It appears that libevent now requires pkg-config, which was not
previously installed from Tor's Dockerfile. This change adds
pkg-config.
Adding this dependency should resolve oss-fuzz issue 36048
(https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36048)
* [presubmit] Enforce language attribute in projectt.yaml to be always set.
* Update documentation, better presubmit check, new project template.
* add docstring to templates.py
* Add example values in the project.yaml template and remove python value for now
* Add "project: c++" to 256 projects
* format
* Add labels and selective_unpack sections to the presubmit check
* fix incorrect auto_ccs format in three projects
* fix nss emails after rebase
* [Tor] Build libevent with --disable-openssl
Libevent's build is failing because it can't find openssl. We could
try to fix this, but instead let's disable it: Tor doesn't actually
use Libvent's openssl support.
* [tor] Use zip -q to make logs shorter.
Suggestion from Max Moroz.
https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/
I ran into this because I was getting errors locally, like:
E: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/d/dpkg/libdpkg-perl_1.18.4ubuntu1.1_all.deb 404 Not Found [IP: 91.189.88.149 80]
It turns out you get these if you don't update, and the official best practices are to `run apt-get update && apt-get install`. In fact, running _any_ apt-get install command without the apt-get update && before it can result in unfortunate caching artifacts -- see "cache busting". (P.S. thanks to Peng on Freenode for helping me, I'm bad at Ubuntu.)
So:
sed -re \
's/RUN apt-get ((-y )?(install|build-dep))/RUN apt-get update \&\& apt-get \1/' -i \
projects/**/Dockerfile
I also manually fixed the cases that already ran apt-get update in their Dockerfile:
dlplibs/Dockerfile
grpc/Dockerfile
libreoffice/Dockerfile
Tor has a few safety features that try to prevent bugs by using
memory more safely. For example, by default, we terminate our IO
buffers with 0-valued bytes, so that accidental string operations
can't run off the end. For another example, we do some of our
allocation in "memory areas" -- an obstack-style allocation in which
all objects are freed at once.
These features prevent a fairly large category of crash bugs, but
they also prevent asan from seeing our mistakes. But when we're
fuzzing, we'd like to expose as many of our mistakes as possible.
With that in mind, we've added a --disable-memory-sentinels
configuration option to turn off a lot of these safety features when
we're fuzzing. This feature turns it on for oss-fuzz.
* Initial attempts at getting Tor to build in oss-fuzz docker.
* add automake/autoconf
* More work
* more fixes for tor
* copyright notice, corpora.
* zip correctly.
DavidKorczynski