Commit Graph

30 Commits

Author SHA1 Message Date
Nikos Mavrogiannopoulos af10d7c96b [gnutls] added Ander Juaristi (#1321)
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
2018-04-16 08:42:02 -07:00
Nikos Mavrogiannopoulos fd2e2a2104 [gnutls] unconditionally disable assembler in gmp (#833)
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2018-02-09 10:18:29 -08:00
Nikos Mavrogiannopoulos 4e8526e38c [gnutls] updated reference to libtasn1 project (#1106)
The project was moved to gitlab.

Closes #1101

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
2018-01-23 07:28:57 -08:00
Nikos Mavrogiannopoulos 2c04c55f62 added Niels from nettle, to be able to inspect logs (#987)
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2017-11-16 07:07:17 -08:00
Tim Rühsen 301c176a8d [gnutls] Fix disabling assembler for GMP (#783) 2017-08-19 12:08:50 -07:00
Tim Rühsen 04d90e828f [gnutls] Fix build (#782) 2017-08-18 07:43:58 -07:00
Nikos Mavrogiannopoulos c021b7dc0c New fuzzing architecture (#779)
Requisites are build as static libraries and as these linked to the fuzzers.
p11-kit can't be build statically, thus our fuzzers are not using it.
2017-08-16 08:09:27 -07:00
Nikos Mavrogiannopoulos b48c13a065 disable getrandom() via syscall, it confuses mem sanitizer (#764)
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2017-08-08 06:57:04 -07:00
Nikos Mavrogiannopoulos 6b3f1527b3 [gnutls] added Tim Ruehsen to CCS list (#762)
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-08-06 07:23:57 -07:00
Nikos Mavrogiannopoulos e618de2726 [gnutls] modified to use the internal corpora only (#705)
This avoids issues from external corpora format changing which
could effectively disable fuzzying.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-07-07 06:44:25 -07:00
Nikos Mavrogiannopoulos a2c248a784 [gnutls] statically link with nettle and hogweed and avoid using gmp (#661)
This allows the memory sanitizer to track all variable assignment
and use.
2017-06-08 07:22:41 -07:00
Nikos Mavrogiannopoulos 412c33f34d added contributor to CCS list (#654) 2017-06-07 06:43:35 -07:00
Abhishek Arya e6f4bc5b5a Enable msan on some projects, disable experiment on others. (#590) 2017-05-10 09:05:25 -07:00
Max Moroz 8306637a1a [gnutls] Remove double-quotes from string comparison in build.sh. 2017-05-09 14:23:22 +02:00
Alex Gaynor e60bf381ce [gnutls] Fixed #578 -- when using MSAN disable assembly in gnutls (#580)
* Fixed #578 -- when using MSAN disable assembly in gnutls

* Use the more public API for this
2017-05-09 14:11:19 +02:00
Abhishek Arya 3baa34c81f Enable MSan experimental on some projects. (#570) 2017-05-05 10:33:12 -07:00
Devin Jeanpierre 330386686d Use apt-get update && apt-get install, per best practices: (#561)
https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/

I ran into this because I was getting errors locally, like:

    E: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/d/dpkg/libdpkg-perl_1.18.4ubuntu1.1_all.deb  404  Not Found [IP: 91.189.88.149 80]

It turns out you get these if you don't update, and the official best practices are to `run apt-get update && apt-get install`. In fact, running _any_ apt-get install command without the apt-get update && before it can result in unfortunate caching artifacts -- see "cache busting". (P.S. thanks to Peng on Freenode for helping me, I'm bad at Ubuntu.)

So:
    sed -re \
        's/RUN apt-get ((-y )?(install|build-dep))/RUN apt-get update \&\& apt-get \1/' -i \
        projects/**/Dockerfile

I also manually fixed the cases that already ran apt-get update in their Dockerfile:
    dlplibs/Dockerfile
    grpc/Dockerfile
    libreoffice/Dockerfile
2017-05-01 23:31:02 -07:00
Oliver Chang 60835ac420 oss-fuzz/BASE_IMAGE -> oss-fuzz-base/BASE_IMAGE 2017-03-22 12:12:51 -07:00
Oliver Chang 7df64d4ac4 [infra] ossfuzz/IMAGE -> gcr.io/oss-fuzz/IMAGE 2017-03-15 18:46:31 -07:00
Abhishek Arya 18a7134200 Update project.yaml 2017-02-02 11:32:49 -08:00
Alex Gaynor c5f8a6eaf2 [gnutls] grammar better (#253) 2017-01-06 18:30:19 -08:00
Alex Gaynor 757b41c044 [gnutls] use ubsan as well (#247)
Now that we've fixed most of the ASAN discovered bugs, let's have some fun with UBSAN
2017-01-05 07:47:07 -08:00
Mike Aizatsky e6a8c4d6cd [infra] updating usages of base-libfuzzer (#142) 2017-01-03 15:07:49 -08:00
Alex Gaynor 57795ec502 [gnutls] If the upstream repo has a corpus, include it (#222) 2016-12-28 06:33:59 -08:00
Nikos Mavrogiannopoulos f533331c69 [gnutls] updated primary contact email (#204)
That is, in order to be able to access the issues opened.
2016-12-19 07:21:06 -08:00
Alex Gaynor f4121e3f61 Move the gnutls fuzzers to their own repo. (#188)
Also add two new ones.
2016-12-15 12:01:36 -08:00
Alex Gaynor 6b27f9b7fa [gnutls] use an initial corpus for x509 (#164)
* [gnutls] use an initial corpus for x509

and add OpenSSL's corpus for client transcripts

* Use --depth=1 on clones
2016-12-10 09:28:26 -08:00
inferno-chromium 0ad5352198 Update project.yaml 2016-12-10 06:39:08 -08:00
inferno-chromium afc2ba2d0f Update project.yaml 2016-12-09 07:40:48 -08:00
Alex Gaynor ed2ee1adac [In progress] Fuzzer for GNUTLS (#135)
* First cut at gnutls. Doesn't actually find coverage.

* link everything right

* pipes are not sockets

* send not write

* these are not used

* stick this here

* this doesn't exit

* remove jenkinsfile

* move to the right dir

* project file

* update for more recent conventions

* ugh, typo

* new lib

* docs take forever

* name it client fuzzer

* stick a cert store on there!

* add a timeout, ugh

* Shtudown the right side instead of using a timeout

* Use boringssl's test corpus

* simplify grabbing the tarballs

* statically link things. pthread is still dynamically linked because I was not able to make it work

* Added an x509 parser fuzzer

* update for the lastest convention
2016-12-09 07:36:42 -08:00