It should make it easier to figure out why exactly
`./infra/helper.py check_build project fuzz-target` fails
by turning
```
INFO: performing bad build checks for /tmp/not-out/tmpa4lph9dr/fuzz-bus-message
ERROR:root:Check build failed.
```
into something like
```
INFO: performing bad build checks for /tmp/not-out/tmpa4lph9dr/fuzz-bus-message
BAD BUILD: /tmp/not-out/tmpa4lph9dr/fuzz-bus-message seems to have either startup crash or exit:
/tmp/not-out/tmpa4lph9dr/fuzz-bus-message -rss_limit_mb=2560 -timeout=25 -seed=1337 -runs=4 < /dev/null
/tmp/not-out/tmpa4lph9dr/fuzz-bus-message: error while loading shared libraries: libcap.so.2: cannot open shared object file: No such file or directory
ERROR:root:Check build failed.
```
* execSan: Follow forks.
- ptrace all child processes.
- Look for execve() calls with /tmp/tripwire as the first argument.
There's no need for it to actually run.
- Convert to C++.
* remove ununused tripwire code
* comments
KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. It is a CNCF project that is being used by several large and publicly traded companies in China includig Huawei and Raisecom.
A non-exhaustive list of adopters can be found here: https://github.com/kubeedge/kubeedge/blob/master/ADOPTERS.md
CNCF profile: https://www.cncf.io/projects/kubeedge/
* An attempt to detect shell injection with ptrace
* Relocate sanitizer files
* Add headers and file descriptions
* Better cleanup
* Name and analogy
* TODOs
* safer cleanup
* More descriptive name
* More descriptive README.md
* More descriptive file names
* One more TODOs
* infra: use only valid targets for python coverage
Some python coverage reports gets clobbered because non-fuzz targets are
included in FUZZ_TARGETS. The consequence of this is that some reports
will have erroneous data. This commit ensures only valid targets are
used when running coverage, which consequently fixes the reports.
* Move executable logic into python fuzzer builder instead
1. Make sure we build base images again.
2. Make sure we handle multiple build types properly.
3. Return nonzero on failure.
4. Make a better attempt at introspector builds.
Related: https://github.com/google/oss-fuzz/issues/7726
In PR #7687 I tried to add a define by adding it to CFLAGS, but that
didn't work without rerunning configure. By adding the define to
config.h, rerunning configure is not necessary
* bad_example: make fuzz-introspector work and fix build
Makes fuzz-introspector work with the bad_example project. This was
brought up as an issue on the fuzz-introspector repo.
Ref: https://github.com/ossf/fuzz-introspector/issues/257
* Add license to satisfy OSS-Fuzz
* add license to build.sh
The current implementation will append rather than overwrite
coverage_wrapper.py which holds the coverage stub. The effect of the
appending is that the coverage_wrapper.py will include X amount of
coverage stubs when a project has X amount of fuzzers. We just need a
single coverage stub at the top of each fuzzer. This ensure we only add
a single coverage stub.
DavidKorczynski