Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,769 Commits 195 Branches 0 Tags 125 MiB
Commit Graph

255 Commits

Author SHA1 Message Date
jonathanmetzman c8d43c3a49
[cifuzz] Dont report crash on process timeout. (#9484) 
Just because nonzero is reported doesn't mean there's a crash.

Related: https://github.com/google/oss-fuzz/issues/9470
https://github.com/google/oss-fuzz/issues/9318
https://github.com/prometheus/prometheus/issues/11810
 2023-01-23 13:02:47 -05:00
jonathanmetzman 3ba1527349
Bump ClusterFuzz to 2.5.9 (#9394) 2023-01-10 13:00:01 -05:00
jonathanmetzman b6285aa410
[cfl] Allow longer to repro issues in Python (#9292) 
Fixes #9222

Co-authored-by: Dongge Liu <donggeliu@google.com>
 2023-01-10 17:40:59 +11:00
jonathanmetzman 49c2379eab
[cifuzz] Upgrade artifact package (#9347) 2023-01-03 16:35:21 -05:00
jonathanmetzman 01544e9538
WIP: allow running ClusterFuzzLite locally (#9087) 2022-12-14 11:23:15 -05:00
jonathanmetzman a9d8d7bb61
[CFL] Allow users to specify custom env vars for building/running (#9171) 
They can do this by prefix the env var with CFL_EXTRA_. E.g.
`CFL_EXTRA_BUILD_SERVICE_TOKEN=<redacted>`.
Fixes: https://github.com/google/oss-fuzz/issues/9170
 2022-12-12 11:00:19 -05:00
jonathanmetzman 59293013b6
Upgrade packages (related: #9151) (#9164) 2022-12-07 17:50:21 -05:00
jonathanmetzman 4799eb3012
Undo 2022-12-06 17:40:56 -05:00
jonathanmetzman 1ea19bdf1d
update requirements.txt (#9109) 2022-12-05 09:45:59 -05:00
jonathanmetzman 1766eda106
Update package-lock (#9108) 2022-12-05 09:44:59 -05:00
jonathanmetzman 086adbf2d2
update requirements.txt (#9111) 2022-12-05 09:44:14 -05:00
jonathanmetzman a9f9cda4cc
Fuzz OSS-Fuzz with Atheris and ClusterFuzzLite (#8985) 2022-11-30 15:37:36 -05:00
jonathanmetzman 675c275884
[cifuzz] Add timeout to http requests. (#9084) 
Fixes https://github.com/google/oss-fuzz/issues/9079
 2022-11-29 08:32:27 -05:00
jonathanmetzman 8df818599b
[cifuzz] Update docs (#8984) 2022-11-16 12:46:27 -08:00
Oliver Chang d104f15f90
Fix incorrect os.stat usage. (#8964) 2022-11-10 04:17:23 +00:00
jonathanmetzman 7bc9fbd3b4
Make sure testcase has correct permissions (#8920) 
Fixes #8768
 2022-11-09 16:37:36 -05:00
jonathanmetzman 3f14b420ef
[CFL] Don't print fuzzing logs in realtime (#8919) 
Fixes https://github.com/google/oss-fuzz/issues/8588
 2022-11-07 11:11:51 -05:00
jonathanmetzman 95d5e613e7
[CFL] Support parallel fuzzing (#8396) 
Related: https://github.com/google/clusterfuzzlite/issues/105
 2022-09-22 11:21:35 -04:00
jonathanmetzman bbbbad5c07
Prepare for JavaScript fuzzing (#8325) 
Prepare for JavaScript fuzzing
Related: #8324
 2022-08-23 17:41:42 -04:00
jonathanmetzman 6e39f856ab
[CFL] Give docker images unique names to support parallel fuzzing (#7911) 
* Add a unique suffix so that parallel fuzzing is supported

* Fix

* fix tests

* Fix

* fix

* Fix

* Update docker.py
 2022-07-12 15:50:10 +02:00
Evgeny Vereshchagin 79f4ed33d9
infra: allow passing architecture=i386 to CIFuzz (#7779) 
to mostly make sure that fuzz targets are buildable with
architecture=i386. Ideally CIFuzz should also download the
latest corpora using the "clusterfuzz-builds-i386" links but
it kind of works even without that.

It was tested in https://github.com/evverx/oss-fuzz/pull/13
by pointing https://github.com/evverx/systemd/pull/110 to
that fork of the oss-fuzz repository. To judge from
https://github.com/evverx/systemd/actions/runs/2406321298 it
seems to be working more or less. The "i386" job failed there
because 89b6a3f13e
to test "i386" as much as possible.
 2022-06-08 15:15:27 -04:00
Dongge Liu d75b3c28aa
pin the version of protobuf (#7766) 
pin the version of `protobuf` to fix infra test errors.
 2022-05-26 16:12:38 +10:00
jonathanmetzman 1abbd8bf08
Revert "Fix run_fuzzers_test::CoverageReportIntegrationTest. (#7325)" (#7466) 
This reverts commit 9553ab10d7.
 2022-03-29 14:46:36 +11:00
Navidem 33ee62256f
[infra] Temporarily skip failing test. (#7323) 
I will fix it later.

Co-authored-by: Jonathan Metzman <metzman@chromium.org>
 2022-03-02 09:07:12 -05:00
Oliver Chang 9553ab10d7
Fix run_fuzzers_test::CoverageReportIntegrationTest. (#7325) 
Fixes #7324.
 2022-03-01 10:39:05 +11:00
jonathanmetzman b187d131df
This allows users to skip CIFuzz's logic to only run affected fuzz (#7256) 
targets.
Fixes: https://github.com/google/clusterfuzzlite/issues/85
 2022-02-10 17:11:52 -05:00
Catena cyber 76d34c8aa7
cifuzz: gitlab filestore by default on gitlab platform (#7218) 2022-02-01 09:27:02 -05:00
jonathanmetzman 82bc258fde
[ClusterFuzzLite] Support local runs (#6987) 2022-01-19 17:24:47 -05:00
Catena cyber 8e9c927987
[clusterfuzzlite] Support gitlab (#7073) 
Related: https://github.com/google/clusterfuzzlite/issues/55
 2022-01-13 14:27:53 -05:00
jonathanmetzman 6a13aa75cc
[CFL] minimize crashes (#7120) 
* cifuzz: minimize crashes

* lnt

* fix typo
 2022-01-12 18:10:03 +00:00
René Fischer 369fbc53a2
Add missing replace param to upload_corpus() (#7069) 2021-12-29 15:09:04 -05:00
jonathanmetzman 5015790e72
[CIFuzz] Fix affected fuzz targets. (#7014) 
Fixes affected fuzz targets by normalizing path names.
Fixes: https://github.com/google/oss-fuzz/issues/7011
 2021-12-14 15:01:22 -05:00
jonathanmetzman 2c6a7dde49
[cifuzz] Fix timeout in reproduce. (#6982) 
* [cifuzz] Fix timeout in reproduce.

Consider the testcase unreproducible.

Fixes: https://github.com/google/oss-fuzz/issues/6952

* tmp

* tmp

* fix

* add comment

* tmp

* fix annoying heisenbug

* fmt
 2021-12-14 11:32:18 -05:00
jonathanmetzman d7c9d57b6d
[cifuzz] Don't enforce OOM limit when no OOMs aren't reported (#6997) 
Fixes https://github.com/google/clusterfuzzlite/issues/66
 2021-12-14 09:46:16 -05:00
jonathanmetzman e96a5f8f40
Allow projects to always upload crashes even if they are "unreportable". (#6998) 
Fixes https://github.com/google/clusterfuzzlite/issues/65
 2021-12-13 12:04:04 -05:00
jonathanmetzman a458e3c8ed
[cifuzz] Copy repo from image before checking out. (#6941) 
* [cifuzz] Copy repo from image before checking out.

Do this instead of cloning repo anew.
Fixes: https://github.com/google/oss-fuzz/issues/6755

* fix tests

* Add test code for cifuzz-example

* fix
 2021-12-01 09:36:08 -05:00
MarcoFalke e23200e1e4
infra: Remove redundant --cap-add SYS_PTRACE (#6808) 
* infra: Remove redundant --cap-add SYS_PTRACE

* format?
 2021-11-15 11:24:55 -05:00
jonathanmetzman fb856de70b
[ClusterFuzzLite] Fix fuzz target search for coverage (#6799) 
Coverage uses a different mechanism for determining if a file
is a fuzz target: It considers any executables in the top level
of /out as fuzz targets.

Fixes #6768
 2021-11-09 07:49:21 -05:00
jonathanmetzman 5814852f52
Make gsutil the default filestore on GCB. (#6771) 
Also clean up https://github.com/google/oss-fuzz/pull/6744
 2021-11-05 09:13:41 -04:00
Oliver Chang 3895accdee
Remove stack_parser. (#6763) 
Fixes #6762.
 2021-11-04 09:34:32 -04:00
Oliver Chang a75844def0
Don't check for novel crash in batch fuzzing. (#6749) 
* Don't check for novel crash in batch fuzzing.

* format
 2021-11-03 10:10:42 -04:00
Oliver Chang a72ef3884f
Don't set seed for batch fuzzing. (#6736) 
Fixes #6714.
 2021-11-03 14:22:12 +11:00
Mitchel Herman caf9958a8f
Add DOCKER_IN_DOCKER and filestore to platform config (#6744) 
Do this to reduce configuration required for GCB and Prow.
 2021-11-03 02:03:18 +00:00
Mitchel Herman 6634315600
Add Prow PlatformConfig (#6732) 2021-11-02 16:14:56 -04:00
jonathanmetzman 7693e9640c
[clusterfuzzlite] Make timeout and OOM reporting optional. (#6711) 
OOMs will be reported by default. Timeouts wont.
Fixes: https://github.com/google/oss-fuzz/issues/6703
Should also fix: https://github.com/google/oss-fuzz/issues/6619
Fixes: https://github.com/google/oss-fuzz/issues/3432
Related: https://github.com/google/oss-fuzz/issues/6685
 2021-11-02 08:01:46 -04:00
Oliver Chang ef0e5413c9
CFLite: Logging fixes. (#6715) 
Don't output stacktrace again in detected bug log message.

Disable Python buffering to avoid log interleaving issues.
 2021-11-02 16:50:59 +11:00
jonathanmetzman 010865ad76
Fix typo (#6731) 2021-11-01 15:39:27 -04:00
jonathanmetzman 922daf2d81
Fix pushing clusterfuzzlite-build-fuzzers (#6730) 2021-11-01 15:33:06 -04:00
jonathanmetzman 36e5931a19
Make a better api for platform specific config. (#6708) 
1. Move most of the generic stuff into BasePlatformConfig.
2. Make a GCB platform config that sets WORKSPACE and PROJECT_SRC_PATH so users don't have to.
3. Make a skeleton prow platform_config for Mitchel to fill out.
4. Make users explicitly specify the CFL_PLATFORM so we can pick CI environments
 2021-11-01 12:29:38 +00:00
jonathanmetzman 1ece14aeb2
Abstract away duplicate code in prepare_for_fuzzer_build (#6706) 
Share more code between the 4 implementations of `prepare_for_fuzzer_build`.

This simplifies the code of these implementations, reduces repetition and makes them easier to
understand.

Create helper functions/methods for:
1. Creating a failed `BuildPreparationResult`: `get_build_preparation_failure`
2. Building an external project docker image: `_build_external_project_docker_image` 
3. Cloning a repo and checking out the specified commit/pr: `_clone_repo_and_checkout`
4. Detecting the main repo `_detect_main_repo`
5. Creating a repo manager from an existing checkout: `_create_repo_manager_for_project_src_path`

Change `ExternalGeneric` implementation of `prepare_for_fuzzer_build` to:
1. Call `_create_repo_manager_for_project_src_path`
2. Call `_build_external_project_docker_image`

Change `InternalGeneric` implementation of `prepare_for_fuzzer_build` to:
1. Call `_detect_main_repo`
2. Call `_create_repo_manager_for_project_src_path`

Change `ExternalGithub` implementation of `prepare_for_fuzzer_build` to:
1. Call `_clone_repo_and_checkout`
2. Call `_build_external_project_docker_image`

Change `InternalGithub` implementation of `prepare_for_fuzzer_build` to:
1. Call `_detect_main_repo`
2. Call `_clone_repo_and_checkout`
 2021-11-01 02:59:44 +00:00