1. Use ssh_url.
This only affects external (non-oss-fuzz) users.
Since there are none, it doesn't affect anyone.
Even if it did, exploitation would require owning the network
Github actions runs on.
This is to prevent MITM attacks.
2. Affected fuzzers bug:
We accidentally were skipping the remove unaffected functionality.
* [CIFuzz] Fix diffing + Refactor
Make diffing work in two scenarios where it previously failed:
1. Commit fuzzing. In this case, we diff $COMMIT against
$COMMIT^1 because the intent here is to fuzz the commit.
2. Fuzzing PRs that aren't to master. In this case, we previously
were diffing against origin/master. Instead, diff against the local
version of the base repo. This also has the nice effect of handling
PRs that havent pulled from master recently enough.
Also do refactoring.
1. Move code that is different for differenct CI systems to continuous_integration.py
2. Change how configuration in build_fuzzers is handled.
Previously configuration was gotten in build_fuzzers_entrypoint
and passed as individual params. This made code ugly and hard to
read. Instead, move code dealing with config to it's own module
config_utils. This module implements a config class which can
be used to create objects that are passed around to code that needs
it. Making the code much easier to read.
TODO: Move run_fuzzers code to new config system.
1. Add a get_affected_fuzzers function.
2. Add comments explaining rationales.
3. Fix logging so that each affected fuzzer is only logged once.
4. Don't put each file affecting each fuzzer on its own line, this makes logs unreadable.
5. Improve logging wording.
Rewrite test_all in python.
Bash is quite annoying to write and test.
One issue with bash is it is even worse than Python for parallelism (which may be causing #4707).
Rewrite test_all in python and optimize base-runner/Dockerfile for fast development.
Also, combine some docker layers.
Fix some coding and style issues.
1. Treat "testcase" as one word. This is consistent with ClusterFuzz.
2. Treat "stacktrace" as one word. This is consistent with ClusterFuzz.
3. Fix spelling of comments and words in code.
4. Use descriptive style docstrings and remove unnecessary clutter
(e.g. "Test the functionality of foo_function function in bar module"
becomes "Tests foo_function."
5. Use JSON for a list needed in testing instead of pickle.
[CIFuzz] Don't assume fuzzer output is ascii
This is wrong because the output can be arbitrary. Instead change
code that deals with the output to deal with bytes. The testcase,
which is derived from the output can be decoded as UTF-8 since it
will be a unix path.
The issue with 55d9a81 that caused it to be reverted by 3370f8f
was probably due to the build trigger on GCB being stale. I've
updated it so this commit should stick.
Make CIFuzz building accept an env var `MANUAL_SRC_PATH` that points to a manually prepared checkout of the project-under-tests's source code. This allows projects like Skia which are not on OSS-Fuzz and/or need to make changes to the repo after checking out the right commit to use CIFuzz.
Note that for now we aren't supporting this in GitHub, so projects that need to modify the source after checkout can't use it until
we do support it.
Also, use the local copy of OSS-Fuzz when building cifuzz-base instead of cloning it from GitHub. This makes local debugging/development much easier since it allows one to use CIFuzz with local changes.
Temporary fix for sanitizer validation.
Our sanitizer validation is hacky and isn't using pyyaml to actually
parse the project.yaml file. Temporarily work around #3996 by not
validating sanitizers if no sanitizers are specified in project.yaml.
* Revert "Revert "[CIFuzz] Add support for different sanitizers (#3516)""
This reverts commit c580d0d626.
* cifuzz: pass "sanitizer" to the "run fuzzer" step
It's a follow-up to https://github.com/google/oss-fuzz/pull/3516 that
should fix https://github.com/google/oss-fuzz/issues/3727.
* [cifuzz] drop a $
That's another follow-up to #3516 that should help to pass sanitizer correctly.
Otherwise, it always falls back to address with:
2020-06-11 21:10:14,852 - root - INFO - $address is not a project sanitizer, defaulting to address.
Currently we use Github action's inputs as inputs to cifuzz.
This means we need to do an extra step to convert each input into
an env var so our scripts can actually use it.
This is pretty bug prone and unnecessary, we should probably
get rid of this abstraction and switch to encouraging devs to set
the env vars directly.
Fix bug in affected fuzzer caused by miss matched naming. The git diff was returning file paths relative to the root of the project and the coverage files was returning file paths relative to one directory above the project directory.
Provide some simple logging updates to assert that affected fuzzers is running correctly.
Also prevents the clouding of longs when the reproduction script runs.
Allocates time for fuzzers based on amount of fuzzing time left. This is beneficial when a fuzzer fails early in its allotted time because of a reproducible OSS-Fuzz bug. It will then give the remaining portion of its allotted time to the following fuzzers.
This is the foundation for affected fuzzers. It provides the ability to map fuzzers to files. In the future we will use this functionality to pick which fuzzers to run during CI.
Adds functionality to check if a crash exists in the most recent OSS-Fuzz build. This is necessary to determine if a crash was introduced in the current pull request or existed in the project already. Crashes that are surfaced to the user will be both reproducible and novel to the OSS-Fuzz project.
jonathanmetzman