I added the wrong header in the last commit. This will be fixed by this
commit.
Furthermore it seems to run as a different user in ClusterFuzz. So this
is fixed as well.
This is needed for CF to determine whether or not to allocate the
project on a higher end bot to run the blackbox fuzzer.
Previously this was keyed on the "none" entry under fuzzing_engines,
which wasn't very descriptive. This change also lets us do both blackbox
and greybox fuzzing in the same project, which will be done for quickjs.
* [rnp] remove verbose flag during botan unpacking.
* [rnp] use as much make jobs, as available.
* [rnp] stick to the $SRC folder during the build.
* [rnp] automatically detect fuzzers and ignore possible chrpath error.
* initial commit
* update build script, build failing
* add necessary environment variable definitions
* build working
* programmatically get system bits
* add md5 fuzzer
* fix style
* add fuzzers for two more hash functions
* testing dynamic includes
* build working
* clean up build script
* add aes fuzzer
* patch block_common to avoid build issues
* remove comments
* update patchfile location
* move patchfile again
* apply patch from subdirectory
* remove another comment
* change state type, use same data for encryption and decryption
* Build of nodejs has now been upstreamed and this commit simplifies the build for nodejs to the new updates.
* We only support libfuzzer for now.
* Simplified the build script.
Do this so that CIFuzz will work.
Co-authored-by: Zepeng Hu <zepenghu@google.com>
Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
* Get Sleuthkit building in the OSS-Fuzz builder.
* added fuzzers, included primary contact email, and updated build script
* included license headers
* fixed variable name typo in build script
* remove memory initialization in sleuthkit_mem_img.h
* style fixes, remove instances of goto
Co-authored-by: Ravi Jotwani <rjotwani@google.com>
Hopefully this should prevent OSS-Fuzz from reporting bugs that
have alread been fixed. Though I'm not sure how stable it's going to be
given that https://github.com/google/oss-fuzz/issues/4083 is still
open. Let's see.
* added draco integration files
* wrote build file and Dockerfile for Draco
* added more fuzzers, updated build script to generate corpus and options for each
* place yaml.dict in SRC first, rather than in OUT directly
* changed fuzzers from c++ to c, updated build script
* started using booleans instead of ints, updated naming conventions
* replaced all instances of with
* removed memsets, stopped using first two bytes of input, and removed file I/O
* fixed style, changed function return types to bool instead of int
* added libyaml_parser_fuzzer back, implemented string handling to not exceed buffer size in libyaml_emitter_fuzzer, and made style fixes
* changed boolean functions to return error, not success
* fixed inverted check
* changed variable names, fixed crash in libyaml_emitter_fuzzer
* fixed addition/subtraction style
* make a dynamically growing heap buffer
* place yaml_write_handler in distinct header file, style fixes
* fix style and memory safety issues in reformatter fuzzers, remove unused vars
* consistent assignment of done variables
* [CRAS] Fix build error and build new fuzzer
- Fix build error by installing 1.8.x gtest and using `make install` to
install gtest pc file for pkg-config
- Build and add new fuzzer `cras_hfp_slc`
BUG=oss-fuzz:24744
* fix the copyright
* fix the copyright
* Update Dockerfile
Co-authored-by: Max Moroz <mmoroz@chromium.org>
* Add bind9 as new proposed oss-fuzz target
* Add basic Dockerfile and build.sh
* Change the auto_cc addresses to @isc.org
* fix the copyright
* fix the copyright
Co-authored-by: Max Moroz <mmoroz@chromium.org>
* initial commit
* removed instances of cout in fuzzer, build failing
* Fix the Alembic build.
This commit gets Alembic building properly by linking it against
a locally compiled checkout of the most recent OpenEXR release.
* placed temp file in /tmp, modified build script
* added zlib1g-dev:i386 as a dependency in Dockerfile
* style fixes, removed msan
* combine dumpAttribute functions
* fix formatting
* update fuzzer_temp_file.h, style fixes for fuzzer
* populate target names
* disable ubsan for the time being
Co-authored-by: Michael Jezierny <mtjz@google.com>
* [opusfile] Initial integration
* add license header
* cleaned up loop in build script
* fix typo in build script
* changed fuzzer from C++ to C
* run ldconfig before building fuzzer
* Force static linking when building the fuzzer.
This alternative linker syntax overrides the "lib{whatever}.so" default.
Fortunately, Ubuntu packages static libraries in libopus-dev and
libogg-dev.
Co-authored-by: Michael Jezierny <mtjz@google.com>
The upstream LPM-based fuzzer changed its layout, so update the build
files to reflect this. This may make sense as a separate .a file in
the future to avoid these breaks.
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24776
* projects/dav1d: remove unnecessarily installed packages
* projects/dav1d: fix build by just copying the fuzzing binaries
Meson switched the name of the directory holding the objects for the
fuzzer binaries to match the pattern used to copy all fuzzing binaries.
Copying the directory failed.
* using tidy_html5's fuzzer_temp_file utilities to create a file from fuzzing input in /tmp
* used FuzzerTemporaryFile class, updated copyright year
* catch all exceptions instead of a select few, fix styling in openexr_exrheader_fuzzer
* updating fuzzer_temp_file.h with the changes mentioned in https://github.com/google/oss-fuzz/pull/4236
The purpose of the fuzzer is to very that an exception is thrown, not
to validate that the correct *type* of exception is thrown. That is
the responsibility of the project's traditional test suite. Therefore,
the exception type is inconsequential.
Signed-off-by: Cary Phillips <seabeepea@gmail.com>
Update the primary contact addresss and website in the Mbed TLS
project file.
Also update the Mbed TLS cc address in the bignum-fuzzer project
file.
Signed-off-by: Dan Handley <dan.handley@arm.com>
Reducing the number of concurrent link steps to the number of cpus does
not appear to have made much difference to the success of the Skia
project build. Limit the number of concurrent links to one in an attempt
to avoid running out of memory. If issues persist it is likely the bot
running this simply does not have enough memory to run the linker step.
This change is speculative since these builds have been working on the
CI bots and only failing on the oss-fuzz build.
Bug: oss-fuzz:23438,oss-fuzz:24345
The number of link build steps in the Skia build is currently not
limited and may be leading to the current failures where the linker is
killed with a signal. This changes that to limit the number of
concurrent linker steps to the number of cpus available. If there
continue to be issues it may be necessary to implement a hard limit.
Bug: oss-fuzz:23438,oss-fuzz:24345
* added two fuzzers from patch files, stripped unnecessary code from exrenvmap_fuzzer, build currently failing
* exrheader build working
* checking coverage for exrheader_fuzzer
* removed writes to cout for exrheader_fuzzer
* exrheader_fuzzer and exrenvmap_fuzzer working
* added license to exrheader_fuzzer
* remove namespaceAlias.h
* changed function names in exrheader_fuzzer, wrote files to /tmp in exrenvmap_fuzzer, included style fixes
* [rnp] Add afl engine
* Add fuzz_dump and fuzz_keyring to the exception list
These binaries - from https://github.com/rnpgp/rnp/tree/master/src/fuzzing -
are very tiny and just call into the library with a single API,
and are not staticly compiled - so they have very few UBSAN calls.
Undefined sanitizer should now work, and the honggfuzz engine as well.
Upstream changes supported enabling these, and when I did so I
renamed one of the variables.
ClamAV recently removed autotools generated materials (configure,
Makefile.in, etc) from the git repo. This commit adds tools and calls
necessary to generate those files if autogen.sh is present.
* fixed null dereference in uri_dissect_query_malloc_fuzzer
* removed unused include
* initialized chars_required, freed query_list if check unsuccessful, and used buf.data() instead of &buf[0]
* Updates patch for mysql 8.21
* Fixup 8.21
* Disabkes fuzz_docommand to keep going with other targets for now
* do not even compile fuzz_docommand
* Adding license
* FIXMEs
* no longer compiled
* nits
The gold linker was forced when the system linker stopped linking the
Skia build. It seems that the gold linker is now running into issues, so
attempt to switch back.
* added new fuzzer
* added new fuzzer
* removed commented code
* add license header for uri_parse_fuzzer
* get values from FuzzedDataProvider, awaiting fuzz targets for FileNames and Ipv4 in parse_fuzzer
* build working
* fixed size mismatch, used better consumption function for remaining input
* reduced maxSize for uri_dissect_query_malloc_fuzzer
* added missing fuzz targets, removed unnecessary import
* removed unused include, changed instances of std::string to string, removed ToVector, added checks, and removed usage of FuzzedDataProvider in uri_dissect_query_malloc_fuzzer
* fixed vector issue in uri_parse_fuzzer
* added explicit value checks, removed Yoda comparisons
This leads to multiple definitions of everything defined in
SkSVGCanvas.cpp since it will be compiled into the api_svg_canvas target
directly as well as the Skia xml target.
* Homepage updated, added auto ccs to project.yaml
* Fixed project.yaml
* [spdlog] Added new fuzzers, modifed existing ones
* Revert "[spdlog] Added new fuzzers, modifed existing ones"
This reverts commit 1e7f14a81d.
* Modified existing fuzzer
* Added new fuzzer for backtrace
* Added new fuzzer for formatter
* Added new fuzzer for set_pattern
* Added new fuzzer for log_levels
* Moved fuzzers to upstream repo
* Moved fuzzers back to oss-fuzz
* fixed fuzzers
* Update years
The SwiftShader build seems to want SWIFTSHADER_EMIT_COVERAGE set or it
will do things that interfere with a coverage build. Use this to
simplify the SwuftShader build a bit and hopefully restore the coverage
build.
* Add new RDKit dependency (freetype)
FIxes Issue #23703
* just remove the freetype requirement for now
otherwise we have to build that static and that's a mess
* Update Dockerfile
* style: Clean up the repo
* Bolster the `.gitignore`
* Follow `CONTRIBUTING.md` guidelines and wrap `README.md` to 80
characters and seperate links for readability
* Remove pesky Unicode dash in `CONTRIBUTING.md`
* Remove `.DS_STORE` files
* Rename `#project.yaml#` to something logical and enable stntax
highlighting
* Updates from reviewers
* Greatly reduce `.gitignore` to only macOS `.DS_Store` and Vim
temporary files
* Apply markdown style to `docs/index.md`
* small comma grammatical change
* http -> https
* added new opus fuzzer, build working
* added missing license header, cleaned up Dockerfile
* fixed build process
* changed build process depending on C or C++ fuzzer
* converted opus_multi_fuzzer from C++ to C, reverted build script to only accept C files
* Add a working skeleton for OpenEXR fuzzers.
* added openexr fuzzers, updated build script to include them
* cleaned up bash loop
* [openexr] Replace buf_to_file with StdISStream.
Version 2.5.0 of OpenEXR added a StdISStream class that turns
a std::string into an Imf::IStream, which can be used instead of
filenames when opening an OpenEXR image. This commit adds code which
wraps the fuzzer input into a StdISStream, which enables us to remove
the hacky buf_to_file function.
* updated deepscanlines_fuzzer to use IStream instead of filenames
* replace "/work" with in build.sh
* Reformat CMake settings, and also prevent building utils and examples.
* Reformat and change names in build.sh.
* Omit the version prefix when building OpenEXR and IlmBase libraries.
* updated final two fuzzers to use istream
* fixed additional conflict in project.yaml
* get header size from input
* increased header size
* Fix argument types in readFileSingle
Co-authored-by: Michael Jezierny <mtjz@google.com>
Co-authored-by: Abhishek Arya <inferno@chromium.org>
- Updates project.yaml to specify libfuzzer as fuzzing engine
- Adds a basic Dockerfile
- Add a build.sh script for initial target
Co-authored-by: pierwill <pierwill@users.noreply.github.com>
* Add wasm-tools repository to wasmtime project
This commit expands the fuzzers run under the Wasmtime project to
include those in the https://github.com/bytecodealliance/wasm-tools
repository. This includes various parsing for utilities used by Wasmtime
itself but also generally useful for other Rust projects! The
maintainers of the wasm-tools repository are also all currently all on
the notification list for Wasmtime fuzz bugs as well.
* Load all corpuses from wasmtime-libfuzzer-corpus
* fixing Dockerfile for libpng-proto
* adding json proto, LPM, and fuzz target for jsoncpp
* adding vanilla fuzzer back in
* fixing weird spacing in build script + taking out unneedef header file
* adding settings field and passing all of json_str
* adding license headers
* refactoring settings field
* fixing compile issue
* fixing MSan issue, changing license to 2020, and using iterator instead of pointers
* passing pointers more understandably to parse
* taking out unecessary assign
Co-authored-by: Danny Halawi <dhalawi@google.com>
* Add spanner emulator project
* Adding auto_css for Sneha and myself
* Adding dockerfile and build.sh files
* Further fixes for OSS-Fuzz integration
* Update build.sh
* Cleaning up commented code in build.sh
* Fuzzing branch merged with main in the emulator repo, modified dockerfile to clone main now instead of the branch.
* Updating build.sh to copy the binaries to out
* Cleaning up build.sh by removing Envoy specific comments, removed dictionary code as no corpus exists yet
* Updating yaml to include the memory sanitizer
* Build.sh should now copy fuzzing binaries properly to , adding fuzzing_enginers parameter to yaml to bypass AFL timeout for now.
Co-authored-by: Jonathan Volfson <volfson@google.com>
Co-authored-by: Oliver Chang <oliverchang@users.noreply.github.com>
* Add a working skeleton for OpenEXR fuzzers.
* added openexr fuzzers, updated build script to include them
* cleaned up bash loop
* replace "/work" with in build.sh
* Reformat CMake settings, and also prevent building utils and examples.
* Reformat and change names in build.sh.
* Omit the version prefix when building OpenEXR and IlmBase libraries.
* Correct the contact addresses for OpenEXR.
Co-authored-by: Ravi Jotwani <rjotwani@google.com>
Currently, coverage builds fail on step 3 with:
```
Step #3: + rsync -avLkR --include '*.h' --include '*.cc' --include '*.hpp' --include '*.cpp' --include '*.c' --include '*/' --exclude '*' /tmp /workspace/out/coverage
Step #3: sending incremental file list
Step #3: symlink has no referent: "/tmp/tmp.BOH6TAB62E/ares/include/ares_build.h"
Step #3: symlink has no referent: "/tmp/tmp.BOH6TAB62E/ares/include/ares_dns.h"
Step #3: symlink has no referent: "/tmp/tmp.BOH6TAB62E/ares/include/ares.h"
Step #3: symlink has no referent: "/tmp/tmp.BOH6TAB62E/ares/include/ares_rules.h"
Step #3: symlink has no referent: "/tmp/tmp.BOH6TAB62E/ares/include/ares_version.h"
Step #3: symlink has no referent: "/tmp/tmp.BOH6TAB62E/include/sha1.c"
Step #3: symlink has no referent: "/tmp/tmp.BOH6TAB62E/include/gcm_nohw.c"
Step #3: symlink has no referent: "/tmp/tmp.BOH6TAB62E/include/digests.c"
...
```
Just exclude these files. Doubt they matter to us.
Ref: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23621&q=esp-v2&can=2
Signed-off-by: Teju Nareddy <nareddyt@google.com>
* syzkaller: update go get invocation
The way to checkout the repo has changed.
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21994
* [syzkalle] Fix paths passed to `compile_fuzzer` function.
Co-authored-by: Max Moroz <mmoroz@chromium.org>
* [libspng] Fetch zlib in Dockerfile
This step has been moved from the build script: c35e509f04
* Update Dockerfile
* Update Dockerfile
* dummy commit
* Update Dockerfile
* dummy commit
* dummy commit
* libzmq: use build script from upstream repository
In order to avoid having to send PRs every time we change something, simply
maintain the build script in the upstream repository, and change build.sh
to a one-line call.
* libzmq: clone corpora and dictionary repository
* fixing Dockerfile for libpng-proto
* Fixing Dockerfile so the LPM for giflib works
* Fixing Dockerfile so the LPM for xerces-c works
* taking out unneeded installations
Co-authored-by: Danny Halawi <dhalawi@google.com>
Evan Miller