These additional fuzzers all pass the existing check_build heuristics.
In the future, they would probably benefit from an input grammar file or corpus.
1. Ensure targets are re-linked after re-compiling libfuzzer_entry.o
2. Don't rely on LIBS to link libfuzzer_entry.o correctly (cannot
reproduce bot build failure, but log suggests this is the issue).
This should help to get rid of the "WARNING: corpus for systemd_afl-showmap not found:"
messages (that are harmless but confusing a bit). In general _get_fuzz_targets
should probably be in sync with ./infra/base-images/base-runner/test_all (where a file
is considered a fuzz target if grep can find "ELF" in it and so on).
* Add protobuf target prototype
* Generalized architecture and added message stubs for future enhancements
* Added fine grained conversion of global/local color tables, LSD and image data
* Added conversion of extensions
* Flagged important TODOs
* Address important todos and add converter for GraphicControlExtension
* Minor bugfix: m_hasLct now reset for every image
* Fixed minor bugs and added GCExt to plaintext chunk
* Minor change to bug fix just for clarity
* Refactoring and add fuzz_dgif_extended
Refactor the code so that both targets import from dgif_fuzz_common.
Also add fuzz_dgif_extended, which exercises more functionality
of giflib
* Added minor comment
* Add new function that is a replica of Android JNI code
* Minor fix
* print errors (covers gif_err.c)
* bug fix in printing and disable it
* bug fix in printing error desc
* Add version variants to header message
* Add draw function from gif_font.c
* Remove LIB_FUZZING_ENGINE from compilation step and add GifDrawText8x8 API to custom fuzz harness
* WIP
* WIP
* WIP
* WIP
* WIP
* WIP
* Remove unnecessary loop
* Small bugfix: x is no longer unitialized
* Change to consistent formatting
* Fix bug that caused build failure
* Import the double-conversion fuzz target into OSS-Fuzz. double-conversion is a V8 library for computing and parsing string representations of floating point numbers.
* [cryptofuzz] EverCrypt: Don't explicitly allow AVX instructions
Recent crashes involving EverCrypt were found to be caused by
AVX instructions in the EverCrypt library. The Makefile explicitly
allowed the use of AVX instructions via hardcoded CFLAGS. The authors
have released a new version that should resolve this problem.
* [cryptofuzz, bignum-fuzzer] Revert to default OpenSSL build method
Reverts the workaround for OpenSSL broken build script, which is
now fixed.
* [cryptofuzz] Compile with -D_GLIBCXX_DEBUG (runtime C++ UB checks)
ARCHIVE_EOF and ARCHIVE_FATAL are the only valid exit codes
ARCHIVE_RETRY should read to re-entering the loop
All other codes (ARCHIVE_OK, ARCHIVE_WARN, ARCHIVE_FAILED) do not prohibit
the caller from reading data and next headers.
This behavior is identical with bsdtar (tar/read.c) and enables better
discovery of possible bugs by fuzzing.
10% is an absolutely sensible default in general especially for single-purpose
libraries like json-parsers. When large "umbrella" projects (like systemd) are
fuzzed with 30 fuzzers (and counting (hopefully :-)) covering code scattered all
over their repositories it's too easy to introduce a broken fuzzer or break a couple
of fuzzers accidentally even after running `check_build`. Waiting for two to three
days for ClusterFuzz to open an issue isn't ideal from the point of view of large
open-source project maintainers (where generally contributors come and go) so one
solution would be to run something like when PRs are opened
```sh
helper.py check_build ALLOWED_BROKEN_TARGETS_PERCENTAGE=0 ...
```
and catch issues as early as possible (and fix them while the context isn't
completely faded away).
I also considered changing this with `sed` and rebuilding `base-images/base-runner`
locally but it takes too much time, looks too kludgy (even to me) and is likely to be broken
in a week or so :-)
Max Moroz