuff of size at least MAXDNAME. Provide long
enough data also to fuzzed functions.
* Add myself as an interested party
Being dnsmasq maintainer in Fedora project and RHEL, I am interested in
new found failures. Especially when security related.
* Allocate full dhcp packet buffer
fuzz_dhcp can fail in clear packet. But that fails, because clear packet
always cleans whole buffer of maximal DHCP packet. But fuzzer allocates
less. Fix fuzzer to allocate similar memory as dhcp_common_init()
function of real dnsmasq.
2022-04-05 02:07:30 +00:00
b3b6f748cc
Fuzz JBIG2 code by checking on each object in PDF file ( #7508 )
2022-04-04 17:54:35 -07:00
8bad6b2c75
infra: make per-target coverage reports readable ( #7505 )
...
Similar to the main report make all target reports readable. This is
currently a blocker on fuzz-introspector for running locally.
2022-04-04 23:39:16 +01:00
0bcaec68ab
infra: fuzz-introspector: ensure COVERAGE_URL exists ( #7502 )
...
* infra: fuzz-introspector: ensure COVERAGE_URL exists
This is to make sure fuzz-introspector can run in local builds.
Ref:
https://github.com/ossf/fuzz-introspector/issues/48#issuecomment-1087513497
Ref:
https://github.com/ossf/fuzz-introspector/issues/67#issuecomment-1087518856
* refactor fuzz-introspector command generation
This is to shorten the long line that runs fuzz-introspector and also in
anticipation that down the line we will have more oss-fuzz specific
commands in fuzz-introspector
2022-04-04 23:38:37 +01:00
696a4dd4e5
Setup trial builds in CI. ( #7415 )
...
This adds the script that will be used by the GCB trigger to do trial builds when we have a base-images change.
2022-04-04 17:47:21 -04:00
1839964003
[woodstox] update copyright info ( #7504 )
2022-04-04 17:46:51 -04:00
fbeb8fb984
[woodstox] Initial Integration ( #7499 )
2022-04-04 09:12:43 -04:00
77bad6cbdb
tensorflow-py: fix build ( #7501 )
2022-04-04 13:03:56 +01:00
4ff34a956e
infra: fuzz-introspector updates and bump ( #7497 )
...
* infra: remove use of git_repo_url to fuzz-introspector
* libarchive,fluent-bit: add fuzz-introspector exclusion config
* fuzz-introspector: bump
Co-authored-by: Oliver Chang <oliverchang@users.noreply.github.com>
2022-04-04 11:35:58 +10:00
10fdf2878d
To include latest introspector changes ( #7494 )
2022-04-03 14:08:09 -04:00
4ae09c2ac2
ngolo-fuzzing: use latest go from git ( #7490 )
2022-04-02 22:05:24 +01:00
43da75fcc0
Add @piponazo to Exiv2 auto_ccs ( #7496 )
2022-04-02 22:03:39 +01:00
1556fb10d6
[zlib-ng] build fixes and improvements ( #7467 )
...
* [zlib-ng] fixed dataflow sanitizer build error. #7464
* [zlib-ng] use cmake instead of configure to build fuzzers.
2022-04-01 15:05:01 +11:00
4aeb753191
Revert "Pin Jazzer to older revision. ( #7484 )" ( #7486 )
...
This reverts commit 86a4d9d11f
2022-04-01 15:04:34 +11:00
7f8fe932ca
Mbed TLS: update references to old Github org ( #7487 )
...
Replace references to ARMmbed organisation with the new
org, Mbed-TLS, following project migration. The new home
for Mbed TLS is:
https://github.com/Mbed-TLS
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-03-31 16:42:43 +00:00
d527319cf1
Fix possible uninitialized values in zlib's compress.c fuzzer ( #7488 )
...
Co-authored-by: Julien Voisin <jvoisin@google.com>
2022-03-31 10:19:26 -04:00
87554e18a8
Add OpenSK member ( #7485 )
2022-03-31 09:55:25 -04:00
221b39181a
Bump introspector ( #7482 )
2022-03-31 17:13:04 +11:00
86a4d9d11f
Pin Jazzer to older revision. ( #7484 )
2022-03-31 15:54:50 +11:00
8d55f22548
Fix libarchive build. ( #7481 )
...
Set --enable-static for libxml2. This was set to false by default in a
recent commit
2022-03-31 13:52:59 +11:00
Navidem