https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/
I ran into this because I was getting errors locally, like:
E: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/d/dpkg/libdpkg-perl_1.18.4ubuntu1.1_all.deb 404 Not Found [IP: 91.189.88.149 80]
It turns out you get these if you don't update, and the official best practices are to `run apt-get update && apt-get install`. In fact, running _any_ apt-get install command without the apt-get update && before it can result in unfortunate caching artifacts -- see "cache busting". (P.S. thanks to Peng on Freenode for helping me, I'm bad at Ubuntu.)
So:
sed -re \
's/RUN apt-get ((-y )?(install|build-dep))/RUN apt-get update \&\& apt-get \1/' -i \
projects/**/Dockerfile
I also manually fixed the cases that already ran apt-get update in their Dockerfile:
dlplibs/Dockerfile
grpc/Dockerfile
libreoffice/Dockerfile
Tor has a few safety features that try to prevent bugs by using
memory more safely. For example, by default, we terminate our IO
buffers with 0-valued bytes, so that accidental string operations
can't run off the end. For another example, we do some of our
allocation in "memory areas" -- an obstack-style allocation in which
all objects are freed at once.
These features prevent a fairly large category of crash bugs, but
they also prevent asan from seeing our mistakes. But when we're
fuzzing, we'd like to expose as many of our mistakes as possible.
With that in mind, we've added a --disable-memory-sentinels
configuration option to turn off a lot of these safety features when
we're fuzzing. This feature turns it on for oss-fuzz.
* Initial attempts at getting Tor to build in oss-fuzz docker.
* add automake/autoconf
* More work
* more fixes for tor
* copyright notice, corpora.
* zip correctly.
jonathanmetzman