Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,325 Commits 188 Branches 0 Tags 115 MiB
Commit Graph

1315 Commits

Author SHA1 Message Date
Catena cyber 18500c17d7
golang: compatibility with go 1.16 modules (#5221) 2021-02-19 10:03:22 -08:00
van Hauser 4bb61df790
Final afl++ integration (#5191) 
* final afl++ integration

* remove afl++ cmplog tests

* update afl++ commit id

* support rebuild

* llvm 13 workaround

* apply fix for llvm 13

* fix nits

* Fix nits.

* Fix name nit.

* update commit id

* update commit id

* update commit id to stable

Co-authored-by: Abhishek Arya <inferno@chromium.org>
 2021-02-18 12:55:07 -08:00
jonathanmetzman e93f222966
[CIFuzz] Fix handling of sanitizer artifacts (#5182) 
Fixes #5175
1. Put sanitizer in artifact name.
2. Fix parsing of non-ASAN stacks.
 2021-02-18 09:57:34 -08:00
jonathanmetzman d7164ef352
[infra] Remove unneeded binaries, docs from CMake install (#5161) 
This should reduce the image layer size from 127 MB to 57 MB
 2021-02-18 09:49:41 -08:00
Fabian Meumertzheim 481280c650
[jazzer] Adapt infra scripting to JVM fuzz targets (#5176) 
compile, bad_build_check, and presubmit.py require small tweaks to
support JVM fuzz targets, most of which are similar to those required
for Python. The following additional changes are required:

* Since the Jazzer driver binary already links in libFuzzer, it should
  not be built as a static library.
* It is not clear how to do architecture checks as JVM fuzz targets can
  load their native dependencies dynamically at runtime. For now, the
  check is disabled.
* The Jazzer binaries are moved into $OUT and need to be skipped over in
  find_fuzz_targets.
 2021-02-16 07:06:58 -08:00
Fabian Meumertzheim 427f63c93c
Add Jazzer to base-builder and base-runner (#5166) 
Jazzer is built from HEAD using Bazel and the clang toolchain provided
by base-clang. While it could be built with OpenJDK 8, which is
available as a package, JVM fuzz targets should not be forced to be
compatible with Java 8. For this reason, the official binary release of
OpenJDK 15 is pulled into both base-builder and base-runner and set as
JAVA_HOME. It is trimmed down in size by removing src.zip and the jmods
directory.

Jazzer consists of the following four components:

* The API (`jazzer_api_deploy.jar`), which is required for fuzz targets
  that use FuzzedDataProvider or custom method hooks, is made available
  in /usr/local/lib in base-builder.
* The driver (`jazzer_driver`), which links in libFuzzer and is reused
  across fuzz targets. Since it is used to run fuzz targets, it is
  included into base-runner.
* The ASanified driver (`jazzer_driver_asan`), which is obtained from
  `jazzer_driver` by linking in ASan.
* The agent (`jazzer_agent_deploy.jar`), which bundles the runtime
  instrumentation agent with the Jazzer API. It is loaded by the driver
  and thus also included into base-runner.

The changes to the infra scripts required by JVM fuzz targets will be
submitted as a separate PR.
 2021-02-16 06:56:36 -08:00
jonathanmetzman a98d7f1ca4
[base-runner][NFC] Replace test_one with test_one.py (#5179) 2021-02-16 06:14:53 -08:00
jonathanmetzman f3fd5289e9
[NFC][[infra] Remove unnecessary files. (#5177) 
These files don't appear to be used anymore.
 2021-02-15 11:07:02 +11:00
jonathanmetzman ae802f3017
[presubmit] Make sure to run build tests even if nonbuild tests fail (#5183) 
Previously "and" shortcircuiting caused the build tests not to be
run if the non-build tests (which are run first) failed.
 2021-02-12 09:24:13 -08:00
Evgeny Vereshchagin 4af2cfe3cf
bad_build_check: also look for call on x86_64 (#5159) 
It should make the script compatible with binutils-2.36.1 (where
"callq" is no longer present in the output of objdump)

It was spotted in https://github.com/systemd/systemd/pull/18528
 2021-02-10 09:43:18 -08:00
Abhishek Arya 2a0efd9c44
Downgrade llvm to clang-12 for a few weeks. (#5131) 
Needed due to
https://github.com/google/fuzzbench/issues/1077#issuecomment-774727055
 2021-02-07 10:49:07 -08:00
van Hauser 458dd61bbb
afl++ CMPLOG test (#5130) 
* afl++ CMPLOG test

* fixes
 2021-02-07 09:42:13 -08:00
Abhishek Arya bae8dd8b5c
Fix unbound var. 2021-02-06 15:41:22 -08:00
van Hauser 380687236a
optimal afl++ defaults (#5129) 
* optimal afl++ defaults

* fixes
 2021-02-06 22:58:58 +00:00
jonathanmetzman 6e38a76220
[infra] Improve test speed (#5118) 
Make unittests take 20 seconds to run instead of 35.
Make integration tests take 50 seconds to run instead of 6 minutes.
Make CI take 6 minutes instead of 12 minutes.

1. Allow running tests in parallel. Locally this takes the time for running all tests (including integration tests) from 6 minutes to ~50 seconds. We don't do parallel by default since it doesn't really save any time unless running integration tests on my machine (probably due to overhead of starting ~70 processes). This also speeds up CI from about 12 minutes to 6 minutes  (since github actions has 2 cores per machine).
2. Fix how we run tests. I'm not exactly sure why, but the method we used for discovering tests, recursing through every directory and passing to unittest caused the build/infra tests to execute twice. Fixing this makes running unittests take ~20 seconds instead of ~35.

This change also uses pytest for running tests since it's easy to use it to run tests in parallel.
This change was made possible by #5113
 2021-02-05 06:10:42 -08:00
jonathanmetzman 9f4d0e5360
[CIFuzz][NFC] Ensure more tests don't modify the repo (#5114) 
Ensure more tests dont modify the repo by using a temporary directory.
Also, use setUp to create a tempdir to save code repitition.
 2021-02-04 09:07:45 -08:00
jonathanmetzman 5fc28a9d86
[cifuzz][NFC] Use a temporary directory in a test of check_fuzzer_build (#5113) 
This ensures that the test doesn't modify the repo.
 2021-02-04 08:23:41 -08:00
jonathanmetzman 21b47a7a22
[cifuzz][NFC] Handle TODOs (#5104) 
Handle some TODOs
1. Get rid of multiple return values and replace with a more sensible
return value.
2. Eliminate some useless TODOs.
 2021-02-04 07:15:51 -08:00
jonathanmetzman a21e218511
[cifuzz][NFC] Rename cifuzz.py to build_fuzzers.py (#5107) 
Since cifuzz.py now only deals with building fuzzers, change the
name to build_fuzzers.py
 2021-02-04 06:52:22 -08:00
jonathanmetzman 43c9e9138c
[cifuzz][NFC] Refactor tests (#5106) 
1. Use pyfakefs when possible instead of tempdir
2. Favor decorators instead of contextmanagers when mocking for less indentation and greater consistency.
 2021-02-03 15:18:56 -08:00
jonathanmetzman 7f150fe75e
[cifuzz] Abstract-away OSS-Fuzz specific bits (#5088) 
Abstract away OSS-Fuzz specific bits into the OSSFuzz implementation
of the ClusterFuzzDeployment class. This will make it easier to implement
support for other deployments of ClusterFuzz (including ClusterFuzzLite).
 2021-02-03 12:46:19 -08:00
Stefan Bucur 50cb57808e
Simplify the Envoy integration by using the new rules_fuzzing primitives. (#5062) 
* Simplify the Envoy integration by using the new rules_fuzzing primitives.

* Tweak ASAN instrumentation.
 2021-02-03 08:09:04 -08:00
Abhishek Arya 0af227644e
Update afl++ to 1f71b85426f837ebcae8381897d44a3a67c73a4f (#5095) 
For https://github.com/google/oss-fuzz/issues/4280#issuecomment-771495411
 2021-02-02 08:37:12 -08:00
Abhishek Arya ebe4848a52
Properly fix stripping of -fsanitize=fuzzer-no-link for afl++ (#5090) 
Fixes several builds - ibmswtpm2, tpm2-tss, etc
 2021-02-01 21:16:56 -08:00
van Hauser 05cac485d3
Fixes afl++ installation (#5087) 
* fix afl++ installation

* update to experimental afl++ checkout, setting afl-clang-fast

* update afl++ commit id to prevent unnecessary compile warnings

* Remove dictionary links addition.

Co-authored-by: Abhishek Arya <inferno@chromium.org>
 2021-02-01 16:20:18 -08:00
jonathanmetzman 95d3905ec9
[cifuzz] Support a batch fuzzing mode (#5073) 
In this mode, CIFuzz will keep fuzzing until the time limit is reached, even if a crash was found.
 2021-02-01 10:49:33 -08:00
Abhishek Arya b19e700192
Revert "Switch to using afl-clang-fast for afl++. (#5074)" (#5086) 
This reverts commit 42018eeb1c.
 2021-02-01 07:44:13 -08:00
Abhishek Arya 93eb6024f4
Add AFL_MAP_SIZE in run_fuzzer 
Otherwise get errors like these for libsass.

[+] All right - fork server is up.

[-] PROGRAM ABORT : AFL_MAP_SIZE is not set and fuzzing target reports that the required size is very large. Solution: Run the fuzzing target stand-alone with the environment variable AFL_DEBUG=1 set and set the value for __afl_final_loc in the AFL_MAP_SIZE environment variable for afl-fuzz.
         Location : report_error_and_exit(), src/afl-forkserver.c:321
 2021-01-31 10:48:04 -08:00
Abhishek Arya 42018eeb1c
Switch to using afl-clang-fast for afl++. (#5074) 2021-01-31 09:11:42 -08:00
jonathanmetzman 4c4b137a70
[cifuzz][external] Use ssh_url and fix affected fuzzers (#5072) 
1. Use ssh_url.

This only affects external (non-oss-fuzz) users.
Since there are none, it doesn't affect anyone.
Even if it did, exploitation would require owning the network
Github actions runs on.
This is to prevent MITM attacks.

2. Affected fuzzers bug:
We accidentally were skipping the remove unaffected functionality.
 2021-01-29 10:33:36 -08:00
jonathanmetzman de2ecf8553
[cifuzz] Allow specifying corpus for run_fuzzer (#5064) 2021-01-28 15:04:43 -08:00
jonathanmetzman f2756d7321
[CIFuzz] Move run_fuzzers to new config system (#5063) 
Also, decide is_github based on something not used/faked by Skia.
 2021-01-29 09:49:03 +11:00
jonathanmetzman d7e85a20b0
[CIFuzz] Fix diffing + Refactor (#5032) 
* [CIFuzz] Fix diffing + Refactor

Make diffing work in two scenarios where it previously failed:
1. Commit fuzzing. In this case, we diff $COMMIT against
$COMMIT^1 because the intent here is to fuzz the commit.
2. Fuzzing PRs that aren't to master. In this case, we previously
were diffing against origin/master. Instead, diff against the local
version of the base repo. This also has the nice effect of handling
PRs that havent pulled from master recently enough.

Also do refactoring.
1. Move code that is different for differenct CI systems to continuous_integration.py
2. Change how configuration in build_fuzzers is handled.
Previously configuration was gotten in build_fuzzers_entrypoint
and passed as individual params. This made code ugly and hard to
read. Instead, move code dealing with config to it's own module
config_utils. This module implements a config class which can
be used to create objects that are passed around to code that needs
it. Making the code much easier to read.
TODO: Move run_fuzzers code to new config system.
 2021-01-28 12:10:57 -08:00
Abhishek Arya d45336243a
Simplify changed files logic. (#5056) 2021-01-27 17:43:15 -08:00
Abhishek Arya aeb1be4b6e
Fix get_changed_files in infra/ci. (#5055) 
Fixes https://github.com/google/oss-fuzz/issues/5022
 2021-01-28 11:06:04 +11:00
Abhishek Arya 23e24a4bac
Get list of changed files from branch head, instead of master. (#5048) 
* Get list of changed files from branch head, instead of master.

Fixes https://github.com/google/oss-fuzz/issues/5022

* Add debug with subprocess.call.

* Try again debugginig.

* Try again

* Fix works!
 2021-01-27 14:28:27 -08:00
Abhishek Arya 89603f367a
Use afl++ in docs. (#5049) 2021-01-26 15:28:08 -08:00
jonathanmetzman d6ff0bfcdc
[CIFuzz] Seperate code for running fuzzers into own module: run_fuzzers.py (#5031) 
TODO: Rename cifuzz.py to build_fuzzers.py
 2021-01-26 08:32:41 -08:00
jonathanmetzman 665e489821
[afl++] Use AFL++ instead of AFL for fuzzing. (#5046) 2021-01-25 09:14:11 -08:00
jonathanmetzman 0ac841a1a4
Replace terms that are uninclusive. (#5045) 2021-01-25 08:41:34 -08:00
Oliver Chang 20b7246eae
Use more inclusive "blocklist" in code we control. (#5044) 2021-01-25 15:22:50 +11:00
Oliver Chang 8fcb4659e3
Add a missing requirement for CI. (#5036) 2021-01-22 12:45:11 +11:00
jonathanmetzman 648242fdb4
[pylint] Enable no-member check (#5034) 2021-01-21 16:21:17 -08:00
Oliver Chang 5b51cfb00f
Fix build functions tests when invoked from unittest.TestSuite. (#5027) 2021-01-21 07:43:42 -08:00
Abhishek Arya 0dc7c358d8
Remove unneeded ADD layers in base-builder. (#5028) 
See https://github.com/google/oss-fuzz/issues/5012#issue-789981845
 2021-01-20 22:18:03 -08:00
jonathanmetzman 492a4f2a1d
Run all tests when infra-tests is run from presubmit (#5026) 
The previous approach of only running tests in changed directories is broken.
Tests can fail even when files outside of their directory are modified.
Also blocklist failing tests (see https://github.com/google/oss-fuzz/issues/5025) for why build tests are blocklisted.
 2021-01-20 18:17:33 -08:00
Jonathan Metzman c5397ce3df fix nits 2021-01-20 18:00:33 -08:00
Jonathan Metzman e4195808a8 Explain why blacklisting base-sanitizer-libs-builder 2021-01-20 17:58:06 -08:00
jonathanmetzman f913f61129
[CIFuzz][coverage] Fix bug where unaffected fuzzers not removed + refactor 
Previously region count was used instead of region covered.
This means that unaffected fuzzers only worked when a file wasn't linked 
into a fuzzer build (i.e. it was mostly broken).
Add tests to ensure this doesn't happen again.

Fixes: #5013

Also refactor.
1. Create a coverage module and move coverage functionality there.
2. Remove some overly-defensive programming. We probably aren't going to be given an invalid repo dir in coverage module.
3. Convert integration test to unittest.
4. Add helpers for: normalizing paths, getting coverage per file, determining if file is covered (which was done incorrectly before), and getting fuzzer stats dir url to make code easier to understand.
5. Add a class for getting coverage info.
6. Create an affected_fuzz_targets module and move functionality dealing with affected_fuzz_targets there.
7. Add is_fuzz_target_affected helper and log more.
8. Refer to fuzz targets as fuzz targets instead of fuzzers.
9. Move `url_join` to `utils`.
10. Move `GSUTIL_BASE_URL` to `utils`.
11. Add a util function for converting gs:// URLs into https:// urls.
12. Add a util function for removing prefixes (instead of using `.replace` which operates on the whole string not just the prefix).
13. Use more common style of mocking in unittests.
14. Delete unnecessary tests like '' when an invalid fuzzer is already tested.
15. Make constants capitalized in tests.
16. Better variable naming and consistency also reuse variables in tests.
17. Leave TODOs around code that looks suspicious.
18. Cleanup pylint directives.
19. Use single instead of double quotes.
 2021-01-20 16:00:35 -08:00
Jonathan Metzman 0dbdeae5d2 fmt/lnt 2021-01-20 15:55:25 -08:00