* Removes the `: ` prefix in our previous pattern to capture case ii and reduce false negatives:
1. Our previous pattern (i.e. `: Syntax error`) is designed to reduce false positives, but it relies on `dash` to print out an error message within one `write` syscall. E.g. `sh: 1: Syntax error: "invalid_command" unexpected`.
2. In some cases, `dash` breaks the message into multiple `write` syscalls. E.g. it invokes 2 `writes` whose buffers respectively contain `sh: 1:`, ` Syntax error: "invalid_command" unexpected`.
* Fix outdated wording
* A TODO about using more specific patterns of error messages
* opencv: new Fuzzer for readNetFromTensorflow
* Add license.
* Fix. Use buffer instead of filepath to call readNetFromTensorflow.
* Fix. Fuzzing only readNetFromTensorflow function.
* Remove redundant tripwire from Makefile
* Detect shell corruption based on syntax errors
* Type, name, format, typo, etc.
* Error pattern matching logic
* clang-format
* Code structure fix
* Extend the pathname length of shell to be safe
* Remove redundant operations on memory read from regs
* More specific patterns
* Identify sh
* Remove redudant substr
* Document shell corruption in README.md
* Clang-format
* Organise printf/debug_log/cerr
* Remove a completed TODO
* Use readlink instead of `file`
* Clang-format
It should make it easier to figure out why exactly
`./infra/helper.py check_build project fuzz-target` fails
by turning
```
INFO: performing bad build checks for /tmp/not-out/tmpa4lph9dr/fuzz-bus-message
ERROR:root:Check build failed.
```
into something like
```
INFO: performing bad build checks for /tmp/not-out/tmpa4lph9dr/fuzz-bus-message
BAD BUILD: /tmp/not-out/tmpa4lph9dr/fuzz-bus-message seems to have either startup crash or exit:
/tmp/not-out/tmpa4lph9dr/fuzz-bus-message -rss_limit_mb=2560 -timeout=25 -seed=1337 -runs=4 < /dev/null
/tmp/not-out/tmpa4lph9dr/fuzz-bus-message: error while loading shared libraries: libcap.so.2: cannot open shared object file: No such file or directory
ERROR:root:Check build failed.
```
* execSan: Follow forks.
- ptrace all child processes.
- Look for execve() calls with /tmp/tripwire as the first argument.
There's no need for it to actually run.
- Convert to C++.
* remove ununused tripwire code
* comments
KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. It is a CNCF project that is being used by several large and publicly traded companies in China includig Huawei and Raisecom.
A non-exhaustive list of adopters can be found here: https://github.com/kubeedge/kubeedge/blob/master/ADOPTERS.md
CNCF profile: https://www.cncf.io/projects/kubeedge/
* An attempt to detect shell injection with ptrace
* Relocate sanitizer files
* Add headers and file descriptions
* Better cleanup
* Name and analogy
* TODOs
* safer cleanup
* More descriptive name
* More descriptive README.md
* More descriptive file names
* One more TODOs
* infra: use only valid targets for python coverage
Some python coverage reports gets clobbered because non-fuzz targets are
included in FUZZ_TARGETS. The consequence of this is that some reports
will have erroneous data. This commit ensures only valid targets are
used when running coverage, which consequently fixes the reports.
* Move executable logic into python fuzzer builder instead
1. Make sure we build base images again.
2. Make sure we handle multiple build types properly.
3. Return nonzero on failure.
4. Make a better attempt at introspector builds.
Related: https://github.com/google/oss-fuzz/issues/7726
DavidKorczynski