The memory sanitizer doesn't build the glib part because it fails, but the cpp and qt5 fuzzers are still built
Code based on code by ecalp-tps from bc358f33ad
* Build works. Dict and corpus files - WIP
* Changing primary contact
* Building fuzz targets individually - ld cannot find libgcc_s
* Test if checks work
* mkstemp fails
* Build script done
* Minor
* Exclude get_file and process_file fuzzers for now
* Some comments
* Fix license
* Remove MSan
* Move tar extraction to Dockerfile. Fix dictionary and seed corpus.
* Change dict and corpus
* Small fix
* Initial commit with build script and Dockerfile
* Corpus and dictionary added
* Some comments
* Trigger build check
* Remove MSan
* Move glib extraction to Dockerfile
* Move fuzzers into this repo. Fetch cairo from the upstream repo.
* Add missing license headers
* Fix dictionary and seed corpus
* Replace malloc with calloc. Remove unused variable. Replace DEFINE with const.
Minor fix
* initial commit
* ld cannot find libgcc_s
* Build check passes - TODO: dict and corpus
* Corpus and dict added
* Line fix
* Some comments
* Remove MSan
* Move glib extraction to Dockerfile
* Move fuzzers into this repo. Fetch gdk-pixbuf from the upstream repo.
* Add missing license header
* Fix dictionary and seed corpus
* Temporarily using security-tps as the primary contact
* Replace malloc with calloc
* Randomize rotation amount
* [pillow] Remove project.
Despite my best efforts this has never worked properly.
No reward was ever requested or given for this integration.
* [golang] Remove my e-mail address
I helped integrate this project. I'm no longer involved with this project
and don't need to receive bug reports.
* Good fuzz target for golang coverage with modules
* Place target in right directory for go-json-iterator
So that coverage gets access to the right package
* Golang coverage summary for each fuzz target
* Document usage of compile_go_fuzzer
* update the documentation change
Co-authored-by: Max Moroz <mmoroz@chromium.org>
This will help us catch breaking changes to the base-images.
Unfortunately caching seems to fail here when I expect it to help.
For example, base-builder doesn't build from cache when I do it locally.
This means that every other image I try to build doesn't use the cache.
That means that base-clang would take forever to rebuild.
So to compromise, I don't rebuild base-clang here.
This means that this PR won't catch breaking changes to base-image or base-clang that break in base-builder.
But it will catch breaking changes to base-image that break in base-runner and it will catch breaking changes to base-runner and base-builder.
[CI] Build a canary project on infra/ changes.
Build a specific project, sckms, that does msan, ubsan, asan, i386
builds quickly, when infra/ code is changed. This can let us know
when infra/ changes break proper functioning of OSS-Fuzz.
For this to work more thoroughly we also need to rebuild images.
Wasmtime uses
[regalloc.rs](https://github.com/bytecodealliance/regalloc.rs), a
register allocator written in Rust that was developed for use in
Cranelift (but is also an independently-usable crate). While it will be
indirectly fuzzed by wasmtime itself once we start fuzzing the new
backends that use it, we should also fuzz it directly, since it exposes
targets just for this. The regalloc fuzzing makes use of a symbolic
checker as an oracle for allocation results, so should be relatively
high-quality. This PR enables the `bt` (backtracking) allocator's fuzz
target, as this is the default allocator.
* Initial support for ujson (as a Python fuzzing sample).
* Add python to supported languages.
* Fix TODO.
* Update presubmit to ignore python in projects.
* Format
* Remove explicit addition of -fsanitize=fuzzer-no-link
* Only fuzz using libFuzzer.
Co-authored-by: Martin Barbella <mbarbella@google.com>
DavidKorczynski