The php i386 build is broken since the last clang roll, due to a bug on
the clang side. This should get fixed when clang is updated again, but
for now pin to an older version.
FYI I also submitted
https://github.com/AFLplusplus/AFLplusplus/pull/1516 to hopefully
unblock the clang 15 update.
We have some fuzzers that are security-critical (json, exif), but
these haven't found anything genuinely new in a long time. It seems
unlikely that they will find something that is not a regression in
a pre-release version (and as such okay to be public).
The other fuzzers are not classified as security-critical by the
the PHP project (unserialize, unserializehash, parser, execute,
function-jit, tracing-jit). The latter three produce the vast
majority of new reports.
I think it would be more valuable to make fuzzing reports public
and have a larger set of people who can work on them.
The mbstring fuzzer is really a fuzzer for the oniguruma library
through the PHP mbregex extension. This was important at the time
as the upstream oniguruma project did not have fuzzing and we were
bundling the library (and thus responsible for security backports).
Nowadays we no longer bundle this library and the upstream project
does their own fuzzing, including integration with oss-fuzz:
https://github.com/google/oss-fuzz/tree/master/projects/oniguruma
I haven't really done anything with reports from this fuzzer in a
long time, as issues get addressed upstream. As such, I think it's
safe to drop it on the PHP side.
* [presubmit] Enforce language attribute in projectt.yaml to be always set.
* Update documentation, better presubmit check, new project template.
* add docstring to templates.py
* Add example values in the project.yaml template and remove python value for now
* Add "project: c++" to 256 projects
* format
* Add labels and selective_unpack sections to the presubmit check
* fix incorrect auto_ccs format in three projects
* fix nss emails after rebase
PHP uses a union which is only allocated to the size of the used
union member, which is apparently incompatible with the object-size
sanitizer. This is really hard for us to fix, so instead disable
the sanitizer.
Nikita Popov