Commit Graph

5129 Commits

Author SHA1 Message Date
jonathanmetzman d8546a88b3
[infra] Mark more tests as integration (#4869) 2020-12-18 10:44:12 -08:00
jonathanmetzman c2165341d2
[presubmit] Support option to run on all files (#4870) 2020-12-18 10:43:22 -08:00
jonathanmetzman 2a1194c939
Improve CIFuzz tests (#4868)
1. Fix problem where permissions were being changed to root by non-root test (test was doing this by invoking test_all.py within docker).
2. Mark tests as integration tests so that cifuzz_test.py can be run in a reasonable amount of time.
3. Prevent some unittests from polluting source repo.
4. Add .venv to .gitignore
5. Rename test_test_all.py to the correctly formatted name "test_all_test.py"
2020-12-18 10:37:56 -08:00
tsdgeos 878612f603
Update the ghostscript used (#4866) 2020-12-18 10:21:59 -08:00
daviesrob 6ddb2b7bd0
Add recurse-submodules to htslib clone (#4867)
In anticipation of samtools/htslib#929 merge, which will add
a submodule, among other changes.  This will ensure fuzzing
continues to work both before and after the update.
2020-12-18 10:21:36 -08:00
Abhishek Arya f359fd010f Allow none in engine for infra/helper.py 2020-12-17 19:47:03 -08:00
Abhishek Arya 6718fb8bd6
Fix broken blackbox fuzzer projects. (#4865)
* Fix broken blackbox fuzzer projects.

Regression from
https://github.com/google/oss-fuzz/pull/4769/files

* Fix indent.
2020-12-17 16:29:11 -08:00
Evan Miller 0110bb7ab0
[mdbtools] Initial integration (#4860) 2020-12-17 13:46:36 -08:00
Daniel Novomeský d49345764d
Fix build scripts for kimageformats (#4864) 2020-12-17 13:23:50 -08:00
AdamKorcz b3f128912a
[Hiredis] Initial integration (#4822)
* [teleport] Initial integration

* Minor update to run tests again

* [Hiredis] Initial integration

* Added maintainer email and slightly updated the build script

* Removed empty line
2020-12-17 11:38:43 -08:00
Abhishek Arya e06d7f0412
Fix incorrect calculation with gcs path for backup corpus. (#4863)
Fixes https://github.com/google/oss-fuzz/issues/4857
2020-12-17 10:57:32 -08:00
Nick Wellnhofer 773e82c688
[cmark] Update options and auto_ccs (#4861)
Remove max_len and inactive auto_cc.
2020-12-17 10:09:55 -08:00
AdamKorcz 828ff46068
[ninja] Change maintainers email address (#4862)
* [teleport] Initial integration

* Minor update to run tests again

* Changed maintainers email address

* Minor fix
2020-12-17 10:08:40 -08:00
Google AutoFuzz Team 86002c1f47
Use only utf-8 for Pygments (#4859)
See https://github.com/pygments/pygments/issues/1628#issuecomment-747259224
2020-12-17 08:28:47 -08:00
AdamKorcz 77f468e95b
[ninja] Initial integration (#4807)
* [teleport] Initial integration

* Minor update to run tests again

* [ninja] Initial integration

* Small fix

* Updated Dockerfile

* Added main_repo

* Added maintainer email
2020-12-16 10:09:56 -08:00
Google AutoFuzz Team 22704c168e
Add BeautifulSoup (#4821)
* Add BeautifulSoup

BeautifulSoup is the standard to parse untrusted/invalid/weird
html in Python, so fuzzing it for unexpected exceptions and
infinite loops makes sense. Moreover,
it's using various parsers, with some of them written in C.

* Update the building script

* ValueError is also a valid exception
2020-12-16 08:51:44 -08:00
DavidKorczynski 724f5abdd2
rocksdb: fix build (#4855)
* rocksdb: fix build.

* Fix build.

* final build fix.
2020-12-16 08:50:43 -08:00
Georg Brandl 6ba895ed28
pygments: use my gmail account for reports (#4856) 2020-12-16 08:50:20 -08:00
Amit Patankar 825bbd8e1b
Ignore the AttrValues fuzzer for tensorflow (#4852)
Fix the build breakage caused by the AttrValues fuzzer in OSS. The target requires large artifacts to link against which are not optimal for OSS fuzzing.
2020-12-15 15:23:07 -08:00
Gerald Combs 963832587c
Wireshark: Update the repo URLs. (#4851)
* Wireshark: Update the repo URLs.

Wireshark's repository is at GitLab.

* Update project.yaml

Co-authored-by: Abhishek Arya <inferno@chromium.org>
2020-12-15 10:00:27 -08:00
Daniel Novomeský a4207919e6
Add AVIF format to kimageformats project (#4850)
* Add AVIF format to kimageformats project

* Update build.sh

Include license

Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
2020-12-15 08:49:23 -08:00
Google AutoFuzz Team 2356a68edd
Simplify a bit the pillow fuzzer (#4849) 2020-12-15 07:27:08 -08:00
Hugo van Kemenade 0c27417d22
Update Pillow contact email (#4846) 2020-12-15 06:14:53 -08:00
Janne Grunau cb55c8aee9
dav1d: fetch nasm from Ubuntu 20.04 LTS (focal) (#4830) 2020-12-15 05:51:30 -08:00
DavidKorczynski 04e6c02efe
pillow: update email (#4848) 2020-12-15 05:49:06 -08:00
Bhargava Shastry 59b3fb0a97
Solidity: Use custom sanitized gmp build (#4842) 2020-12-14 17:31:53 -08:00
Curtis Malainey 6d69c3d704
sound-open-firmware: add build files (#4527)
Initial build files for sound open firmware fuzzer
2020-12-14 15:40:07 -08:00
Michel Hollands 6a16527aee
Add myself to cc list (#4845)
Signed-off-by: Michel Hollands <michel.hollands@grafana.com>
2020-12-14 10:27:01 -08:00
Google AutoFuzz Team 625e3a190b
Add a proper contact for pygments' fuzzer (#4838)
See https://github.com/pygments/pygments/issues/1628#issuecomment-743346621
2020-12-14 07:44:49 -08:00
Google AutoFuzz Team 32dec5ae28
Add a corpus for pygments (#4840) 2020-12-14 07:05:37 -08:00
Google AutoFuzz Team 8287cf4081
Add a corpus for Pillow (#4841) 2020-12-14 07:04:18 -08:00
Alexander Bulekov 7b8f46f660
qemu: add Li to the auto_ccs (#4843)
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
2020-12-14 07:02:28 -08:00
Victor Costan 6af0e55ecd
leveldb: Fuzzer improvements. (#4837)
* Stop when opening a database fails. This will avoid null pointer
  dereferences.

* Use C++11 smart pointers for leveldb::DB and leveldb::Iterator. This
  makes it easier to ensure the fuzzer doesn't leak memory. No leak was
  detected while applying this fix.

* Use the FuzzedDataProvider API exclusively for consuming data. This
  makes it easier to ensure maximum fuzzer coverage.

* Avoid building unnecessary code (tests, benchmarks). This slightly
  reduces oss-fuzz resource usage.

* Use an enum class and FuzzedDataProvider::ConsumeEnum() instead of
  reimplementing it. This makes it easier to extend the fuzzer with new
  operations in the future.

* Use meaningful names (key, value, name) instead of tmp* for local
  variables storing leveldb API inputs.
2020-12-14 14:46:37 +11:00
Abhishek Arya 0f3d14845e
Fix symbolization for python targets. (#4836) 2020-12-13 15:07:28 -08:00
Sergey Lyubka a99bfe8500
Update build.sh (#4835) 2020-12-13 12:16:18 -08:00
dlorenc 0d45ca89ee
Update links and blog posts. (#4833) 2020-12-13 09:10:51 -08:00
Abhishek Arya fba71c70ca
Copy llvm-symbolizer in $OUT, needed for python targets. (#4832) 2020-12-12 18:58:59 -08:00
Richard Hughes 1ad593f5b5
fwupd: Initial integration for possible acceptance (#4823)
The fwupd daemon is a firmware installer deployed onto tens (hundreds?) of
millions of devices. It parses untrusted firmware blobs from OEMs, ODMs and
IHVs writing using dozens of different protocols.

See https://fwupd.org/ for a whole ton more details about the project.

Using the LVFS we've deployed at least 22 million updates in the last few years,
although that number could be a lot higher in reality as we allow the LVFS to
be anonymously mirrored and for fwupd to be run without phoning home.

We used to fuzz with afl but recently switched to honggfuzz which found an
additional 17 critical warnings or crashes. Hence my interest in oss-fuzz!

My actual email address richard@hughsie.com is aliased to the email address
given here, and I can confirm I'm the upstream maintainer. The github project
has 1.1k stars and 172 forks if that means anything in reality.

The fwupd project is used by almost all distributions, *including* ChromeOS.
2020-12-11 18:41:16 -08:00
Stefano Bonicatti 875a64db63
Ignore osquery cmake max version check (#4828)
Soon osquery will require that the version of CMake
is not equal or higher than 3.18.0.
We can ignore such requirement since we are not making packages.
See osquery/osquery#6801

Also remove unused sed replacements. Those settings are now the default
when not using the osquery toolchain.
2020-12-11 18:20:57 -08:00
Abhishek Arya 842281b9af
Add docs for main_repo (#4827)
Fixes https://github.com/google/oss-fuzz/issues/4825
2020-12-11 14:36:21 -08:00
Abhishek Arya 64b223a8e9
Fix pillow with new atheris changes. (#4826)
* Fix pillow with new atheris changes.

* Fix pillow in ubsan.
2020-12-11 14:35:43 -08:00
Abhishek Arya 0dd7aaca32
Fix atheris integration. (#4824) 2020-12-11 11:38:43 -08:00
Google AutoFuzz Team 25988ca5f1
Add a fuzzer for Pygments (#4794)
* Add a fuzzer for Pygments

While pygments doesn't use native code for fuzzing,
it's the defacto solution to highlight (untrusted) code,
so unexpected exceptions and timeouts are important.

* Make the fuzzer work

* Remove a useless LD_PRELOAD

* Add a missing "main_repo" field
2020-12-11 07:30:23 -08:00
AdamKorcz 1739f32088
[gitea] Initial integration (#4775)
* [teleport] Initial integration

* Minor update to run tests again

* [gitea] Initial integration

* Removed fuzzer

* Added primary contact

* Updated path of fuzzers

* Added main_repo
2020-12-10 18:41:49 -08:00
Bhargava Shastry 01bff561d7
solidity: Install libabicoder (#4818) 2020-12-10 13:28:07 -08:00
Abhishek Arya 95a7b67504
Add main_repo for some more projects. (#4819) 2020-12-10 08:15:05 -08:00
jonathanmetzman 96b8aad56a
[CIFuzz] Fix MSAN (#4812)
Use msan libs when building fuzzers with MSAN.
2020-12-10 06:24:48 -08:00
Sergey Lyubka 0fdf78b676
Change contact email for projects/mongoose (#4817) 2020-12-10 06:21:18 -08:00
Abhishek Arya 1d5a2cd84e
Fill in main_repo for several projects. (#4816)
* Fill in main_repo for several projects.

* Add some go repos.
2020-12-09 21:52:40 -08:00
Oliver Chang 84faf55729
Populate a bunch of main_repo values. (#4815)
Also enforce this for future integrations.
2020-12-10 09:49:27 +11:00