Erik de Castro Lopo is no longer actively involved in maintaining the libFLAC project. I'd like access to the not-yet-public bug reports and the details so we can get a new release out.
The patched Go versions adds a new runtime function to register
8bit counters when initializing the fuzz target. This is needed to
register those counters with libfuzzer and get real edge coverage.
This change is meant to be a temporary change until the Go patches are
accepted upstream. Then, we will create a pull request for
go114-fuzz-build
- Do not fail silently on compilation issues
- Use a static version of freetype
- Render the PDF on a bitmap, to exercise more code paths.
- I'm planning on adding more outputs (maybe in new fuzzers) for Postscript for example
- Exercise more metadata gathering functions
- Use a stream instead of a file, to speed the fuzzer up
- Allocate the PDFDoc on the stack instead of the heap
- Don't install recommended packages
Co-authored-by: Autofuzz team <security-tps@google.com>
QtSynchronizeRepo.cmake used to do that when a dependency was
missing but since 8a94d1e it just ignores missing checkouts.
--depth 5000 clones about a year of history and reduces the size
of the repository by over 200MB. Cloning even less history would
further reduce the size by less than 15MB.
* Returning empty list of steps in case of error when downloading coverage data
* Better error handling
* Using logging.warning and more informative message
- Point `compile` to the right `fuzz-introspector` location (since it's no longer checked out in $SRC).
- Rename build tag to "introspector" to be more consistent with other
tags.
- Fix bad merge in deploy.sh script.
- Add introspector setup to project sync.
- Enable more logging for project sync cron.
* [njs] Reverting --debug=YES introduced in c16cf5a2.
As it changed reproducibility of existing issues.
* [njs] Build pcre2 dependency manually and enable MSan.
* [njs] Fixed seed corpus gathering after test/module directory was removed.
* Fix urllib3 install procedure
We switched from setuptools to Flit, and running setup.py is deprecated anyway.
* Invoke pip from python3
Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com>
Co-authored-by: Andrew Murray <3112309+radarhere@users.noreply.github.com>
* Clean up build infra issues.
0. Don't clone fuzz-introspector to /src since it breaks builds.
1. Install packages in python install script properly. Previously
pip install atheris>=2.0.6 was interpreted as "redirect the output
from pip install atheris" to the file "=2.0.6".
3. Clean up some miscellanious issues.
* Include removal
Martijn van Beurden